I am new to Symfony 2 and never used any framework before.
I created 2 bundles, one for core site which url is as root / it is DefaultBundle then I created a new UserBundle and set all the routing to /user/ the login page is /user/login and it is working fine.
So far I am able to login the user and every thing seems working.
Question really is, how can I check in DefaultBundle that a user is logged in, so I show them Welcome User instead of login/register links on top right side of the front end website.
p.s. I dont need FOSuserBundle as answer,
below is from my security.yml file
jms_security_extra:
secure_all_services: false
expressions: true
security:
encoders:
Aala\Vital\UserBundle\Entity\User:
algorithm: plaintext
# encode_as_base64: false
# iterations: 1
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_MOD: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_MOD, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
user_area:
entity: {class: AalaVitalUserBundle:User, property: email}
firewalls:
login:
pattern: ^/user/login$
security: false
anonymous: true
user_area:
pattern: ^/user
form_login:
login_path: /user/login
check_path: /user/login_check
post_only: true
default_target_path: /user/
logout:
path: /user/logout
target: /user/
main:
pattern: ^/
security: true
anonymous: ~
access_control:
- { path: /.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/user, roles: ROLE_USER }
My Folder Structure is as follows
-src
-Aala
-Vital
-FronendBundle
-UserBundle
Edit:
Is this can be done with dependency injection? if yes how to do that...
Solved
To share the authentication between two firewalls use context. Below is the updated firewalls section from my security.yml file
firewalls:
login:
pattern: ^/user/login$
security: false
anonymous: true
user_area:
pattern: ^/user
context: primary_auth
form_login:
login_path: /user/login
check_path: /user/login_check
post_only: true
default_target_path: /user/
logout:
path: /user/logout
target: /user/
main:
pattern: ^/
context: primary_auth
security: true
anonymous: ~
According to the docs in a controller:
http://symfony.com/doc/current/book/security.html#retrieving-the-user-object
public function indexAction()
{
$user = $this->getUser();
if($user->isAuthenticated()) {
// Stuff
}
}
You can find it in the dosc here.
{% if is_granted("IS_AUTHENTICATED_REMEMBERED") %}
{{ 'Welcome ' ~ app.user.username }}
Logout
{% else %}
Login
{% endif %}
Change login_route and logout_route to meet routes of your application.
Why don't you want to use FOSUserBundle? It's a very good bundle, written by core members and e.g. you can find this code right here.
You will need the routes for both bundles to be behind the same firewall for $user = $this->getUser(); to work. Then you can allow anonymous access using ACL if you'd like a certain part of the site to be unauthenticated.
firewalls:
site:
pattern: ^/
anonymous: ~
form_login:
login_path: /user/login
check_path: /user/login_check
post_only: true
default_target_path: /
logout:
path: /user/logout
target: /user/
access_control:
- { path: ^/user/, roles: ROLE_USER}
Related
I've been trying for a couple of days now ... and still can't make this work I've read the documentation page over an over, I'm going crazy and I can't understand what is wrong.
It's very important for me to know and learn the way Symfony works because my new job requires me to work with it.
So I went to the documentation page at : http://symfony.com/doc/current/cookbook/security/entity_provider.html#security-config-entity-provider
security.yml
encoders:
Paul\FrontBundle\Entity\User:
algorithm: bcrypt
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
db_users:
entity:
class: Paul\FrontBundle\Entity\User
property: username
firewalls:
admin:
pattern: ^/admin
provider: db_users
form_login:
check_path: admin_login_check
login_path: admin_login
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: ~
My user entity implements the UserInterface
What is wrong ?
Can anyone please explain me what I'm doing wrong ?
Thanks !
OK, so the problem was the security context, for those who are interested this link will explain more.
Now what I've done is the following:
In security.yml
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
protected_area:
pattern: ^/protected
anonymous: ~
form_login:
login_path: login
check_path: login
default_target_path: /protected
provider: database_users
logout:
path: logout
target: /
success_handler: ~
invalidate_session: true
main:
anonymous: ~
access_control:
- { path: ^/protected/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/protected, roles: ROLE_USER }
In routing.yml
login:
path: /protected/login
defaults: { _controller: PaulDemoBundle:Security:login }
login_check:
path: /login_check
logout:
path: /protected/logout
So to explain it more, The login form is now in the context of protected_area firewall before /login , after /protected/login.
