My Symfony version is: 3.0.6
I'm fighting from few hours with authentication. I have form with login & password.
My security.yml looks:
security:
encoders:
MainListBundle\Entity\User:
algorithm: bcrypt
providers:
default:
entity:
class: MainListBundle:User
property: username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
my_app:
pattern: ^/
anonymous: ~
form_login:
login_path: /login
check_path: /login_check
default_target_path: main_list_homepage
logout:
path: /logout
target: main_list_login
Form can show me if username does not exist in database. But If I put some password (wrong as well) I have infinite loop on "check_path" URL.
Fields on login form are correct: _username and _password. Form "action" is the same as "check_path" in security.
What I made wrong... It is very weird because all is like on the tutorials.
Controller:
<?php
namespace MainListBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Session\Session;
class LoginController extends Controller
{
public function indexAction(Request $Request)
{
$auth = $this->get('security.authentication_utils');
$error = $auth->getLastAuthenticationError();
$username = $auth->getLastUserName();
return $this->render('MainListBundle:Login:login.html.twig', array(
'loginError' => $error,
'username' => $username
));
}
Routing.yml
main_list_sort:
path: /MainList/sort/{field}
defaults: { _controller: MainListBundle:Default:sort }
main_list_search:
path: /MainList/search
defaults: { _controller: MainListBundle:Default:search }
main_list_clear_search:
path: /MainList/clearSearch
defaults: { _controller: MainListBundle:Default:clearSearch }
main_list_pdfGenerateRecordsList:
path: /MainList/pdfGenerateRecordsList
defaults: { _controller: MainListBundle:Default:pdfGenerateRecordsList }
main_list_homepage:
path: /MainList/{page}
defaults: { _controller: MainListBundle:Default:index, page: 1 }
main_list_login:
path: /login
defaults: { _controller: MainListBundle:Login:index }
main_list_login_check:
path: /login_check
main_list_logout:
path: /logout
defaults: { _controller: MainListBundle:Login:logout }
main_list_add_users:
path: /addusers
defaults: { _controller: MainListBundle:Login:addUsers }
Form view:
{% extends "::base.html.twig" %}
{% block menu %}{% endblock %}
{% block content %}
<center>
{% if loginError is defined and loginError is not null %}
<div class="alert alert-danger">{{ loginError.messageKey }}</div>
{% endif %}
<form action="{{ path('main_list_login_check') }}" method="POST">
<table style="width: 600px">
<tr>
<td>Login:</td>
<td>
<input type="text" name="_username" value="{{ username }}"/>
</td>
</tr>
<tr>
<td>Password:</td>
<td>
<input type="password" name="_password" value=""/>
</td>
</tr>
<tr>
<td></td>
<td>
<input type="submit" value="Zaloguj"/>
</td>
</tr>
</table>
</form>
</center>
{% endblock %}
check_path: /login_checkand then try to changedefault_target_path: main_list_loginnot to login page, you are redirecting to login page again after login - Denis Alimov