Hi Roger,
Thanks for the response.
I do have the _username and _password fields in my form, and the
action of the form is pointing to the "_security_check" route.
I'm using the Doctrine UserProvider.
I have tried the routing config without the controller, and I just get
the following error:
Unable to find the controller for path "/login_check". Maybe you
forgot to add the matching route in your routing configuration?
Here's all the configuration that I think is relevant. Please let me
know if you need anything else:
# app/config/security.yml
security:
access_denied_url: /error403
providers:
entity:
entity: { class: UserBundle:User, property: username }
firewalls:
main:
form_login: true
logout: true
# UserBundle/Resources/config/routing.yml
_security_login:
pattern: /login
defaults: { _controller: UserBundle:Security:login }
_security_check:
pattern: /login_check
# UserBundle/Controller/SecurityController.php
class SecurityController extends Controller {
public function loginAction() {
$request = $this->get('request');
if ($request->attributes-
>has(SecurityContext::AUTHENTICATION_ERROR)) {
$error = $request->attributes-
>get(SecurityContext::AUTHENTICATION_ERROR);
} else {
$error = $request->getSession()-
>get(SecurityContext::AUTHENTICATION_ERROR);
}
return $this->render('UserBundle:security:login.html.php', array(
// last username entered by the user
'_username' => $this->get('request')->getSession()-
>get(SecurityContext::LAST_USERNAME),
'error' => $error,
));
}
}
# UserBundle/Resources/views/security/login.html.php
<?php $view->extend('::base.html.php'); ?>
<?php if (isset($error)) { ?>
<div><?php echo $view->escape($error->getMessage()) ?></div>
<?php } ?>
<form action="<?php echo $view['router']->generate('_security_check') ?
>" method="post">
<label for="username">Username:</label>
<input type="text" id="username" name="_username" value="<?php
echo $view->escape($_username) ?>" />
<label for="password">Password:</label>
<input type="password" id="password" name="_password" />
<input type="checkbox" id="remember_me" name="_remember_me"
value="on" />
<label for="remember_me">Remember Me</label>
<input type="submit" name="login" />
</form>
On Mar 4, 12:09 pm, Roger Webb <[email protected]> wrote:
> First of all, lose the controller argument on your security check
> route. There is no "checkAction" needed. Symfony handles checking the
> password and forwarding to the appropriate route.
>
> If you're using form authentication you need a textfield named
> "_username" and one named "_password". The "action" for your form
> should be the "check_path" specified in your configuration. If you
> don't specify one "/login/check" is the default I think.
>
> What UserProvider are you using? I'm set up using Doctrine Entity and
> can help you further with that for sure.
>
> Some more insight into your configuration would help me help you
> better.
>
> Cheers.
>
> Roger
>
> On Mar 4, 7:51 am, Donald <[email protected]> wrote:
>
>
>
>
>
>
>
> > Here's some more info on what I'm trying to accomplish:
>
> > #UserBundle/Resources/config/routing.yml
> > _security_login:
> > pattern: /login
> > defaults: { _controller: UserBundle:Security:login }
>
> > _security_check:
> > pattern: /login_check
> > defaults: { _controller: UserBundle:Security:check }
>
> > #UserBundle/Controller/SecurityController.php
> > class SecurityController extends Controller {
>
> > public function loginAction($_format) {
> > $request = $this->get('request');
>
> > if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
>
> > $error =
> > $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
>
> > } else {
> > $error =
> > $request->getSession()->get(SecurityContext::AUTHENTICATION_ERROR);
>
> > }
>
> > return $this->render('UserBundle:user:login.' . $_format . '.php',
> > array(
> > // last username entered by the user
> > '_username' =>
> > $this->get('request')->getSession()->get(SecurityContext::LAST_USERNAME),
>
> > 'error' => $error,
> > ));
> > }
>
> > public function checkAction() {
> > // what goes here?
> > }
>
> > }
>
> > Do I even need the checkAction method? If so, how do I authenticate
> > the user? If I don't need the checkAction method, how exactly do I
> > authenticate a user?
>
> > On Mar 3, 4:29 pm, Donald <[email protected]> wrote:
>
> > > Unfortunately the authentication docs there aren't updated at all.
>
> > > So I'm still looking for advice...
>
> > > On Mar 3, 3:18 pm, Donald <[email protected]> wrote:
>
> > > > I wasn't aware that was on github. I'll go check it out immediately.
>
> > > > Thanks!
>
> > > > On Mar 3, 3:07 pm, olimination <[email protected]> wrote:
>
> > > > > Hi,
>
> > > > > I sometimes use the master documentation on GitHub and there you find
> > > > > some updated documentations:
>
> > > > >https://github.com/symfony/symfony-docs
>
> > > > > greets,
> > > > > Oli
>
> > > > > On Mar 3, 8:38 pm, Donald <[email protected]> wrote:
>
> > > > > > Hi,
>
> > > > > > I'm working with the master branch of the Symfony 2 sandbox, and I'm
> > > > > > trying to get user authentication to work. Obviously things have
> > > > > > changed a great deal since the last preview release, so I'm hoping
> > > > > > to
> > > > > > get some pointers.
>
> > > > > > I've managed to get everything setup to the point where I'm being
> > > > > > redirected to the /login_check url. I got the impression from the
> > > > > > Symfony Reloaded docs that I don't actually have to authenticate the
> > > > > > user myself, and that it would be handled automatically by the
> > > > > > framework. It doesn't seem to be working that way in practice
> > > > > > though.
>
> > > > > > Do I need to authenticate the user myself by implementing an action
> > > > > > for the /login_check URL, and if so, how exactly do I do that?
> > > > > > SecurityContext getUser() method doesn't seem to exist anymore, and
> > > > > > I've been digging around the source code all day with no luck.
>
> > > > > > Thank in advance for any help.
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
