Login формата не работи

Във форума е въведено ограничение, което позволява на потребителите единствено да разглеждат публикуваните въпроси.

Martina_Shebova 10 Точки

Login формата не работи

Здравейте,

логина ми не работи, гледах какво се случва като се опитам да се логна в файла dev.log и там изписва следната грешка:

security.INFO: Authentication request failed. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\BadCredentialsException(code: 0): Bad credentials. at C:\\Users\\User\\Desktop\\Mars_BattleGround_2031\\vendor\\symfony\\symfony\\src\\Symfony\\Component\\Security\\Core\\Authentication\\Provider\\UserAuthenticationProvider.php:90, Symfony\\Component\\Security\\Core\\Exception\\BadCredentialsException(code: 0): The presented password is invalid. at C:\\Users\\User\\Desktop\\Mars_BattleGround_2031\\vendor\\symfony\\symfony\\src\\Symfony\\Component\\Security\\Core\\Authentication\\Provider\\DaoAuthenticationProvider.php:67)"} []

Security Controller:

<?php

namespace MarsGameBundle\Controller;

use MarsGameBundle\Entity\Player;
use MarsGameBundle\Form\PlayerType;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Symfony\Component\HttpFoundation\Request;

/**
 * Controller used to manage the application security.
 * See http://symfony.com/doc/current/cookbook/security/form_login_setup.html.
 *
 * @author Ryan Weaver <weaverryan@gmail.com>
 * @author Javier Eguiluz <javier.eguiluz@gmail.com>
 */
class SecurityController extends Controller
{
    /**
     * @Route("/login", name="security_login")
     */
    public function loginAction()
    {
        return $this->render('security/login.html.twig');
    }

    /**
     * This is the route the user can use to logout.
     *
     * But, this will never be executed. Symfony will intercept this first
     * and handle the logout automatically. See logout in app/config/security.yml
     *
     * @Route("/logout", name="security_logout")
     */
    public function logoutAction()
    {
        throw new \Exception('This should never be reached!');
    }
}

Security.yml

security:
    encoders:
        # Our user class and the algorithm we'll use to encode passwords
        # http://symfony.com/doc/current/book/security.html#encoding-the-user-s-password
        MarsGameBundle\Entity\Player: bcrypt

    providers:
        # in this example, users are stored via Doctrine in the database
        # To see the users at src/AppBundle/DataFixtures/ORM/LoadFixtures.php
        # To load users from somewhere else: http://symfony.com/doc/current/cookbook/security/custom_provider.html
        database_users:
            entity: { class: MarsGameBundle:Player, property: username }

    # http://symfony.com/doc/current/book/security.html#firewalls-authentication
    firewalls:
        secured_area:
            # this firewall applies to all URLs
            pattern: ^/

            # but the firewall does not require login on every page
            # denying access is done in access_control or in your controllers
            anonymous: true

            # This allows the user to login by submitting a username and password
            # Reference: http://symfony.com/doc/current/cookbook/security/form_login_setup.html
            form_login:
                # The route name that the login form submits to
                check_path: security_login
                # The name of the route where the login form lives
                # When the user tries to access a protected page, they are redirected here
                login_path: security_login
                # Secure the login form against CSRF
                # Reference: http://symfony.com/doc/current/cookbook/security/csrf_in_login_form.html
                csrf_token_generator: security.csrf.token_manager

            logout:
                # The route name the user can go to in order to logout
                path: security_logout
                # The name of the route to redirect to after logging out
                target: home_index


    access_control:
        # this is a catch-all for the admin area
        # additional security lives in the controllers
#        - { path: '^/(%locale%)/admin', roles: ROLE_ADMIN }

security:
    encoders:
        # Our user class and the algorithm we'll use to encode passwords
        # http://symfony.com/doc/current/book/security.html#encoding-the-user-s-password
        MarsGameBundle\Entity\Player: bcrypt

    providers:
        # in this example, users are stored via Doctrine in the database
        # To see the users at src/AppBundle/DataFixtures/ORM/LoadFixtures.php
        # To load users from somewhere else: http://symfony.com/doc/current/cookbook/security/custom_provider.html
        database_users:
            entity: { class: MarsGameBundle:Player, property: username }

