search

FriendsOfSymfony / FOSUserBundle

Provides user management for your Symfony project. Compatible with Doctrine ORM & ODM, and custom storages.
https://symfony.com/doc/master/bundles/FOSUserBundle/index.html
MIT License
3.25k stars 1.57k forks source link

unable to access after login #1538

Open devswaam opened 10 years ago

devswaam commented 10 years ago

After creating user and login , i got this error You must configure the check path to be handled by the firewall using form_login in your security firewall configuration.

searched to solve this but couldn't not. help please... here is my security.yml file

          security:
          #    providers:
          #        in_memory:
          #            memory: ~

              firewalls:
                  dev:
                      pattern: ^/(_(profiler|wdt)|css|images|js)/
                      security: false

                  default:
                      anonymous: ~

                  main:
                      pattern: ^/
                      form_login:
                           provider: fos_userbundle
                           csrf_provider: form.csrf_provider
                      logout:       true
                      anonymous:    true

              encoders:
                      FOS\UserBundle\Model\UserInterface: sha512

              role_hierarchy:
                      ROLE_ADMIN:       ROLE_USER
                      ROLE_SUPER_ADMIN: ROLE_ADMIN

              providers:
                      fos_userbundle:
                          id: fos_user.user_provider.username

              access_control:
                      - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
                      - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
                      - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
                      - { path: ^/admin/, role: ROLE_ADMIN }

here is routing.yml

      swaam_patient:
          resource: "@swaamPatientBundle/Resources/config/routing.yml"
          prefix:   /
      admin:
          resource: '@SonataAdminBundle/Resources/config/routing/sonata_admin.xml'
          prefix: /admin

      _sonata_admin:
          resource: .
          type: sonata_admin
          prefix: /admin

      fos_user_security:
          resource: "@FOSUserBundle/Resources/config/routing/security.xml"

      fos_user_profile:
          resource: "@FOSUserBundle/Resources/config/routing/profile.xml"
          prefix: /profile

      fos_user_register:
          resource: "@FOSUserBundle/Resources/config/routing/registration.xml"
          prefix: /register

      fos_user_resetting:
          resource: "@FOSUserBundle/Resources/config/routing/resetting.xml"
          prefix: /resetting

      fos_user_change_password:
          resource: "@FOSUserBundle/Resources/config/routing/change_password.xml"
          prefix: /profile
stof commented 10 years ago

what is your URL for the login check page ?

devswaam commented 10 years ago

hitting this URL http://localhost/site/web/app_dev.php/login and it takes me to http://localhost/patient/web/app_dev.php/login_check and shows that error. don't know whats wrong, i am new to symfony as well.

On Thu, Jul 17, 2014 at 5:05 AM, Christophe Coevoet < notifications@github.com> wrote:

what is your URL for the login check page ?

— Reply to this email directly or view it on GitHub https://github.com/FriendsOfSymfony/FOSUserBundle/issues/1538#issuecomment-49298101 .

stof commented 10 years ago

why going from /site to /patient ?

devswaam commented 10 years ago

sorry for typo its http://localhost/siteweb/app_dev.php/login_check

On Thu, Jul 17, 2014 at 5:58 AM, Christophe Coevoet < notifications@github.com> wrote:

why going from /site to /patient ?

— Reply to this email directly or view it on GitHub https://github.com/FriendsOfSymfony/FOSUserBundle/issues/1538#issuecomment-49302817 .

SteaveAshmore commented 7 years ago

same issue any guide?

allabakash commented 6 years ago

Hi, i have updated SF 2.4 to SF 2.8 and Updated FOSUserBundle 1.3 to 2.0 version Below attachment is my security.yml file security yml

Showing below RunTimeException runtimeexception

It was working fine with my SF2.4 version.

I may have missed something, please help.

shakaran commented 6 years ago

@allabakash If you use the value _fos_user_securitycheck you are calling to SecurityController.php class and invoking the checkAction() method which exactly only throws an RuntimeError Exception with the error displayed "You must configure the check path to be handled by the firewall using form_login in your security firewall configuration.". So the fix is so simple that not use the value fos_user_security_check and implement your authentication listener.