Also pay attention to the access_control node.
I hope this will help others.
I am adding admin login for Symfony2 Login Configuration. I got an error saying 'adminlogged' path not found. No matching route in your routing configuration!
Security.yml
security:
encoders:
MPW\TemplateBundle\Entity\User:
algorithm: sha1
encode_as_base64: false
iterations: 1
MPW\TemplateBundle\Entity\Admin:
algorithm: sha1
encode_as_base64: false
iterations: 1
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
users:
entity: { class: TemplateBundle:User, property: email }
admin:
entity: { class: TemplateBundle:Admin, property: email }
#my_custom_hwi_provider:
# id: my_user_provider
firewalls:
secured_area:
pattern: ^/
anonymous: ~
provider: users
form_login:
login_path: user_login
check_path: login_check
default_target_path: dashboard
logout:
path: log_out
admin_secured_area:
pattern: ^/
anonymous: ~
provider: admin
form_login:
login_path: admin_login
check_path: admin_check
default_target_path: /admin_dashboard
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin-login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
Routing.yml:
user_login:
pattern: /login
defaults: { _controller: LandingPageBundle:Landing:login }
admin_login:
pattern: /admin-login
defaults: { _controller: LandingPageBundle:Landing:adminLogin }
login_check:
pattern: /logged
admin_check:
pattern: /adminlogged
User Login is working fine but the admin login feature is having an issue
You have to define a controller for your admin_check route:
routing.yml
login_check:
pattern: /logged
admin_check:
pattern: /adminlogged
defaults: { _controller: LandingPageBundle:Landing:adminLogin } # line added
There is no controller for the login_check route because it's managed by Symfony2:
You will not need to implement a controller for the /login_check URL as the firewall will automatically catch and process any form submitted to this URL. However, you must have a route (as shown here) for this URL, as well as one for your logout path (see Logging Out).
Source: official Symfony2 documentation.
I've tried to resolve that looking for all the answers but I can't resolve it. I receive the error "Unable to find the controller for path /login_check" when I try to log in. In theory the check_path is behind the firewall...
Here is my security.yml
security:
role_hierarchy:
ROLE_ADMIN: ROLE_USER
firewalls:
public:
pattern: ^/
anonymous: ~
form_login:
login_path: frontend_login
check_path: frontend_login_check
remember_me: true
always_use_default_target_path: true
default_target_path: perfil
logout:
path: frontend_logout
target: frontend_login
access_control:
- { path: ^/perfil/*, roles: ROLE_USER }
providers:
usuarios:
entity: { class: TicketRunner\TicketRunnerBundle\Entity\User, property: email }
encoders:
TicketRunner\TicketRunnerBundle\Entity\User: plaintext
And here is my routing.yml
frontend_login:
pattern: /login
defaults: { _controller: TicketRunnerTicketRunnerBundle:User:login }
frontend_login_check:
pattern: /login_check
Thanks in advance!
I know this is a common problem. And several questions on this topic have been posted. I have tried all those solutions recommended in those questions, but none worked.
I found that this problem occurs if I put my form_login behind a firewall. But I'm not having any extra layer in firewall so the path should be simple as described in documentation.
My security.yml
# app/config/security.yml
security:
encoders:
Joy\JoyBundle\Entity\User:
algorithm: sha512
encode_as_base64: true
iterations: 1
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
administrators:
entity: { class: JoyBundle:User, property: username }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/login
security: false
secured_area:
pattern: ^/
anonymous: ~
form_login:
login_path: login
check_path: login_check
logout:
path: /logout
target: /login
access_control:
- { path: ^/signup, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_ADMIN }
My routing.yml in app/config
# app/config/routing.yml
login:
path: /login
defaults: { _controller: JoyBundle:Security:login }
login_check:
path: /login_check
joy_hello:
resource: "#JoyBundle/Resources/config/routing.yml"
prefix: /
So I'm performing login check while accessing app_dev.php/ But it's showing that error after pressing submit in login form.
Unable to find the controller for path "/login_check". Maybe you
forgot to add the matching route in your routing configuration? 404
Not Found - NotFoundHttpException
I tried
login_path: /login
check_path: /login_check
Didn't work. What I'm missing ?? Please help.....
