symfony - FOSUserBundle: no "Bad credentials" error when overriding the SecurityController (login): -
i have followed instructions override controller in fosuserbundle here.
in case want override login controller have created new bundle called userbundle , securitycontroller below (as can check have copied original securitycontroller methods).
namespace userbundle\controller; use symfony\component\httpfoundation\jsonresponse; use symfony\bundle\frameworkbundle\controller\controller; use symfony\component\httpfoundation\request; use symfony\component\security\core\security; class securitycontroller extends controller { public function loginaction(request $request) { die("here entering when showing login form , when submitting it"); /** @var $session \symfony\component\httpfoundation\session\session */ $session = $request->getsession(); if (class_exists('\symfony\component\security\core\security')) { $autherrorkey = security::authentication_error; $lastusernamekey = security::last_username; } else { // bc sf < 2.6 $autherrorkey = securitycontextinterface::authentication_error; $lastusernamekey = securitycontextinterface::last_username; } // error if (works forward , redirect -- see below) if ($request->attributes->has($autherrorkey)) { $error = $request->attributes->get($autherrorkey); } elseif (null !== $session && $session->has($autherrorkey)) { $error = $session->get($autherrorkey); $session->remove($autherrorkey); } else { $error = null; } if (!$error instanceof authenticationexception) { $error = null; // value not come security component. } // last username entered user $lastusername = (null === $session) ? '' : $session->get($lastusernamekey); if ($this->has('security.csrf.token_manager')) { $csrftoken = $this->get('security.csrf.token_manager')->gettoken('authenticate')->getvalue(); } else { // bc sf < 2.4 $csrftoken = $this->has('form.csrf_provider') ? $this->get('form.csrf_provider')->generatecsrftoken('authenticate') : null; } return $this->renderlogin(array( 'last_username' => $lastusername, 'error' => $error, 'csrf_token' => $csrftoken, )); } /** * renders login template given parameters. overwrite function in * extended controller provide additional data login template. * * @param array $data * * @return \symfony\component\httpfoundation\response */ protected function renderlogin(array $data) { return $this->render('fosuserbundle:security:login.html.twig', $data); } public function checkaction() { throw new \runtimeexception('you must configure check path handled firewall using form_login in security firewall configuration.'); } public function logoutaction() { throw new \runtimeexception('you must activate logout in security firewall configuration.'); } } userbundle.php
namespace userbundle; use symfony\component\httpkernel\bundle\bundle; class userbundle extends bundle { public function getparent() { return 'fosuserbundle'; } } the problem: after submittting login form shown @ /login, don't error bad credentials when credentials bad.
here security.yml file:
security: encoders: fos\userbundle\model\userinterface: bcrypt role_hierarchy: role_admin: role_user role_super_admin: role_admin providers: fos_userbundle: id: fos_user.user_provider.username firewalls: main: pattern: ^/ form_login: provider: fos_userbundle csrf_token_generator: security.csrf.token_manager # if using symfony < 2.8, use following config instead: # csrf_provider: form.csrf_provider logout: true anonymous: true access_control: - { path: ^/login$, role: is_authenticated_anonymously } - { path: ^/register, role: is_authenticated_anonymously } - { path: ^/resetting, role: is_authenticated_anonymously } - { path: ^/admin/, role: role_admin } note: debugging inside loginaction @ line comment // last username entered user is, value of $error null.
my fault: using template not showing errors.
Comments
Post a Comment