search

anyx / LoginGateBundle

59 stars 23 forks source link

How to install ? #1

Closed Hanfrey closed 8 years ago

Hanfrey commented 8 years ago

Hello, i dont get it working. Is this compatible with symfony 2.7?

  1. composer require anyx/login-gate-bundle
  2. noticed that my parameters.yml is set to default.
  3. Added the "new Anyx\LoginGateBundle\LoginGateBundle()," to the AppKernel
  4. Added the login_gate settings to the config.yml and security.yml
  5. tried to login 6 Attempted to load Class BruteForceAttemptListener from Acme\BestBundle\Listener\

There is no Namespace like this, and in the Bundle i cant find that Class.

anyx commented 8 years ago

@Hanfrey Acme\BestBundle\Listener\BruteForceAttemptListener - this is an example. You should register you own listener, if you need to do something when bruteforce was detected.

Hanfrey commented 8 years ago

Thanks for the fast response. I added my own Listener which should dump something if its hit. But its not working like i thought:

If i add the success_handler the login is not working anymore. I commented and tried to bruteforce the login which hit the event.But i get the following error:

The autoloader expected class "AppBundle\EventListener\BruteForceAttemptListener" to be defined in file "src\AppBundle\EventListener\BruteForceAttemptListener.php". The file was found but the class was not in it, the class name or namespace probably has a typo.

          class: AppBundle\EventListener\BruteForceAttemptListener
          tags:
              - { name: kernel.event_listener, event: security.brute_force_attempt, method: onBruteForceAttempt }

The class:

<?
namespace AppBundle\EventListener;

class BruteForceAttemptListener
{
public function onBruteForceAttempt( )
{
dump("got it!");
}
}

Any Idea? Thanks!

anyx commented 8 years ago

@Hanfrey Check your listener's filename - this default autoloader error. Later i will try to check handlers. Also, let me see your security.firewall config, if it possible

Hanfrey commented 8 years ago

@anyx i found it, used <? instead of <?php. But the login is now not working anymore again. something special i have to do in the bruteforce listener?

   firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        login_firewall:
            pattern: ^/login$
            anonymous: ~
        ònlineservice:
             pattern: ^/
             form_login:
                 failure_handler: anyx.login_failure.handler
                 #success_handler: anyx.login_success.handler
                 csrf_provider: security.csrf.token_manager
                 check_path: login_check
                 login_path: login
                 default_target_path: /de/start
             logout:
                 path: /logout
                 target: login
                 invalidate_session: false
``
Hanfrey commented 8 years ago

Got it nearly running. The login_success does use the referer. This is everytime /login for me. So he redirects to the login again, im now using the default_path_target / path_target.

But i get this Error Message after loading each page: An error occurred while loading the web debug toolbar (404: Not Found) Do you want to open the profiler?

Any idea?

anyx commented 8 years ago

I don't want to open profiler. Looks like you have some problem in framework/webserver configuration.

Please, try to check this: http://stackoverflow.com/questions/21058750/symfony-2-4-an-error-occurred-while-loading-the-web-debug-toolbar-404-not-fou

Hanfrey commented 8 years ago

I think an handler does not fit or something like that. Because i made an copy of the project before adding the Bundle and this is not happening there.

In the login failure handle is an DEPRECATED usage. Changed from:

use Symfony\Component\Security\Core\SecurityContext;
...
 $request->getSession()->set(SecurityContext::AUTHENTICATION_ERROR, $exception);
use Symfony\Component\Security\Core\Security;
...
 $request->getSession()->set(Security::AUTHENTICATION_ERROR, $exception);
Hanfrey commented 8 years ago

http://127.0.0.1:8000/_wdt/fd9e8d is tried to get accessed, which results in the 404 and error message with debug bar.

It just start to throw if i add the " new Anyx\LoginGateBundle\LoginGateBundle()," to the AppKernel.php

Hanfrey commented 8 years ago

Something i noticed searching for the error:

   $this->getDispatcher()->dispatch(SecurityEvents::BRUTE_FORCE_ATTEMPT, $event);

The BruteForceChecker.php has no method dispatch.

Something is weird with this. This is causing my problem, and i think it fits to the error above. If i take it out of the Authentication.php the 404 Error disappears.

->addMethodCall(
                            'setDispatcher',
                            array(
                                $container->findDefinition('event_dispatcher')
                            )
                    )
``
anyx commented 8 years ago

So BruteForceChecker should not have this method

anyx commented 8 years ago

@Hanfrey i was found several errors with dispatcher in last symfony versions. Tomorrow i will try to find time fix them. Thank you for feedback!

Hanfrey commented 8 years ago

You are welcome, the dispatcher "error" comes because the annotation is wrong of the getDispatcher.

Is:

    /**
     * 
     * @return \Anyx\LoginGateBundle\Service\BruteForceChecker
     */
    public function getDispatcher()
    {
        return $this->dispatcher;
    }

Should be:

    /**
     * 
     * @return \Symfony\Component\EventDispatcher\EventDispatcherInterface
     */
    public function getDispatcher()
    {
        return $this->dispatcher;
    }
anyx commented 8 years ago

@Hanfrey it was a pretty long day) I believe, this issue (and bundle) is not actual for you.

Anyway, today i made some refactoring, wrote some tests and now time to close this issue, i think