Use Neo4j with FOSUserBundle in Symfony2

1
votes

I am trying to adjust FOSUserBundle to work with my Neo4j database and I cant seem to get it working. After a long time of trying to implement my own usersystem without any luck (Setting up NEO4j in Symfony2), I started trying to use the FOSUserBundle.

I have used following articles and repositories:

https://github.com/ikwattro/Neo4jUserBundle I have taken this and copied all of the files into my UserBundle. I have changed the namespaces.

I have taken the graph manager from here: https://github.com/ikwattro/KwattroNeo4jOGMBundle

For the rest, I have followed the FOSUserBundle documentation.

Now, when I go to the registration form, all fields appear and I can fill in my prefered credentials. This works. After I click on submit I get redirected to the success page, on which a alert overlay is displayed:

An error occurred while loading the web debug toolbar (500: Internal Server Error).

Do you want to open the profiler?

If I then enter the profiler, I can see that I have successfully been authorized and logged in as the user that I just created. The data is also successfully saved in my neo4j database.

The problem now is that if I go to any other page of my Symfony project, I am logged in as Anonymous again. And If I go to the login page, the form is displayed correct, but it always says: Invalid credentials.

I am guessing, that their is something wrong with my sessions or my security?

This is my security.yml:

security: encoders: FOS\UserBundle\Model\UserInterface: bcrypt Neo4jUserBundle\Entity\User: bcrypt

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_ADMIN

providers:
    fos_userbundle:
        id: neo4j.user_provider.username    

firewalls:
    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_provider: security.csrf.token_manager
        logout:       true
        anonymous:    true

access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin/, role: ROLE_ADMIN }

I dont know if this information can help or is relevant, but in the profiler under "Request" right after registration (when the user is still authenticated correctly) this is the session information:

Session Metadata
Key           Value
Created       Tue, 21 Jul 15 17:27:34 +0200    
Last used     Tue, 21 Jul 15 17:27:34 +0200    
Lifetime      0

Session Attributes
Key                        Value
_csrf/authenticate         A_H4Ul1XHFYoxQdOirdmbBQRRCJ01Xh8EkGeC6Y7xw0    
_csrf/registration         OAXAXhfhcN6z0WekMN0fk8zg4ikk5uCCZBlvhy8DyVY    
_security.last_username    test    
_security_main             C:74:"Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken":444:{a:3:{i:0;N;i:1;s:4:"main";i:2;s:404:"a:4:{i:0;C:32:"neo4jProxyUserBundle_Entity_User":192:{a:9:{i:0;s:60:"$2y$13$e49oj61cdjk88kk040wg8exlwqVzbdQB5IVNG18Wqcbe.EW8KXi72";i:1;s:31:"e49oj61cdjk88kk040wg8kcc4cg40c4";i:2;s:4:"test";i:3;s:4:"test";i:4;b:0;i:5;b:0;i:6;b:0;i:7;b:1;i:8;i:66;}}i:1;b:1;i:2;a:1:{i:0;O:41:"Symfony\Component\Security\Core\Role\Role":1:{s:47:"Symfony\Component\Security\Core\Role\Rolerole";s:9:"ROLE_USER";}}i:3;a:0:{}}";}}

Flashes
Key               Value
success           [0 => registration.flash.user_created, 1 => registration.flash.user_created, 2 => registration.flash.user_created, 3 => registration.flash.user_created, 4 => registration.flash.user_created, 5 => registration.flash.user_created, 6 => registration.flash.user_created, 7 => registration.flash.user_created, 8 => registration.flash.user_created]

Any help or hints would be appreciated.

UPDATE [21.07.2015]

I have now created a repository: https://github.com/JoranBeaufort/Neo4jUserBundle (I hope this works, first time I have used GitHub)

My guess is that their is something off with the session handling?

Another thing to point out is, that the dependencyinjection does not seem to do anything. I must be missing a few vital things.

