search

silexphp / Silex

[DEPRECATED -- Use Symfony instead] The PHP micro-framework based on the Symfony Components
https://silex.symfony.com
MIT License
3.58k stars 718 forks source link

Following the Security provider documentation does not lead to working code #1403

Closed aoloe closed 6 years ago

aoloe commented 8 years ago

By following the code snippets and the explanation on

https://github.com/silexphp/Silex/blob/master/doc/providers/security.rst

I could not get to a basic code that allows me to

I got to the following code:

https://github.com/aoloe/php-silex-demo-security-path

Currently, I can log in but the status is not kept.
My current supposition is that the session information does not get stored and the Security module has no way to detect that I successfully logged in.

I've asked for help on Stackoverflow but got no answer:

http://stackoverflow.com/questions/38460658/authenticate-with-the-silex-security-examples

If somebody can point me to the wrong / missing bits, I'm willing to check the documentation file and make a pull request that make it easy(ier) to grasp the workings of the utilisation of the Security module.

aoloe commented 8 years ago

I've found out that when I comment out is_granted() from the twig template, then everything works correctly...

https://github.com/aoloe/php-silex-demo-security-path/blob/master/resources/template/admin.twig#L12

why?

aoloe commented 8 years ago

The error I get is:

[2016-07-22 21:49:36] app.INFO: Matched route "{route}". {"route":"GET_admin","route_parameters":{"_controller":"[object] (Closure: {})","_route":"GET_admin"},"request_uri":"http://ww.reclaimyourtools.org/demo-security-path/admin","method":"GET"} []
[2016-07-22 21:49:36] app.DEBUG: Read existing security token from the session. {"key":"_security_admin"} []
[2016-07-22 21:49:36] app.DEBUG: User was reloaded from a user provider. {"username":"admin","provider":"Symfony\\Component\\Security\\Core\\User\\InMemoryUserProvider"} []
[2016-07-22 21:49:36] app.DEBUG: > GET /demo-security-path/admin [] []
[2016-07-22 21:49:36] app.INFO: An AuthenticationException was thrown; redirecting to authentication entry point. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\CredentialsExpiredException(code: 0): User credentials have expired. at /home/ale/docs/src/php-silex-demo-security-path/vendor/symfony/security/Core/User/UserChecker.php:64)"} []
[2016-07-22 21:49:36] app.DEBUG: Calling Authentication entry point. [] []
[2016-07-22 21:49:36] app.INFO: The security token was removed due to an AccountStatusException. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\CredentialsExpiredException(code: 0): User credentials have expired. at /home/ale/docs/src/php-silex-demo-security-path/vendor/symfony/security/Core/User/UserChecker.php:64)"} []
[2016-07-22 21:49:36] app.DEBUG: < 302 http://ww.reclaimyourtools.org/demo-security-path/login [] []
[2016-07-22 21:49:37] app.INFO: Matched route "{route}". {"route":"login","route_parameters":{"_controller":"[object] (Closure: {})","_route":"login"},"request_uri":"http://ww.reclaimyourtools.org/demo-security-path/login","method":"GET"} []
[2016-07-22 21:49:37] app.DEBUG: > GET /demo-security-path/login [] []
[2016-07-22 21:49:37] app.DEBUG: < 200 [] []
hkdobrev commented 6 years ago

@aoloe Do you still experience that with the latest Silex version?

fabpot commented 6 years ago

Closing as this is quite old.