Autenticación
Versión 4 (Guillermo Zdanowicz, 05/10/2015 18:57)
1 | 1 | Guillermo Zdanowicz | h1. Autenticación |
---|---|---|---|
2 | 1 | Guillermo Zdanowicz | |
3 | 2 | Guillermo Zdanowicz | Referencia: http://symfony.com/doc/current/cookbook/security/entity_provider.html |
4 | 2 | Guillermo Zdanowicz | |
5 | 1 | Guillermo Zdanowicz | Creo el archivo |
6 | 1 | Guillermo Zdanowicz | |
7 | 1 | Guillermo Zdanowicz | src/AppBundle/Entity/User.php |
8 | 1 | Guillermo Zdanowicz | |
9 | 1 | Guillermo Zdanowicz | con el codigo siguiente |
10 | 1 | Guillermo Zdanowicz | |
11 | 1 | Guillermo Zdanowicz | <pre> |
12 | 1 | Guillermo Zdanowicz | <?php |
13 | 1 | Guillermo Zdanowicz | // src/AppBundle/Entity/User.php |
14 | 1 | Guillermo Zdanowicz | namespace AppBundle\Entity; |
15 | 1 | Guillermo Zdanowicz | |
16 | 1 | Guillermo Zdanowicz | use Doctrine\ORM\Mapping as ORM; |
17 | 1 | Guillermo Zdanowicz | use Symfony\Component\Security\Core\User\UserInterface; |
18 | 1 | Guillermo Zdanowicz | |
19 | 1 | Guillermo Zdanowicz | /** |
20 | 1 | Guillermo Zdanowicz | * @ORM\Table(name="app_users") |
21 | 1 | Guillermo Zdanowicz | * @ORM\Entity(repositoryClass="AppBundle\Entity\UserRepository") |
22 | 1 | Guillermo Zdanowicz | */ |
23 | 1 | Guillermo Zdanowicz | class User implements UserInterface, \Serializable |
24 | 1 | Guillermo Zdanowicz | { |
25 | 1 | Guillermo Zdanowicz | /** |
26 | 1 | Guillermo Zdanowicz | * @ORM\Column(type="integer") |
27 | 1 | Guillermo Zdanowicz | * @ORM\Id |
28 | 1 | Guillermo Zdanowicz | * @ORM\GeneratedValue(strategy="AUTO") |
29 | 1 | Guillermo Zdanowicz | */ |
30 | 1 | Guillermo Zdanowicz | private $id; |
31 | 1 | Guillermo Zdanowicz | |
32 | 1 | Guillermo Zdanowicz | /** |
33 | 1 | Guillermo Zdanowicz | * @ORM\Column(type="string", length=25, unique=true) |
34 | 1 | Guillermo Zdanowicz | */ |
35 | 1 | Guillermo Zdanowicz | private $username; |
36 | 1 | Guillermo Zdanowicz | |
37 | 1 | Guillermo Zdanowicz | /** |
38 | 1 | Guillermo Zdanowicz | * @ORM\Column(type="string", length=64) |
39 | 1 | Guillermo Zdanowicz | */ |
40 | 1 | Guillermo Zdanowicz | private $password; |
41 | 1 | Guillermo Zdanowicz | |
42 | 1 | Guillermo Zdanowicz | /** |
43 | 1 | Guillermo Zdanowicz | * @ORM\Column(type="string", length=60, unique=true) |
44 | 1 | Guillermo Zdanowicz | */ |
45 | 1 | Guillermo Zdanowicz | private $email; |
46 | 1 | Guillermo Zdanowicz | |
47 | 1 | Guillermo Zdanowicz | /** |
48 | 1 | Guillermo Zdanowicz | * @ORM\Column(name="is_active", type="boolean") |
49 | 1 | Guillermo Zdanowicz | */ |
50 | 1 | Guillermo Zdanowicz | private $isActive; |
51 | 1 | Guillermo Zdanowicz | |
52 | 1 | Guillermo Zdanowicz | public function __construct() |
53 | 1 | Guillermo Zdanowicz | { |
54 | 1 | Guillermo Zdanowicz | $this->isActive = true; |
55 | 1 | Guillermo Zdanowicz | // may not be needed, see section on salt below |
56 | 1 | Guillermo Zdanowicz | // $this->salt = md5(uniqid(null, true)); |
57 | 1 | Guillermo Zdanowicz | } |
58 | 1 | Guillermo Zdanowicz | |
59 | 1 | Guillermo Zdanowicz | public function getUsername() |
60 | 1 | Guillermo Zdanowicz | { |
61 | 1 | Guillermo Zdanowicz | return $this->username; |
62 | 1 | Guillermo Zdanowicz | } |
63 | 1 | Guillermo Zdanowicz | |
64 | 1 | Guillermo Zdanowicz | public function getSalt() |
65 | 1 | Guillermo Zdanowicz | { |
66 | 1 | Guillermo Zdanowicz | // you *may* need a real salt depending on your encoder |
67 | 1 | Guillermo Zdanowicz | // see section on salt below |
68 | 1 | Guillermo Zdanowicz | return null; |
