希望你能帮助我...
当我尝试登录 Symfony 6 应用程序时,没有任何反应。我没有错误,但它没有记录我。它只会刷新页面。
security.yaml
security:
providers:
app_user_provider:
entity:
class: App\Entity\User
property: email
password_hashers:
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
security: false
lazy: true
provider: app_user_provider
custom_authenticator:
- App\Security\AppAuthenticator
logout:
path: app_logout
target: login
secured_area:
pattern: ^/
form_login:
login_path: app_login
check_path: app_login
SecurityController::登录
public function login(AuthenticationUtils $authenticationUtils, $errorLog = null): Response
{
if ($this->getUser()) {
return $this->redirectToRoute('app_dashboard');
}
// get the login error if there is one
$error = $authenticationUtils->getLastAuthenticationError();
// last username entered by the user
$lastUsername = $authenticationUtils->getLastUsername();
// var_dump($errorLog);
return $this->render('public/auth/login.html.twig', [
'last_username' => $lastUsername,
'error' => $error
]);
}
我的产品服务器是最新的,我可以登录我,但在开发(127.0.0.1)中这是不可能的。
谢谢您的帮助。
您似乎已禁用主防火墙中的安全层。尝试删除主防火墙中的
security: false
:
# security.yaml
security:
providers:
app_user_provider:
entity:
class: App\Entity\User
property: email
password_hashers:
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
# security: false # REMOVE THIS LINE
lazy: true
provider: app_user_provider
custom_authenticator:
- App\Security\AppAuthenticator
logout:
path: app_logout
target: login
secured_area:
pattern: ^/
form_login:
login_path: app_login
check_path: app_login
试试这个:
password_hashers:
App\Entity\User:
algorithm: auto
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
lazy: true
provider: app_user_provider
就我而言,我盲目地遵循界面
\Symfony\Component\Security\Core\User\UserInterface::eraseCredentials
并删除了那些
public function eraseCredentials(): void
{
$this->password = null;
$this->email = null;
}
结果与
security: false
相同,登录没有错误,但实际上什么也没发生,我停留在登录页面。