    # http://symfony.com/doc/current/book/security.html#firewalls-authentication
    firewalls:
        secured_area:
            # this firewall applies to all URLs
            pattern: ^/

            # but the firewall does not require login on every page
            # denying access is done in access_control or in your controllers
            anonymous: true

            # This allows the user to login by submitting a username and password
            # Reference: http://symfony.com/doc/current/cookbook/security/form_login_setup.html
            form_login:
                # The route name that the login form submits to
                check_path: security_login
                # The name of the route where the login form lives
                # When the user tries to access a protected page, they are redirected here
                login_path: security_login
                # Secure the login form against CSRF
                # Reference: http://symfony.com/doc/current/cookbook/security/csrf_in_login_form.html
                csrf_token_generator: security.csrf.token_manager

            logout:
                # The route name the user can go to in order to logout
                path: security_logout
                # The name of the route to redirect to after logging out
                target: home_index


    access_control:
        # this is a catch-all for the admin area
        # additional security lives in the controllers
#        - { path: '^/(%locale%)/admin', roles: ROLE_ADMIN }

Прочетох в Интернет, че понякога тази грешка е от дължината на паролата, но при различен алгоритъм за криптиране. Дължината на колоната с паролата е VARCHAR 255.

Тагове:

13/12/2016 16:39:16 PHP Web Development

RoYaL Trainer 6849 Точки

А записите в базата криптирани ли са? Дай да видим регистрацията

13/12/2016 17:13:42

Martina_Shebova 10 Точки

В базата влизат криптирани. Ето кода на регистрацията:

namespace MarsGameBundle\Controller;

use MarsGameBundle\Entity\Building;
use MarsGameBundle\Entity\GameResource;
use MarsGameBundle\Entity\City;
use MarsGameBundle\Entity\CityBuildings;
use MarsGameBundle\Entity\CityResource;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
use MarsGameBundle\Entity\Player;
use MarsGameBundle\Form\PlayerType;
use MarsGameBundle\Repository\PlayerRepository;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;

/**
 * Class PlayerController
 * @package MarsGameBundle\Controller
 * @Security("is_granted('IS_AUTHENTICATED_FULLY')")
 */
class PlayerController extends CityController
{
    const MIN_COORDINATE_X = 0;
    const MAX_COORDINATE_X = 1000;

    const MIN_COORDINATE_Y = 0;
    const MAX_COORDINATE_Y = 1000;

    const NUMBER_OF_CITIES_EVERY_PLAYER_STARTS_WITH = 3;

    const AMOUNT_OF_RESOURCES_EVERY_PLAYER_STARTS_WITH = 5000;


    /**
     * @Route("/register", name="user_register")
     * @Security("is_granted('IS_AUTHENTICATED_ANONYMOUSLY')")
     * @param Request $request
     * @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
     */
    public function registerAction(Request $request)
    {
        // 1) build the form
        $player = new Player();
        $form = $this->createForm(PlayerType::class, $player);

        // 2) handle the submit (will only happen on POST)
        $form->handleRequest($request);

        if ($form->isSubmitted() && $form->isValid()) {

            // 3) Encode the password (you could also do this via Doctrine listener)
            $password = $this->get('security.password_encoder')
                ->encodePassword($player, $player->getPassword());
            $player->setPassword($password);

            $getRequest = $request->request->get('user');

            $userName = $getRequest['username'];
            $fullName = $getRequest['fullName'];

            $player->setUsername($userName);
            $player->setFullName($fullName);

            // 4) save the User!
            $em = $this->getDoctrine()->getManager();
            $em->persist($player);
            $em->flush();

            $cityRepository = $this->getDoctrine()->getRepository(City::class);
            for ($i = 0; $i < self::NUMBER_OF_CITIES_EVERY_PLAYER_STARTS_WITH; $i++) {
                $coordinateX = -1;
                $coordinateY = -1;
                do {
                    $coordinateX = rand(self::MIN_COORDINATE_X, self::MAX_COORDINATE_X);
                    $coordinateY = rand(self::MIN_COORDINATE_Y, self::MAX_COORDINATE_Y);
                    $alreadyTakenCity = $cityRepository->findOneBy(
                        ['x' => $coordinateX, 'y' => $coordinateY]
                    );
                } while ($alreadyTakenCity !== null);

