php - Silex security provider -
i have class usermapper
<?php namespace models; use symfony\component\security\core\user\userproviderinterface; use symfony\component\security\core\user\userinterface; use symfony\component\security\core\exception\unsupporteduserexception; use symfony\component\security\core\exception\usernamenotfoundexception; use \pdo; class usermapper implements userproviderinterface { /** * database connection. */ var $db = null; /** * constructor function. loads model database if id known. * * @param $db * database connection */ function __construct() { $this->db = connectionprovider::getconnection(); } function save(user $user) { $statement = $this->db->prepare('insert user (username, password, salt, roles) values (:username, :password, :salt, :roles)'); foreach (array('username', 'password', 'salt', 'roles') $property) { $placeholders[':' . $property] = $user->get($property); } $isok = $statement->execute($placeholders); return $isok; } public function findbyusername($username) { $statement = $this->db->prepare('select * user username = :username'); $statement->execute(array(':username' => $username)); $data = $statement->fetch(pdo::fetch_assoc); if($data['username'] == null) return null; else { $user = new user($data['username'], $data['salt'], $data['roles']); $user->set('password', $data['password']); return $user; } } function loadall() { // query existing users. $statement = $this->db->query('select * user'); $results = $statement->fetchall(pdo::fetch_assoc); // format list , output json. $data = array(); foreach ($results $result) { $user = new user($result['username'], $result['salt'], $result['roles']); $user->set('passwort', $result['password']); $data[] = $user; } return $data; } /** * delete user. */ function delete(user $user) { if ($user->get('username')) { // execute delete query. $statement = $this->db->prepare('delete user username = :username'); $statement->execute(array(':username' => $user->get('username'))); } } /// userproviderinterface public function loaduserbyusername($username) { $user = $this->findbyusername($username); if($user == null) throw new usernamenotfoundexception(sprintf('username "%s" not exist.', $username)); return $user; } public function refreshuser(userinterface $user) { if (!$user instanceof user) { throw new unsupporteduserexception(sprintf('instances of "%s" not supported.', get_class($user))); } return $this->loaduserbyusername($user->getusername()); } public function supportsclass($class) { return $class === 'models\user'; } } and class user
<?php namespace models; use symfony\component\security\core\user\userinterface; class user implements userinterface{ var $username = null; var $password = null; var $salt = null; var $roles = null; function __construct($username, $password, $sal, $roles) { $this->username = $username; $this->password = $password; $this->salt = $salt; $this->roles = $roles; } function getusername() { return $this->username; } function getroles() { return $this->salt; } function getsalt() { return $this->roles; } function getpassword() { return $this->password; } function erasecredentials() { } function get($property) { if (!empty($this->{$property})) { return $this->{$property}; } else { return false; } } function set($property, $value) { $this->{$property} = $value; } function getall() { return array( 'username' => $this->get('username'), 'password' => $this->get('password'), 'salt' => $this->get('salt'), 'roles' => $this->get('roles') ); } } and in index.php configure security context :
$app['security.firewalls'] = array( 'secured' => array( 'pattern' => '^/', 'anonymous' => array(), 'form' => array( 'login_path' => 'login', 'check_path' => 'login_check' ), 'users' => $app->share(function () use ($app) { return $app['usermapper']; }), ) ); $app['security.access_control'] = array( array('path' => '^/login', 'role' => 'is_authenticated_anonymously'), array('path' => '^/', 'role' => 'is_authenticated_anonymously'), array('path' => '^/comment', 'methode' => 'post', 'role' => 'is_authenticated_anonymously'), array('path' => '^/comment', 'methode' => 'delete', 'role' => 'role_admin'), array('path' => '^/location', 'methode' => 'get, post', 'role' => 'is_authenticated_anonymously'), array('path' => '^/location', 'methode' => 'put, delete', 'role' => 'role_admin') ); $app['security.provider'] = array( 'users' => array( 'entity' => array('class' => 'models\user', 'property' => 'username') ) ); $app['security.encoders'] = array( 'models\user' => array( 'algorithm' => 'bcrypt', ) ); $app->register(new urlgeneratorserviceprovider()); $app->register(new silex\provider\securityserviceprovider(), array( 'security.firewalls' => $app['security.firewalls'], 'security.access_control' => $app['security.access_control'], 'security.provider' => $app['security.provider'], 'security.encoders' => $app['security.encoders'], )); the problem when submit login form foo login , foo password don't exist in database, security context create me session.
what wrong security provider ?
security.access_control not defined in silex\provider\securityserviceprovider. believe should security.access_rules:
$app['security.access_rules'] = array( array('^/admin', 'role_admin'), );
Comments
Post a Comment