php – 在Silex中使用db支持的UserProvider进行用户身份验证

基本上我跟着this tutorial from Johann Reinke.

自然而然的是Silex documentation：

也是我在谷歌上发现的一切.

但是,我认为Silex仍然缺乏大量文档,我在很多方面都迷失了.

我的代码：

$app->register(new SilexProviderSessionServiceProvider(),array(
  'session.storage.save_path' => __DIR__.'/../vendor/sessions',));

$app->register(new SilexProviderDoctrineServiceProvider(),array(
'db.options' => array(
'driver'    => 'pdo_mysql','host'      => 'localhost','dbname'    => 'dbname','user'      => 'someuser','password'  => 'somepass','charset'   => 'utf8',),));



$app['security.encoder.digest'] = $app->share(function ($app) {
    return new MessageDigestPasswordEncoder('sha1',false,1);
});


$app['security.firewalls'] = array(
    'acceso' => array(
    'pattern' => '^/confirmar','form' => array('login_path' => '/acceso','check_path' => '/confirmar/comprobar_acceso'),'logout' => array('logout_path' => '/confirmar/salir'),'users' => $app->share(function() use ($app) {
     return new AcmeUserUserProvider($app['db']);
    }),);


$app->register(new SilexProviderSecurityServiceProvider(array(
'security.firewalls' => $app['security.firewalls'],'security.access_rules' => array(
array('^/confirmar','ROLE_USER'),)));

我对控制器有很多疑问：

$app->match('/acceso',function(Request $request) use ($app) {

$username = $request->get('_username');
$password = $request->get('_password');

if ('POST' == $request->getMethod())
    {
    $user = new AcmeUserUserProvider($app['db']);
    $encoder = $app['security.encoder_factory']->getEncoder($user);
    // compute the encoded password
    $encodedPassword = $encoder->encodePassword($password,$user->getSalt());

    // compare passwords
        if ($user->password == $encodedPassword)
            {
            // set security token into security
            $token = new UsernamePasswordToken($user,$password,'',array('ROLE_USER'));
            $app['security']->setToken($token);
           //return $app->redirect('/jander');
           // redirect or give response here
         } else {
         // error feedback
         }

         }


return $app['twig']->render('login.twig',array(
    'error'         => $app['security.last_error']($request),'last_username' => $app['session']->get('_security.last_username'),));
})
->bind('acceso');

这是我的班级,用户提供者：

// src/Acme/User/UserProvider.php
namespace AcmeUser;

use SymfonyComponentSecurityCoreUserUserProviderInterface;
use SymfonyComponentSecurityCoreUserUserInterface;
use SymfonyComponentSecurityCoreUserUser;
use SymfonyComponentSecurityCoreExceptionUsernameNotFoundException;
use SymfonyComponentSecurityCoreExceptionUnsupportedUserException;
use DoctrineDBALConnection;




class UserProvider implements UserProviderInterface
{
private $conn;

public function __construct(Connection $conn)
{
    $this->conn = $conn;
}

public function loadUserByUsername($username)
{
    $stmt = $this->conn->executeQuery('SELECT * FROM compradores WHERE idemail = ?',array(strtolower($username)));
    if (!$user = $stmt->fetch()) {
        throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.',$username));
    }

    return new User($user['idemail'],$user['pass'],explode(',',$user['roles']),true,true);
}

public function refreshUser(UserInterface $user)
{
    if (!$user instanceof User) {
        throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.',get_class($user)));
    }

    return $this->loadUserByUsername($user->getUsername());
}

public function supportsClass($class)
{
    return $class === 'SymfonyComponentSecurityCoreUserUser';
}
}

我的表格：

<form action="{{ path('confirmar_comprobar_acceso') }}" method="post">
{{ error }}
<input type="text" name="_username" value="{{ last_username }}" />
<input type="password" name="_password" value="" />
<input type="submit" />
</form>

这是我的mysql表：

id          int(15) 
idemail varchar(255)
nombre  varchar(255) 
apellidos   varchar(255)
telefono    int(11)
activo  tinyint(4)
pass    varchar(40)
roles   varchar(255)
iva         tinyint(4)
nifcif      varchar(255)

尝试登录时,我总是收到“Bad credentials”响应.有任何想法吗？谢谢,干杯！