And here is the relevant part of my log file: deleted due to size

It would be greate to be able to offer a Neo4jUserBundle which works out of the box with FOSUserBundle and can be configured in the config-file of the symfony project. Great and vital would also be the authentication with the database (use username and password to connect to neo4j).

UPDATE [22.07.2015]

I have changed the bundlename and I think I have finally gotten the DependencyInjection to work. Im not quite sure but I think I had a problem with how I named my classes.

I have also tried what you suggested with findUserById. I have written a controller which takes the route myapp.com/neo4juser/debug/finduserbyid/{id} and then uses the findUserById-method to return the user. This is working. I have a user in my Neo4j-Database with an ID = 68 and an [email protected]. If i now enter myapp.com/neo4juser/debug/finduserbyid/68 the page is loaded displaying the right email of that user.

TWIG can be found here: https://github.com/JoranBeaufort/Neo4jUserBundle/blob/master/Resources/views/Debug/finduserbyid.html.twig

And the CONTROLLER here: https://github.com/JoranBeaufort/Neo4jUserBundle/blob/master/Controller/DebugController.php

The methods in the UserManager seem to be returnung the desired objects.

Does this help in figuring out why the login does not work in any way? Does the serialization have anything to do with the error or the encryption type? Or could it be something to do with the csrf? Any further hints?

UPDATE [23.07.2015]

When using in_memory as the provider and setting up an in_memory user, the login works. So now I have narrowed down the problem to to provider.

I am getting closer! Now the error in the dev.log file reads:

[2015-07-23 17:11:54] security.INFO: Authentication request failed. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\BadCredentialsException(code: 0): Bad credentials. at bla/vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php:73, Symfony\\Component\\Security\\Core\\Exception\\UsernameNotFoundException(code: 0): Username \"test\" does not exist. at bla/src/Neo4jUserBundle/Security/UserProvider.php:42)"} []

Important is the part Username \"test\" does not exist.I am guessing this means that something is not working in the user provider. Can anyone spot what the problem might be? The Provider which I am calling can be found here: https://github.com/JoranBeaufort/Neo4jUserBundle/tree/master/Security

2
symfonyneo4jfosuserbundle
do you have a repository where the code is available, there might be so much things playing here. Also can you please post the content of the logs file. thx - Christophe Willemsen
I have now added a repository and the most recent content of the log file. Kind Regards - Mfbaer
Thanks, and thanks for mentioning my name in the classes. It is hard to say like this, really. The logs are not really helpful too. Have you checked if the methods in the UserManager are returning anything, by just printing the return of findUserById or findUserByUsername for example - Christophe Willemsen
Thank you for your answer and no problem, I find that code deserves referencing just like articles and books. I have updated my question and my github again. The methods in the UserManager seem to be returnung the desired objects. - Mfbaer
It seems that the userprovider and not the usermanager has something wrong with it. Maybe I am forgetting to implement or extend something? have updated my question again. - Mfbaer

2 Answers

0
votes

Ok. I opened a PR for some tweaks, but I couldn't get the stuff working.

The tweaks I've done are adding the possibility to define a user and password for via the neo4j_user config, and load the services.yml file in the DI extension.

When I register a user, it is well created in the database. However for fetching a user, after some debug, I can see that the underlying client (neo4jphp combined with neo4j-php-ogm) are using the legacy indexes and it is throwing some errors at this stage.

I can not help further except to tell you to try to not use an ogm in the beginning and try with raw cypher queries.

I'm afraid trying to update both libraries used can be difficult in a first instance.

0
votes

I would say the problem, as of 27/12/2015, is that UserManager, at line 73, does not return the found user (is a void function). I have not tried it yet and can´t for a few days, and maybe it´s an answer not sought anymore, but I´m pretty sure that´s the problem.

IDEs won´t find it a problems due to the @return tag:

* Finds a user by username
 *
 * @param string $username
 *
 * @return UserInterface
 */
public function findUserByUsername($username)
{
    $this->findUserBy(array('usernameCanonical' => $this->canonicalizeUsername($username)));
}