symfony angularjs登录后InsufficientAuthenticationException
发布时间:2020-12-17 17:11:47 所属栏目:安全 来源:网络整理
导读:Helloy everbody, 我在客户端上的服务器和Angularjs上有symfony和doctrine.我想创建一个Login Endpoint.登录正在运行,我得到一个PHPSESSID Cookie. 登录后我执行后续请求.在这个要求我得到一个 InsufficientAuthenticationException: Full authentication i
|
Helloy everbody,
我在客户端上的服务器和Angularjs上有symfony和doctrine.我想创建一个Login Endpoint.登录正在运行,我得到一个PHPSESSID Cookie. 登录后我执行后续请求.在这个要求我得到一个
后续请求的标题: Host: localhost User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0 Accept: application/json,text/plain,*/* Accept-Language: de,en-US;q=0.7,en;q=0.3 Accept-Encoding: gzip,deflate Referer: http://localhost/frontend/admin/ Cookie: PHPSESSID=cllc3om5ascumuluofchu36aoc DNT: 1 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache security.yml: security:
encoders:
AppEntityUser:
algorithm: bcrypt
cost: 20
providers:
database_users:
entity: { class: AppEntityUser,property: username }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: ~
json_login:
check_path: login
logout:
path: logout
target: http://localhost/frontend/
access_control:
- { path: ^/login,roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/logout,roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/,roles: ROLE_USER }
日志: [2018-08-27 22:59:22] security.INFO: User has been authenticated successfully. {"username":"alex"} []
[2018-08-27 22:59:38] php.INFO: User Deprecated: DoctrineCommonClassLoader is deprecated. {"exception":"[object] (ErrorException(code: 0): User Deprecated: DoctrineCommonClassLoader is deprecated. at D:xampphtdocssymfonyvendordoctrinecommonlibDoctrineCommonClassLoader.php:7)"} []
[2018-08-27 22:59:38] doctrine.DEBUG: SELECT t0.id AS id_1,t0.username AS username_2,t0.password AS password_3,t0.is_active AS is_active_4,t0.role AS role_5,t0.customer_id AS customer_id_6 FROM app_users t0 WHERE t0.id = ? [1] []
[2018-08-27 22:59:38] security.DEBUG: Token was deauthenticated after trying to refresh it. {"username":"alex","provider":"SymfonyBridgeDoctrineSecurityUserEntityUserProvider"} []
[2018-08-27 22:59:38] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
[2018-08-27 22:59:38] security.DEBUG: Access denied,the user is not fully authenticated; redirecting to authentication entry point. {"exception":"[object] (SymfonyComponentSecurityCoreExceptionAccessDeniedException(code: 403):
我不知道我的错误在哪里,或者我如何调试这个问题. 编辑: /**
* @Route("/login",name="login")
* @param Request $request
* @return Response
*/
public function login(Request $request)
{
$securityContext = $this->container->get('security.authorization_checker');
// $tokenStorage = $this->container->get('security.token_storage');
// $token = $tokenStorage->getToken();
// var_dump($token); => user has not Token!
if ($securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
return new Response('http://localhost/frontend/admin/');
} else {
return new Response('',500);
}
}
在JS中: <script type="text/javascript">
$( "#loginForm" ).submit(function( event ) {
event.preventDefault();
let $form = $(this);
let username = $form.find( "input[name='username']" ).val();
let password = $form.find( "input[name='password']" ).val();
let data = "{";
data += '"username": "'+username+'",';
data += '"password": "'+password+'" ';
data += "}";
$.ajax({
method: 'post',url:'http://localhost/symfony/public/login',type:"POST",data:data,contentType:"application/json; charset=utf-8"
//dataType:"json"
}).done(function(response) {
$(location).attr('href',response)
}).fail(function() {
});
});
</script>
编辑2: namespace AppEntity;
use DoctrineORMMapping as ORM;
use SymfonyComponentSecurityCoreUserUserInterface;
use SymfonyComponentSecurityCoreUserEquatableInterface;
/**
* @ORMTable(name="app_users")
* @ORMEntity()
*/
class User implements UserInterface,Serializable,EquatableInterface
{
/**
* @ORMColumn(type="integer")
* @ORMId
* @ORMGeneratedValue(strategy="AUTO")
*/
private $id;
/**
* @ORMColumn(type="string",length=25,unique=true)
*/
private $username;
/**
* @ORMColumn(type="string",length=64)
*/
private $password;
/**
* @ORMColumn(name="is_active",type="boolean")
*/
private $isActive;
public function __construct()
{
$this->isActive = true;
}
public function getUsername()
{
return $this->username;
}
public function getSalt()
{
return null;
}
public function getPassword()
{
return $this->password;
}
public function getRoles()
{
return array('ROLE_USER');
}
public function eraseCredentials()
{
$this->password = null;
}
/** @see Serializable::serialize() */
public function serialize()
{
return serialize(array(
$this->id,$this->username,$this->password
// see section on salt below
// $this->salt,));
}
/** @see Serializable::unserialize() */
public function unserialize($serialized)
{
list (
$this->id,$this->password
) = unserialize($serialized,array('allowed_classes' => false));
}
public function isEqualTo(UserInterface $user)
{
if ($this->password !== $user->getPassword()) {
return false;
}
if ($this->username !== $user->getUsername()) {
return false;
}
return true;
}
}
问候, 亚历克斯 解决方法
刷新时令牌被取消认证会说明您的User类有问题,如果它是最近的(4)Symfony你的用户是否实现了EquatableInterface并且有一个equals方法?就像是….
class User implements EquatableInterface
{
public function isEqualTo(UserInterface $user)
{
if ($this->password !== $user->getPassword()) {
return false;
}
if ($this->salt !== $user->getSalt()) {
return false;
}
if ($this->username !== $user->getUsername()) {
return false;
}
return true;
}
}
也许你可以在你的问题中添加User类的源代码? (参考Token was deauthenticated after trying to refresh it) (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
相关内容
- Nuget程序包还原失败找不到1.4.4版本的程序包Angularjs
- angular – {{myArray}}现在在beta.16中更新了视图
- linux脚本判断条件总结(必看)
- Angular 2错误:无效的提供程序 – 仅允许Provider和Type的
- unix – 中断文件夹中的所有硬链接
- Scala / Lift:如何编写测试代码段对不同参数的响应的单元测
- 为什么嵌套实例化中没有TypeTag(由scala代码运行符解释)?
- 【Docker实战之入门】docker images 查看创建的docker镜像
- angularjs – 如何在角网页应用中使用Firebase隐形reCAPTCH
- 我可以将程序的输出重定向到gvim吗?