Bad credentials in authentication / login - Symfony2

4
votes

I'm new to symfony2 and doctrine. I am trying the authentication system based on documents and some tutorials. I don't know know why I'm finding it so hard.

Here is what I did based on 2 separate tutorials.

My User Entity:

<?php
// src/Acme/UserBundle/Entity/User.php
namespace Login\LoginBundle\Entity;

use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\UserInterface;

/**
 * Login\LoginBundle\Entity\User
 *
 * @ORM\Table(name="tb_user")
 * @ORM\Entity(repositoryClass="Login\LoginBundle\Entity\UserRepository")
 */
class User implements UserInterface, \Serializable
{
    /**
     * @ORM\Column(type="integer")
     * @ORM\Id
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    private $id;

    /**
     * @ORM\Column(type="string", length=25, unique=true)
     */
    private $username;

    /**
     * @ORM\Column(type="string", length=32)
     */
    private $salt;

    /**
     * @ORM\Column(type="string", length=64)
     */
    private $password;

    /**
     * @ORM\Column(type="string", length=60, unique=true)
     */
    private $email;

    /**
     * @ORM\Column(name="is_active", type="boolean")
     */
    private $isActive;

    public function __construct()
    {
        $this->isActive = true;
        $this->salt = md5(uniqid(null, true));
    }

    /**
     * @inheritDoc
     */
    public function getUsername()
    {
        return $this->username;
    }

    /**
     * @inheritDoc
     */
    public function getSalt()
    {
        return $this->salt;
    }

    /**
     * @inheritDoc
     */
    public function getPassword()
    {
        return $this->password;
    }

    /**
     * @inheritDoc
     */
    public function getRoles()
    {
        return array('ROLE_USER');
    }

    /**
     * @inheritDoc
     */
    public function eraseCredentials()
    {
    }

    /**
     * @see \Serializable::serialize()
     */
    public function serialize()
    {
        return serialize(array(
            $this->id,
            $this->username,
            $this->salt,
            $this->password,
        ));
    }

    /**
     * @see \Serializable::unserialize()
     */
    public function unserialize($serialized)
    {
        list (
            $this->id,
            $this->username,
            $this->salt,
            $this->password,
        ) = unserialize($serialized);
    }

    /**
     * Get id
     *
     * @return integer 
     */
    public function getId()
    {
        return $this->id;
    }

    /**
     * Set username
     *
     * @param string $username
     * @return User
     */
    public function setUsername($username)
    {
        $this->username = $username;

        return $this;
    }

    /**
     * Set salt
     *
     * @param string $salt
     * @return User
     */
    public function setSalt($salt)
    {
        $this->salt = $salt;

        return $this;
    }

    /**
     * Set password
     *
     * @param string $password
     * @return User
     */
    public function setPassword($password)
    {
        $this->password = $password;

        return $this;
    }

    /**
     * Set email
     *
     * @param string $email
     * @return User
     */
    public function setEmail($email)
    {
        $this->email = $email;

        return $this;
    }

    /**
     * Get email
     *
     * @return string 
     */
    public function getEmail()
    {
        return $this->email;
    }

    /**
     * Set isActive
     *
     * @param boolean $isActive
     * @return User
     */
    public function setIsActive($isActive)
    {
        $this->isActive = $isActive;

        return $this;
    }

    /**
     * Get isActive
     *
     * @return boolean 
     */
    public function getIsActive()
    {
        return $this->isActive;
    }
}

My security.yml

# app/config/security.yml
security:
    encoders:
        Login\LoginBundle\Entity\User:
            algorithm:        sha512
            encode_as_base64: true
            iterations:       1

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]

    providers:
        administrators:
            entity: { class: LoginLoginBundle:User, property: username }

    firewalls:
        admin_area:
            pattern: ^/
            anonymous: ~
            form_login:
                login_path: login
                check_path: login_check
            logout:
                path:   /logout
                target: /login

    access_control:
        - { path: ^/admin, roles: ROLE_ADMIN }

My Controller

<?php

namespace Login\LoginBundle\Controller;

use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Login\LoginBundle\Entity\User;
use Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder;

class DefaultController extends Controller
{
    public function indexAction($name)
    {
    $user = new User();
          $user->setUsername('aa');
          $user->setEmail('[email protected]');
          $user->setSalt(md5(time()));
          $user->setIsActive(false);

          $encoder = new MessageDigestPasswordEncoder('sha512',true,1);
          $password = $encoder->encodePassword('1234', $user->getSalt());
          $user->setPassword($password);
          $manager = $this->getDoctrine()->getManager();
          $manager->persist($user);

          $manager->flush();  

        return $this->render('LoginLoginBundle:Default:index.html.twig', array('name' => $name));
    }
}

So idea is to insert user when /hello/me is called. And perform login when admin/hello/me is called. Now after first iteration my database contains this data

1
d033e22ae348aeb5660fc2140aec35850c4da997
admin
[email protected]
1

But when I'm providing aa and 1234 as credentials in login form, it is showing *bad credentials. What I'm missing?* Is there any simple tutorial to describe whole authentication using symfony2 in easy way.Also with plain password. Please help...... please :(

2
phpsymfonyauthenticationdoctrine-ormpassword-encryption
set is active to true in the database and try again - zizoujab
@zizoujab is_active is in tinyint(1) format. it has to be a number - AtanuCSE
what do you have in your routing.yml file? - Sehael
sorry I mean set it to 1 . - zizoujab
I think what zizoujab was saying is that you are setting the is_active field to false in your code ($user->setIsActive(false)). Are you sure that it's value is 1 in the database? You are listing a bunch of values, but we don't know what columns they are. It seems surprising. - Jean-François Beauchef

2 Answers

8
votes

You are using Sha512 which generates a 128 chars hash. Your database storage for password is 40 chars.

Try Sha1 or other hashing algo which generates less than 40 chars hash. Or increase the storage size for that field.

0
votes

note: if you generate salt at entity (construct)

 public function __construct()
 {
        ...
        $this->salt = md5(uniqid(null, true));
 }

You dont need to do that again with

$user->setSalt(md5(time()));