# To get started with security, check out the documentation:# http://symfony.co

1. # To get started with security, check out the documentation:
2. # http://symfony.com/doc/current/book/security.html
3. security:
4. encoders:
5. AppBundleEntityUsers: bcrypt
6. AppBundleEntityAdmin: bcrypt
7.  
8. # http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
9. providers:
10. chain_provider:
11. chain:
12. providers: [admin, users]
13. users:
14. entity:
15. class: AppBundle:Users
16. property: username
17. admin:
18. entity:
19. class: AppBundle:Admin
20. property: username
21.  
22. firewalls:
23. # disables authentication for assets and the profiler, adapt it according to your needs
24. user_secured_area:
25. pattern: ^/
26. anonymous: ~
27. provider: chain_provider
28. form_login:
29. login_path: login_user
30. check_path: login_user
31. csrf_token_generator: security.csrf.token_manager
32. default_target_path: /
33. logout:
34. path: /logout
35. target: /
36.  
37. access_control:
38. # require ROLE_ADMIN for /admin*
39. - { path: ^/admin, roles: ROLE_ADMIN }
40.  
41. parameters:
42. # parameter_name: value
43.  
44. services:
45. # service_name:
46. # class: AppBundleDirectoryClassName
47. # arguments: ["@another_service_name", "plain_value", "%parameter_name%"]
48. app.user_locale_listener:
49. class: AppBundleEventListenerUserLocaleListener
50. arguments: ['@session']
51. tags:
52. - { name: kernel.event_listener, event: security.interactive_login, method: onInteractiveLogin }
53.  
54. app:
55. resource: "@AppBundle/Controller/"
56. type: annotation
57.  
58. logout:
59. path: /logout
60.  
61. <?php
62.  
63. namespace AppBundleEntity;
64.  
65. use DoctrineORMMapping as ORM;
66. use DoctrineCommonCollectionsArrayCollection;
67. use SymfonyComponentValidatorConstraints as Assert;
68. use SymfonyComponentSecurityCoreUserUserInterface;
69. use SymfonyBridgeDoctrineValidatorConstraintsUniqueEntity;
70.  
71.  
72.  
73. /**
74. * @ORMEntity
75. * @ORMTable(name="users")
76. * @ORMEntity(repositoryClass="UsersRepository")
77. * @UniqueEntity("username")
78. * @UniqueEntity("email")
79. */
80. class Users implements UserInterface, Serializable
81. {
82. /**
83. * @ORMColumn(type="integer")
84. * @ORMId
85. * @ORMGeneratedValue(strategy="AUTO")
86. */
87. private $id;
88.  
89. /**
90. * @ORMColumn(type="text")
91. * @AssertNotBlank()
92. */
93. private $name;
94.  
95. /**
96. * @ORMColumn(type="text")
97. * @AssertNotBlank()
98. */
99. private $lastname;
100.  
101. /**
102. * @ORMColumn(type="text")
103. * @AssertNotBlank()
104. */
105. private $username;
106.  
107. /**
108. * @ORMColumn(type="string", length=255, unique=true)
109. * @AssertNotBlank()
110. * @AssertEmail()
111. */
112. private $email;
113.  
114. /**
115. *
116. * @AssertLength(max=4096)
117. */
118. private $plainPassword;
119.  
120. /**
121. *
122. * @ORMColumn(type="string", length=64)
123. */
124. private $password;
125.  
126. /**
127. * @ORMColumn(type="text")
128. * @AssertNotBlank()
129. */
130. private $language;
131.  
132. /**
133. * @ORMColumn(type="boolean")
134. */
135. private $isActive;
136.  
137.  
138. /*****************
139. * Users constructor.
140. */
141. public function __construct() {
142. $this->language = 'es';
143. $this->isActive = true;
144. }
145.  
146. /**
147. * @return mixed
148. */
149. public function getId()
150. {
151. return $this->id;
152. }
153.  
154. /**
155. * @param mixed $id
156. */
157. public function setId($id)
158. {
159. $this->id = $id;
160. }
161.  
162. /**
163. * @return mixed
164. */
165. public function getName()
166. {
167. return $this->name;
168. }
169.  
170. /**
171. * @param mixed $name
172. */
173. public function setName($name)
174. {
175. $this->name = $name;
176. }
177.  
178. /**
179. * @return mixed
180. */
181. public function getLastname()
182. {
183. return $this->lastname;
184. }
185.  
186. /**
187. * @param mixed $lastname
188. */
189. public function setLastname($lastname)
190. {
191. $this->lastname = $lastname;
192. }
193.  
194. /**
195. * @return mixed
196. */
197. public function getUsername()
198. {
199. return $this->username;
200. }
201.  
202. /**
203. * @param mixed $username
204. */
205. public function setUsername($username)
206. {
207. $this->username = $username;
208. }
209.  
210. /**
211. * @return mixed
212. */
213. public function getEmail()
214. {
215. return $this->email;
216. }
217.  
218. /**
219. * @param mixed $email
220. */
221. public function setEmail($email)
222. {
223. $this->email = $email;
224. }
225.  
226. /**
227. * @return mixed
228. */
229. public function getPlainPassword()
230. {
231. return $this->plainPassword;
232. }
233.  
234. /**
235. * @param mixed $plainPassword
236. */
237. public function setPlainPassword($plainPassword)
238. {
239. $this->plainPassword = $plainPassword;
240. }
241.  
242. /**
243. * @return mixed
244. */
245. public function getPassword()
246. {
247. return $this->password;
248. }
249.  
