Symfony2: how to implement custom user login & registration - get rid of FOSUSerBundle

4
votes

I am trying to get rid of FOSUserBundle as I wanted to implement a role entity linked in a manytomany relationship with my user.

So my question is : would there be a step by step tutorial to replace this FOSUserBundle ? If not, can someone guide me at least through the elements I need to implement cause I feel I always forgot something.

So far I have :

  1. A class User implements AdvancedUserInterface, \Serializable
  2. A class UserProvider implements UserProviderInterface
  3. A controller with a public function registerAction(Request $request) to handle saving the user in the database.

Here I am able to save the user and I see that salt, password, username and email are saved but after handling the request I get nothing and login is not possible.

Do I need to implement also:

  1. A custom authentication provider
  2. or user API Keys

If yes, which one ?

And next ?

My registration code : why is the return statement not called ?

/**
 * @Route("/register_user", name="register_user")
 * @Method({"GET","POST"})
 * @param Request $request
 * @param bool $extendLayout
 * @return null|\Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
 */
public function registerAction(Request $request, $extendLayout=true)
{
    $formManager = $this->get('form_manager');
    $user = new User();
    $user->setEnabled(true);

    $form = $formManager->createForm(new UserRegistrationType(), $user, 'POST', 'register_user',null, false);

    if ($request->getMethod() == 'POST')
    {
        if ($formManager->handleRequestAndValidate($form))
        {

            $userSecurityManager = $this->get('user_security_manager');
            $userSecurityManager->updateUser($user, true);

            //This return won't get called, is there an eventlistener on the register event ?
            return $this->redirect($this->generateUrl('registration_confirmed'));

        }
    }

    $layout = $extendLayout == true ? 'User/Registration/register.html.twig' : 'User/Registration/register_content.html.twig';

    return $this->render($layout, array(
            'form' => $form->createView(),
        ));
}

My login form is sent to the login_check route which I believe symfony is handling and the login fails with the user I am creating. Why ?

My login form:

<div class="fmu_panel fmu_login">

    <h3>Vous êtes inscrit</h3>

    <div class="panel-content">
        <form action="{{ path("login_check") }}" id="signup-form_id" method="post">
            <input type="hidden" name="_csrf_token" value="{{ csrf_token }}" />

            {% if error %}
                <div class="form-group">
                <div class="alert alert-danger" role="alert">
                    {#{{ error.messageKey|trans(error.messageData, 'security') }}#}
                    Mot de passe ou nom d'utilisateur incorrect.
                </div>
                </div>
            {% endif %}

            <div class="form-group w-icon">
                <input type="text" id="username" name="_username" value="{{ last_username }}" required="required" class="form-control" placeholder="E-mail ou pseudo" />
                <i class="fa fa-user"></i>
            </div> <!-- / Username -->

            <div class="form-group w-icon">
                <input type="password" id="password" name="_password" required="required" class="form-control" placeholder="Mot de passe"  />
                <i class="fa fa-lock"></i>
            </div> <!-- / Password -->

            <div class="form-group">
                <label for="_remember_me" class="checkbox-inline">
                    <input type="checkbox" name="_remember_me" id="remember_me" checked>
                    Se souvenir de moi
                </label>
            </div>

            <div class="form-actions">
                <input type="submit" value="S'identifier" class="btn btn-primary" name="_submit" id="fmu_signin">
                <a href="#" class="forgot-password btn btn-danger pull-right" id="fmu_forgot_password_link">Mot de passe oublié ?</a>
            </div>

{#
            <div class="social">
                <a href="{{ path('hwi') }}twitter" class="btn btn-default">Se connecter avec <span>Facebook</span></a>
            </div>
#}

        </form>

        <div id="fmu_password_reset">

            {{ render(controller('AppBundle:User/UserSecurity:requestNewPassword')) }}

        </div>
    </div>
</div>



<script>

// Show/Hide password reset form on click

$(function(){
    $('#fmu_forgot_password_link').on('click', function (e) {
        e.preventDefault();
        $('#fmu_password_reset').fadeIn(400);
        $('#signup-form_id').fadeOut(400);
    });
    $('#fmu_password_reset .close').click(function (e) {
        e.preventDefault();
        $('#fmu_password_reset').fadeOut(400);
        $('#signup-form_id').fadeIn(400);
    });

});
</script>
1
phpsymfonyloginregistrationfosuserbundle
Your exit call is after you return from the function so it will never be called. - Jason Roman
yes, sure, sorry. I forgot to mention that the same exit at the beginning of the 'registration_confirmed' controller does not print out. So actually this is the return that does not get called. Is there an eventlistener on the registration event ? - Sébastien
It doesn't look like you're saving the new user at all. Is it actually getting populated in the database? Your best bet would be to check the logs or if it even gets into the if statement. - Jason Roman
As per my comment, yes, the user gets saved in the database. This is the update function which I took back from FOSUserBundle. So this is not the issue. Here I'm more trying to understand if there are things to do beyond the implementation of what i put in the list to have a complete identification system. and as for the login, is symfony totally taking care of that ? - Sébastien
That depends - you basically have to implement a user provider so Symfony can use that for the login. Check out symfony.com/doc/current/cookbook/security/custom_provider.html and symfony.com/doc/current/cookbook/security/entity_provider.html and - Jason Roman

1 Answers

0
votes

You can follow the tutorial: How to Load Security Users from the Database.

Basically you need:

  • Custom user class (which you have)
  • Configure the Symfony Security component (probably missing)
  • (optional) Custom user provider

Here is the security.yml example from the tutorial mentioned above:

# app/config/security.yml
security:
    encoders:
        AppBundle\Entity\User:
            algorithm: bcrypt

    # ...

    providers:
        our_db_provider:
            entity:
                class: AppBundle:User
                property: username
                # if you're using multiple entity managers
                # manager_name: customer

    firewalls:
        default:
            pattern:    ^/
            http_basic: ~
            provider: our_db_provider

    # ...

Your Login form seems to be correct so it should work with the right Security configuration.