search

FriendsOfSymfony / FOSFacebookBundle

NOT MAINTAINED - see https://github.com/hwi/HWIOAuthBundle
322 stars 140 forks source link

Can't access the user in security.context when logged in #155

Open hosseio opened 12 years ago

hosseio commented 12 years ago

Hi.

When accessing the security.context for the token when logged always return an "anonymous user". It works when accessing a secure page (under access_control security section) with ROLE_ADMIN, ROLE_USER or similar. But I need the user (in case there is one) in pages where you can access anonymously.

Any thoughts?

Thanks in advance.

stof commented 12 years ago

paste your security config please

hosseio commented 12 years ago

Thank you for your response. Here is my security config:

security:
    encoders:
        Symfony\Component\Security\Core\User\User: plaintext
        "FOS\UserBundle\Model\UserInterface": sha512

    providers:
        fos_user:
            id: fos_user.user_manager
        fos_facebook:
            id: my.facebook.user

    factories:
        - "%kernel.root_dir%/../vendor/bundles/FOS/FacebookBundle/Resources/config/security_factories.xml"

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false

        public:
            pattern: ^/.*
            fos_facebook:
                app_url: "http://apps.facebook.com/restauranting/"
                server_url: "http://localhost/"
                login_path: /login
                check_path: /login_check$
                default_target_path: /
                provider: fos_facebook
            logout:
                handlers: ["fos_facebook.logout_handler"]
            anonymous:    true

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin, role: ROLE_ADMIN }
        - { path: ^/.*, role: [IS_AUTHENTICATED_ANONYMOUSLY] }

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

Debugging it I am seeing the listener (FacebookListener) is never invoke, so the token is never setted in AbstractAuthenticationListener

Regards.

hosseio commented 12 years ago

Well, when logging in sometimes it doesn't go throw the FacebookListener, I can't say why. The "dirty" solution we have made is to ensure the user is logged making a call to the FacebookProvider we developed. It is slower, but it works, we are going to plan it better in the next sprint :)

Thank you.