The route login_check is not behind the firewall because the login_check route pattern matches the login firewall which has no security.
login:
pattern: ^/login # This matches /login_check
security: false
Solution 1: Change this to
login:
pattern: ^/login$
security: false
Solution 2: Remove the login firewall altogether and add this rule to access_control
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
In security.yml try setting the provider at the secured_area section:
secured_area:
provider: administrators
pattern: ^/
anonymous: ~
I used the "Using a traditional login form" tutorial from symfony.com to authentificate my users. With a simple http auth it works great.
After the login was submitted I get this Exception:
Unable to find the controller for path "/login_check". Maybe you
forgot to add the matching route in your routing configuration?
Well, in the tutorial I read:
You will not need to implement a controller for the /login_check URL as the firewall will automatically catch and process any form submitted to this URL.
I defined the routes and set the firewall settings:
security.yml
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
backend:
pattern: ^/backend
anonymous: ~
form_login:
provider: entity
login_path: /login
check_path: /login_check
#use_forward: true
logout:
path: /logout
target: /
routing.yml
login:
pattern: /login
defaults: { _controller: VitaSecurityBundle:Default:login }
login_check:
pattern: /login_check
logout:
pattern: /logout
The problem you are having is described here:
See http://symfony.com/doc/current/book/security.html, section "Avoid Common Pitfalls"
Be sure /login_check is behind a firewall
Next, make sure that your check_path URL (e.g. /login_check) is behind the firewall you're using for your form login (in this example, the single firewall matches all URLs, including /login_check). If /login_check doesn't match any firewall, you'll receive a Unable to find the controller for path "/login_check" exception.
In this example, your pattern specifies a prefix of /backend for secured paths. To work, your login check should be behind this same firewall.
So, to match the pattern which you have specified in your firewall, put login_check on a url path like this: /backend/login_check
I found the solution to my problem
I added the /backend prefix to my paths, removed the 'anonymous: ~' line and commented out the ACL for backend.
security.yml
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login_firewall:
pattern: ^/backend/login$
anonymous: ~
backend:
pattern: ^/backend
form_login:
provider: entity
login_path: /backend/login
check_path: /backend/login_check
#use_forward: true
logout:
path: /backend/logout
target: /
access_control:
#- { path: ^/backend, roles: ROLE_USER }
routing.yml
login:
pattern: /backend/login
defaults: { _controller: VitaSecurityBundle:Default:login }
login_check:
pattern: /backend/login_check
logout:
pattern: /backend/logout
The problem also tends to happen when you have two firewall with the same pattern. For example:
....
backend:
pattern: ^/*
....
frontend:
pattern: ^/*
You must change one of the two as follows:
....
backend:
pattern: ^/(administrador|backend)/*
....
frontend:
pattern: ^/*
Here is a sample code I used in a real-life project:
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
secured_area:
pattern: ^/cmd
anonymous: ~
form_login:
check_path: /cmd/login_check
login_path: /cmd/login
remember_me:
always_remember_me: true
key: "%secret%"
path: /cmd
domain: ~ # Defaults to the current domain from $_SERVER
logout:
path: /cmd/logout
target: /
admin:
pattern: ^/admin
http_basic:
realm: "Administration"
free_area:
pattern: ^/
anonymous: ~
In my case, only the /cmd/ part is secured, the /admin/ part is also secured, but with HTTP security.
Maybe you should try:
security.yml
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
backend:
pattern: ^/backend
anonymous: ~
form_login:
provider: entity
login_path: /backend/login
check_path: /backend/login_check
#use_forward: true
logout:
path: /backend/logout
target: /
and as of routing.yml:
login:
pattern: /backend/login
defaults: { _controller: VitaSecurityBundle:Default:login }
login_check:
pattern: /backend/login_check
logout:
pattern: /backend/logout
I think your problem might come from the fact security is not activated in your / part (the pattern of your secured area is ^/backend)
This was not workging for me and I try something else :
firewalls:
dev:
pattern: ^/(_profiler|_wdt|css|js)
security: false
login:
pattern: ^/login$
security: false
secured_area:
pattern: /(admin/.*|login_check)
provider: in_memory
form_login:
check_path: /login_check
login_path: /login
default_target_path: /admin
always_use_default_target_path: true
logout:
path: /logout
target: /
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_ADMIN }
With the following explanation, simpler than the explanation from zabojad.
The important thing is to put the login_check route inside a firewall and to let the login outside. With a or pattern you can succeed.
Max