06.
Authenticator: getUser, checkCredentials & Success/Failure
Keep on Learning!
If you liked what you've learned so far, dive in! Subscribe to get access to this tutorial plus video, code and script downloads.
If you liked what you've learned so far, dive in! Subscribe to get access to this tutorial plus video, code and script downloads.
Whoops, an error! Please, try again later.
10 Comments
when using $this->getUser() getting this error
The Acme\ApiBundle\Security\JwtTokenAuthenticator::getUser() method must return a UserInterface. You returned Acme\ApiBundle\Entity\User.
when implement UserInterface in my User entity I get a null response from $this->getUser()
how to solve this?
Hi sunil kumar!
Hmm. So first, yes, your
Acme\ApiBundle\Entity\Userclass must implement UserInterface. It's just one of the rules for security: whatever object you return from the security system (viagetUser()in your authenticator) must be an object that implements this interface.This is odd. The fact that you got the previous error:
tells me that your authenticator's getUser() method IS successfully returning the
Acme\ApiBundle\Entity\Userobject. So it's odd that, as soon as you add an interface to that object, it is not set into the security system. Basically, something weird is happening. Here is what I would do:A) Add the UserInterface. You need this.
B) Verify that you are returning a User object from your authenticator's getUser() method. I would do something like this temporarily:
C) Verify that your authenticator's getCredentials() method returns true - it will literally be
return true;.D) Verify (by placing a temporary
dd('here!');) that theonAuthenticationSuccess()method in your authenticator IS being called. We want to make sure that authentication WAS successful.Let me know if this helps you find anything :).
Cheers!
Hi, I really enjoy the learning videos.
I'd like to know the following.
How do you get the green extra information (formFactory : \Symfony\ ...) in PHPStorm
Tutorial at 4:38?
Thank you
Hey Florian!
That's almost definitely from the PhpStorm Symfony plugin - make sure you've got it installed AND enabled on this project. It's a bit outdated now, but we talk about it on this tutorial: https://symfonycasts.com/sc...
Cheers!
I have a problem ERR_TOO_MANY_REDIRECTS in Chrome. I am using Symfony 3.4.10.
What is happening is that when I log in for the first time using POST, my authenticator guard in the $this->_security->getUser() (using the Supports method). is NULL which is correct and it authenticates and redirects to WelcomeController (using the onAuthenticationSuccess method). Up until here it's working fine. Upon redirection in the authenticator guard the $this->_security->getUser() is NULL AGAIN even though I have already logged in and thus it authenticates again which causes to go to LoginController (using the getLoginUrl method) where here again just because I have a logic that if session variable userId exists it should be redirected to WelcomeController. This goes forever.
Shouldn't the value $this->_security->getUser() be other than null upon my second redirection since I have already log in?
Here is the code below.
In my authenticator guard the first function.
in my SecurityController.php
and security.yml
Any advice?
Hey Alexandros_Spyropoulos!
Apologies for my slow reply! So.... hmm, this is a mystery! First, yes,
$this->_security->getUser()should return the User object once your User is authenticated. The idea behind your code here is correct! So, here is my guess: after you redirect, you are somehow losing authentication. This is actually something that can happen if your code isn't setup quite correctly. Basically, you authenticate, redirect, but then there is a problem reloading your User object from the session.Here is how you can see if this is your problem. In loginAction, instead of checking for
$session = $this->get('session');, do the same check that you have in your authenticator - get thesecurityservice and callgetUser(). If I am correct, you will find that you are being immediately logged out, and so, this will now render the login form.IF this is your problem, let me know: the issue is with the serialization of your User object. If you have a serialize() method on your User class, that could be the problem. The temporary fix would be to implement an
EquatableInterfaceon your user, which requires you to add a newisEqualTo(UserInterface $usermethod. Try returningtruefrom this. If it fixes your problem, then my guess is right. Let me know, and then we can talk about the correct solution.But, if I'm totally wrong, also let me know!
Cheers!
Hi Ryan,
First of all thank you for you reply!
Secondly I did the test that you asked and I also did the whole cycle noticing the security getUser() value. There are happening 3 redirects before accessing Security Controller and loginAction. First is the credentials post, here $this->_security->getUser() is NULL so authentication goes on. On authentication success I should be redirected to WelcomeController again authenticator starts and the $this->_security->getUser() IS AGAIN NULL so I am redirecting back to LoginController. Now in authenticator this time the $this->_security->getUser() has the authenticated user object so no authentication takes place and I am redirecting straight to my LoginController. Here I used the same service as in my authenticator $this->get('security.helper')->getUser() and the user object exists! However due to my session logic I redirect back to WelcomeController. I am again inside authenticator and guess what...? $this->_security->getUser() is NULL AGAIN so I am redirecting back to LoginController to see that $this->get('security.helper')->getUser() has the user. I hope I didn't make you feel dizzy :)
So as you see it seems like something is writing and deleting the security getUser? Also there isn't any serialize() method on my User Class. If you need to provide any extra code please let me know!
Thanks again for your help
Hey @alexandrosspylitopoulos!
Hmm, this is indeed very strange! It's very strange that after the first redirect, you are not authenticated (not user) and then after the second redirect, you are authenticated. Basically, something *very* strange is happening, and I would recommend removing as much code as you can to try to find the problem. A few questions:
A) Did you try to implement EquatableInterface on your User and return true from isEqualTo()? I don't think this will fix the problem, but we need to try it to be sure.
B) Do you have just 1 authenticator or other authenticators?
C) Can you post your security.yml file and authenticator code?
Cheers!
Hey @weaverryan ,
I solved the problem. I didn't need to follow any of the steps provided.
As it seems the problem was most probably due to having two firewalls set up instead of one.
If you check I had the login and the admin firewall so that mean two provider keys. The two provider keys means two different tokens ( check createAuthenticatedToken(UserInterface $user, $providerKey) at GuardAuthenticatorInterface ) and two different session variables. So when I was logged in the first time my request was routing via login firewall ($providerKey) it was creating a token that was then stored in session under key _security_login ( session key pattern is _security_$providerKey). The second time my request was routing through the admin firewall ($providerKey) and was try to find in the session key _security_admin which was empty and thus failing to get the serialized token that contained the User object.
What I did was to creating one firewall and then use the access_control correctly as I had to do from the beginning I suppose :P nevertheless thank you so much for your support!
Hey @alexandrosspylitopoulos!
Bah! Good fix! That was my fault - I completely missed the fact that you had two firewalls! And yes, I like your solution: you rarely need 2 real firewalls.
Thanks for updating me on the fix!
"Houston: no signs of life"
Start the conversation!