So @stof the users are not fully understanding that they don't have to use the default SecurityController::checkAction() for this and they have to especify another with an authentication listener.

allabakash commented 6 years ago

Thanks for your reply, Still the same, without fos_user_security_check. Security.yml security

now it's pointing to RuntimeException: You must configure the check path to be handled by the firewall using form_login in your security firewall configuration. in /var/www/html/Soundbasics_production/SoundBasics_Symfony/vendor/friendsofsymfony/user-bundle/Controller/SecurityController.php on line 78 1 @stof @shakaran do i have to implement authentication listener.

shakaran commented 6 years ago

@allabakash after change that, you need implement a authentication listener, for example:

I have this under src/MyAppBundle/EventListener/AuthenticationListener.php

<?php

/*
 * This file is part of the FOSUserBundle package.
 *
 * (c) FriendsOfSymfony <http://friendsofsymfony.github.com/>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace FOS\UserBundle\EventListener;

use FOS\UserBundle\Event\FilterUserResponseEvent;
use FOS\UserBundle\Event\UserEvent;
use FOS\UserBundle\FOSUserEvents;
use FOS\UserBundle\Security\LoginManagerInterface;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\Security\Core\Exception\AccountStatusException;

class AuthenticationListener implements EventSubscriberInterface
{
    /**
     * @var LoginManagerInterface
     */
    private $loginManager;

    /**
     * @var string
     */
    private $firewallName;

    /**
     * AuthenticationListener constructor.
     *
     * @param LoginManagerInterface $loginManager
     * @param string                $firewallName
     */
    public function __construct(LoginManagerInterface $loginManager, $firewallName)
    {
        $this->loginManager = $loginManager;
        $this->firewallName = $firewallName;
    }

    /**
     * {@inheritdoc}
     */
    public static function getSubscribedEvents()
    {
        return array(
            FOSUserEvents::REGISTRATION_COMPLETED => 'authenticate',
            FOSUserEvents::REGISTRATION_CONFIRMED => 'authenticate',
            FOSUserEvents::RESETTING_RESET_COMPLETED => 'authenticate',
        );
    }

    /**
     * @param FilterUserResponseEvent  $event
     * @param string                   $eventName
     * @param EventDispatcherInterface $eventDispatcher
     */
    public function authenticate(FilterUserResponseEvent $event, $eventName, EventDispatcherInterface $eventDispatcher)
    {
        try {
            $this->loginManager->logInUser($this->firewallName, $event->getUser(), $event->getResponse());

            $eventDispatcher->dispatch(FOSUserEvents::SECURITY_IMPLICIT_LOGIN, new UserEvent($event->getUser(), $event->getRequest()));
        } catch (AccountStatusException $ex) {
            // We simply do not authenticate users which do not pass the user
            // checker (not enabled, expired, etc.).
        }
    }
}

In services.yml:

services:
    account.security_listener:
        class: %account.security_listener.class%
        arguments: ['@security.authorization_checker', '@session'] # security.context (deprecated) or 'security.token_storage
        tags:
            - { name: kernel.event_listener, event: security.interactive_login, method: onSecurityInteractiveLogin

Then as src/MyAppBundle/Controller/SecurityController.php:

<?php

namespace MyAppBundle\Controller;

use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;

class SecurityController extends Controller
{
    public function loginAction(Request $request)
    {
        /** @var $session Session */
        $session = $request->getSession();

        $authenticationUtils = $this->get('security.authentication_utils');

        // get the login error if there is one
        $error = $authenticationUtils->getLastAuthenticationError();

        // last username entered by the user
        $lastUsername = $authenticationUtils->getLastUsername();

        $csrfToken = $this->has('security.csrf.token_manager')
        ? $this->get('security.csrf.token_manager')->getToken('authenticate')->getValue()
        : null;

        $authChecker = $this->get('security.authorization_checker');
        $router = $this->get('router');

        return $this->render(
                'FOSUserBundle:Security:login.html.twig',
                [
                    // last username entered by the user
                    'last_username' => $lastUsername,
                    'error'         => $error,
                    'csrf_token' => $csrfToken,
                ]
                );
    }
}
allabakash commented 6 years ago

@shakaran , May I know, which FOSUserBundle version, you are referring to,

I'm using SF 2.8, FOSUserBundle ~2.0 version.

allabakash commented 6 years ago

No luck

shakaran commented 6 years ago

@allabakash I am using Symfony 3.3 and dev-master of FOSUserBundle