69 | 1 | Guillermo Zdanowicz | } |
70 | 1 | Guillermo Zdanowicz | |
71 | 1 | Guillermo Zdanowicz | public function getPassword() |
72 | 1 | Guillermo Zdanowicz | { |
73 | 1 | Guillermo Zdanowicz | return $this->password; |
74 | 1 | Guillermo Zdanowicz | } |
75 | 1 | Guillermo Zdanowicz | |
76 | 1 | Guillermo Zdanowicz | public function getRoles() |
77 | 1 | Guillermo Zdanowicz | { |
78 | 1 | Guillermo Zdanowicz | return array('ROLE_USER'); |
79 | 1 | Guillermo Zdanowicz | } |
80 | 1 | Guillermo Zdanowicz | |
81 | 1 | Guillermo Zdanowicz | public function eraseCredentials() |
82 | 1 | Guillermo Zdanowicz | { |
83 | 1 | Guillermo Zdanowicz | } |
84 | 1 | Guillermo Zdanowicz | |
85 | 1 | Guillermo Zdanowicz | /** @see \Serializable::serialize() */ |
86 | 1 | Guillermo Zdanowicz | public function serialize() |
87 | 1 | Guillermo Zdanowicz | { |
88 | 1 | Guillermo Zdanowicz | return serialize(array( |
89 | 1 | Guillermo Zdanowicz | $this->id, |
90 | 1 | Guillermo Zdanowicz | $this->username, |
91 | 1 | Guillermo Zdanowicz | $this->password, |
92 | 1 | Guillermo Zdanowicz | // see section on salt below |
93 | 1 | Guillermo Zdanowicz | // $this->salt, |
94 | 1 | Guillermo Zdanowicz | )); |
95 | 1 | Guillermo Zdanowicz | } |
96 | 1 | Guillermo Zdanowicz | |
97 | 1 | Guillermo Zdanowicz | /** @see \Serializable::unserialize() */ |
98 | 1 | Guillermo Zdanowicz | public function unserialize($serialized) |
99 | 1 | Guillermo Zdanowicz | { |
100 | 1 | Guillermo Zdanowicz | list ( |
101 | 1 | Guillermo Zdanowicz | $this->id, |
102 | 1 | Guillermo Zdanowicz | $this->username, |
103 | 1 | Guillermo Zdanowicz | $this->password, |
104 | 1 | Guillermo Zdanowicz | // see section on salt below |
105 | 1 | Guillermo Zdanowicz | // $this->salt |
106 | 1 | Guillermo Zdanowicz | ) = unserialize($serialized); |
107 | 1 | Guillermo Zdanowicz | } |
108 | 1 | Guillermo Zdanowicz | } |
109 | 1 | Guillermo Zdanowicz | </pre> |
110 | 1 | Guillermo Zdanowicz | |
111 | 1 | Guillermo Zdanowicz | Luego ejecuto la sentencia |
112 | 1 | Guillermo Zdanowicz | |
113 | 1 | Guillermo Zdanowicz | php app/console doctrine:generate:entities AppBundle/Entity/User |
114 | 1 | Guillermo Zdanowicz | |
115 | 1 | Guillermo Zdanowicz | Traslado el a la base de datos |
116 | 1 | Guillermo Zdanowicz | |
117 | 1 | Guillermo Zdanowicz | php app/console doctrine:schema:update --force |
118 | 2 | Guillermo Zdanowicz | |
119 | 2 | Guillermo Zdanowicz | INSERT INTO `jobeet`.`app_users` (`id`, `username`, `password`, `email`, `is_active`) VALUES (NULL, 'admin', MD5('admin'), 'ingguillermoz@gmail.com', '1'); |
120 | 2 | Guillermo Zdanowicz | |
121 | 2 | Guillermo Zdanowicz | <pre> |
122 | 2 | Guillermo Zdanowicz | php app/console security:encode-password admin 'AppBundle\Entity\User' |
123 | 2 | Guillermo Zdanowicz | |
124 | 2 | Guillermo Zdanowicz | Symfony Password Encoder Utility |
125 | 2 | Guillermo Zdanowicz | ================================ |
126 | 2 | Guillermo Zdanowicz | |
127 | 2 | Guillermo Zdanowicz | ------------------ --------------------------------------------------------------- |
128 | 2 | Guillermo Zdanowicz | Key Value |
129 | 2 | Guillermo Zdanowicz | ------------------ --------------------------------------------------------------- |
130 | 2 | Guillermo Zdanowicz | Encoder used Symfony\Component\Security\Core\Encoder\BCryptPasswordEncoder |
131 | 2 | Guillermo Zdanowicz | Encoded password $2y$13$uXR5DGA7EMAg3QLaeaIYP.3a4dVdOvgDLCEqnNQwfUgz72uBMB1kW |