                $city = new City();
                $city->setX($coordinateX);
                $city->setY($coordinateY);
                $city->setCityName($player->getUsername() . "_" . ($i+1));
                $city->setPlayer($player);
                $em->persist($city);
                $em->flush();

                $resourceRepository = $this->getDoctrine()->getRepository(GameResource::class);
                $resourceTypes = $resourceRepository->findAll();

                foreach ($resourceTypes as $resourceType) {
                    $cityResource = new CityResource();
                    $cityResource->setResource($resourceType);
                    $cityResource->setCity($city);
                    $cityResource->setAmount(self::AMOUNT_OF_RESOURCES_EVERY_PLAYER_STARTS_WITH);
                    $em->persist($cityResource);
                    $em->flush();
                }

                $buildingRepository = $this->getDoctrine()->getRepository(Building::class);
                $buildingTypes = $buildingRepository->findAll();
                foreach ($buildingTypes as $buildingType) {
                    $cityBuilding = new CityBuildings();
                    $cityBuilding->setCity($city);
                    $cityBuilding->setBuilding($buildingType);
                    $cityBuilding->setLevel(0);
                    $em->persist($cityBuilding);
                    $em->flush();
                }

            }

            // ... do any other work - like sending them an email, etc
            // maybe set a "flash" success message for the user

            return $this->redirectToRoute('security_login');
        }

        return $this->render(
            'user/register.html.twig',
            array('form' => $form->createView())
        );
    }



    /**
     *
     * @Route("/profile", name="user_profile")
     */
    public function profileAction()
    {
        /** @var Player $player */
        $player = $this->getUser();
        return $this->render("user/profile.html.twig", [
            'player'=>$player,
            'cityId' => $this->getCity()
        ]);
    }

13/12/2016 17:21:00

Martina_Shebova 10 Точки

Не знам дали е свързано, но не мога да изтрия и кеша ....

[Symfony\Component\Filesystem\Exception\IOException]
Failed to remove directory "C:\Users\User\Desktop\Mars_BattleGround_2031\var\cache\de~\annotations\fe": .

13/12/2016 17:26:39

RoYaL Trainer 6849 Точки

Рестартирай компютъра и отвори само конзола в папката и нищо друго ип робвай да изтриеш кеша. Има нещо, което държи някой файл отворен и не дава да се изтрие. Ако не е това - значи е проблем с правата на потребителя на компютъра.

13/12/2016 17:39:33

b.yordanov 146 Точки

Сигурна ли си, че изпращаш правилната парола?

The presented password is invalid.

14/12/2016 11:19:48

Martina_Shebova 10 Точки

Целият ми проблем идва от криптирането, не работи правилно. В security.yml му дадох вместо bcrypt, plaintext. Вкарвам паролата некриптирана и се логвам без проблем...

14/12/2016 16:04:48

Martina_Shebova 10 Точки

Аз plaintext го сложих, когато не ми работеше bcrypt, а не обратното.

14/12/2016 16:20:01

b.yordanov 146 Точки

Каква е дължината на колоната за парола в дб-то?

14/12/2016 17:37:03

Покажи всички коментари

netbull -4 Точки

$password = $this->get('security.password_encoder')->encodePassword($player, $player->getPassword());

този ред е грешен..

идеята е следната

1-во генерираш СОЛ, която учасвта в криптирането на паролата, нещо от сорта на:

$player->setSalt(substr(md5(uniqid(rand(), true)),0,22));

2-ро създават ХАШ на паролата encodePassword метода на очаква два параметъра plaintext парола и вторият е солта:

$hash = $this->get('security.password_encoder')->encodePassword($plaintextPassword, $player->getSalt());

и 3-то сетваш ХАША като парола на играча

$player->setPassword($hash);

19/12/2016 15:26:15 19/12/2016 16:27:43