250. /**
251. * @param mixed $password
252. */
253. public function setPassword($password)
254. {
255. $this->password = $password;
256. }
257.  
258. /**
259. * @return mixed
260. */
261. public function getLanguage()
262. {
263. return $this->language;
264. }
265.  
266. /**
267. * @param mixed $language
268. */
269. public function setLanguage($language)
270. {
271. $this->language = $language;
272. }
273.  
274. /**
275. * @return mixed
276. */
277. public function getIsActive()
278. {
279. return $this->isActive;
280. }
281.  
282. /**
283. * @param mixed $isActive
284. */
285. public function setIsActive($isActive)
286. {
287. $this->isActive = $isActive;
288. }
289.  
290. //implementaciones de la interface
291.  
292. public function getSalt()
293. {
294. // you *may* need a real salt depending on your encoder
295. // see section on salt below
296. return null;
297. }
298.  
299. public function getRoles()
300. {
301. return array('ROLE_USER');
302. }
303.  
304. public function eraseCredentials()
305. {
306. }
307.  
308. /** @see Serializable::serialize() */
309. public function serialize()
310. {
311. return serialize(array(
312. $this->id,
313. $this->username,
314. $this->password,
315. $this->isActive,
316. ));
317. }
318.  
319. /** @see Serializable::unserialize() */
320. public function unserialize($serialized)
321. {
322. list (
323. $this->id,
324. $this->username,
325. $this->password,
326. $this->isActive,
327. ) = unserialize($serialized);
328. }
329. }
330.  
331. <?php
332. /**
333. * Created by PhpStorm.
334. * User: tureey
335. * Date: 05/09/16
336. * Time: 13:35
337. */
338.  
339. namespace AppBundleController;
340.  
341.  
342. use AppBundleEntityAdmin;
343. use AppBundleEntityUsers;
344. use AppBundleFormAdminFormType;
345. use AppBundleFormUserFormType;
346. use SymfonyComponentHttpFoundationRequest;
347. use SensioBundleFrameworkExtraBundleConfigurationRoute;
348. use AppBundleControllerBaseController;
349. use SymfonyComponentHttpFoundationJsonResponse;
350.  
351.  
352. class SecurityController extends BaseController
353. {
354.  
355. /**
356. * @Route("/signup", name="signup")
357. * @param Request $request
358. * @return response
359. */
360. public function guardarUser(Request $request)
361. {
362. $user = new Users();
363.  
364. $em = $this->getDoctrine()->getManager();
365.  
366. $em->persist($user);
367.  
368. $form = $this->createForm(UserFormType::class, $user);
369.  
370. $form->handleRequest($request);
371.  
372. if($form->isSubmitted() && $form->isValid()){
373. $password = $this->get('security.password_encoder')->encodePassword($user, $user->getPlainPassword());
374. $user->setPassword($password);
375. $em = $this->getDoctrine()->getManager();
376. $em->flush();
377.  
378. return $this->redirectToRoute('signup');
379. }
380.  
381. $this->addData('formUser', $form->createView());
382. return $this->render('AppBundle:signup:signup.html.twig', $this->getData());
383. }
384.  
385. /**
386. * @Route("/login", name="login_user")
387. * @param Request $request
388. * @return SymfonyComponentHttpFoundationResponse
389. */
390. public function showLogin(Request $request)
391. {
392. $authenticationUtils = $this->get('security.authentication_utils');
393.  
394. // get the login error if there is one
395. $error = $authenticationUtils->getLastAuthenticationError();
396.  
397. // last username entered by the user
398. $lastUsername = $authenticationUtils->getLastUsername();
399.  
400. $this->addData('last_username', $lastUsername);
401. $this->addData('error', $error);
402. return $this->render('AppBundle:login:login.html.twig', $this->getData());
403. }
404. }
405.  
406. <div id="signupForm" class="row">
407. {% if error %}
408. <div>{{ error.messageKey|trans(error.messageData, 'security') }}</div>
409. {% endif %}
410.  
411. {% if last_username %}
412. {{ last_username }}
413. {% endif %}
414.  
415. <!-- Formulario para iniciar sesión -->
416. <form action="{{ path('login_user') }}" method="post">
417. <div class="row">
418. <div class="input-field col s12">
419. <input type="text" id="username" name="_username" value="{{ last_username }}" />
420. <label for="username">Nombre usuario</label>
421. </div>
422. </div>
423.  
424. <div class="row">
425. <div class="input-field col s12">
426. <input type="password" id="password" name="_password" />
427. <label for="password">Constraseña</label>
428. </div>
429. </div>
430.  
431. <input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
432.  
433. <input type="submit" value="Accede">
434. </form>
435.  
436. <!-- ¿Has olvidado el password? -->
437. <p id="forgotPassword"><a href="/login">¿Se te ha olvidado el nombre de usuario o la contraseña?</a></p>
438.  
439. <!-- Redirige a /signup -->
440. <p id="tienesCuenta">¿No tienes cuenta? <a href="/signup">Registrate</a></p>
441.  
442. <!-- Linia gris que divide -->
443. <div class="divider"></div>
444.  
445. <!-- Aceptas los terminos y politicas de privacidad -->
446. <p id="terminos">Si haces click en iniciar sesión con Facebook/Gmail y no eres usuario de My appLibrary, pasarás a estar registrado y aceptas los <a href="/terminos">Términos y condiciones</a>
447. y la <a href="politicas">Política de privacidad</a>de My appLibrary.</p>
448. </div>