132 | 2 | Guillermo Zdanowicz | ------------------ --------------------------------------------------------------- |
133 | 2 | Guillermo Zdanowicz | Se tomo el valor generado y se almaceno en la password del usuario y la tomo |
134 | 2 | Guillermo Zdanowicz | |
135 | 3 | Guillermo Zdanowicz | $2y$13$uXR5DGA7EMAg3QLaeaIYP.3a4dVdOvgDLCEqnNQwfUgz72uBMB1kW -> este codigo lo llevo a la base de datos |
136 | 2 | Guillermo Zdanowicz | |
137 | 2 | Guillermo Zdanowicz | ! [NOTE] Bcrypt encoder used: the encoder generated its own built-in salt. |
138 | 2 | Guillermo Zdanowicz | |
139 | 2 | Guillermo Zdanowicz | |
140 | 2 | Guillermo Zdanowicz | [OK] Password encoding succeeded |
141 | 1 | Guillermo Zdanowicz | |
142 | 3 | Guillermo Zdanowicz | </pre> |
143 | 3 | Guillermo Zdanowicz | |
144 | 3 | Guillermo Zdanowicz | |
145 | 3 | Guillermo Zdanowicz | <pre> |
146 | 3 | Guillermo Zdanowicz | UPDATE `jobeet`.`app_users` SET `password` = '$2y$13$uXR5DGA7EMAg3QLaeaIYP.3a4dVdOvgDLCEqnNQwfUgz72uBMB1kW' WHERE `app_users`.`id` =1; |
147 | 3 | Guillermo Zdanowicz | |
148 | 2 | Guillermo Zdanowicz | </pre> |
149 | 4 | Guillermo Zdanowicz | |
150 | 4 | Guillermo Zdanowicz | Para excluir usuarios inactivos se modifica y agrega metodos |
151 | 4 | Guillermo Zdanowicz | |
152 | 4 | Guillermo Zdanowicz | <pre> |
153 | 4 | Guillermo Zdanowicz | // src/AppBundle/Entity/User.php |
154 | 4 | Guillermo Zdanowicz | |
155 | 4 | Guillermo Zdanowicz | use Symfony\Component\Security\Core\User\AdvancedUserInterface; |
156 | 4 | Guillermo Zdanowicz | // ... |
157 | 4 | Guillermo Zdanowicz | |
158 | 4 | Guillermo Zdanowicz | class User implements AdvancedUserInterface, \Serializable |
159 | 4 | Guillermo Zdanowicz | { |
160 | 4 | Guillermo Zdanowicz | // ... |
161 | 4 | Guillermo Zdanowicz | |
162 | 4 | Guillermo Zdanowicz | public function isAccountNonExpired() |
163 | 4 | Guillermo Zdanowicz | { |
164 | 4 | Guillermo Zdanowicz | return true; |
165 | 4 | Guillermo Zdanowicz | } |
166 | 4 | Guillermo Zdanowicz | |
167 | 4 | Guillermo Zdanowicz | public function isAccountNonLocked() |
168 | 4 | Guillermo Zdanowicz | { |
169 | 4 | Guillermo Zdanowicz | return true; |
170 | 4 | Guillermo Zdanowicz | } |
171 | 4 | Guillermo Zdanowicz | |
172 | 4 | Guillermo Zdanowicz | public function isCredentialsNonExpired() |
173 | 4 | Guillermo Zdanowicz | { |
174 | 4 | Guillermo Zdanowicz | return true; |
175 | 4 | Guillermo Zdanowicz | } |
176 | 4 | Guillermo Zdanowicz | |
177 | 4 | Guillermo Zdanowicz | public function isEnabled() |
178 | 4 | Guillermo Zdanowicz | { |
179 | 4 | Guillermo Zdanowicz | return $this->isActive; |
180 | 4 | Guillermo Zdanowicz | } |
181 | 4 | Guillermo Zdanowicz | |
182 | 4 | Guillermo Zdanowicz | // serialize and unserialize must be updated - see below |
183 | 4 | Guillermo Zdanowicz | public function serialize() |
184 | 4 | Guillermo Zdanowicz | { |
185 | 4 | Guillermo Zdanowicz | return serialize(array( |
186 | 4 | Guillermo Zdanowicz | // ... |
187 | 4 | Guillermo Zdanowicz | $this->isActive |
188 | 4 | Guillermo Zdanowicz | )); |
189 | 4 | Guillermo Zdanowicz | } |
190 | 4 | Guillermo Zdanowicz | public function unserialize($serialized) |
191 | 4 | Guillermo Zdanowicz | { |
192 | 4 | Guillermo Zdanowicz | list ( |
193 | 4 | Guillermo Zdanowicz | // ... |
194 | 4 | Guillermo Zdanowicz | $this->isActive |
195 | 4 | Guillermo Zdanowicz | ) = unserialize($serialized); |
196 | 4 | Guillermo Zdanowicz | } |
197 | 4 | Guillermo Zdanowicz | } |
198 | 4 | Guillermo Zdanowicz | </pre> |
199 | 4 | Guillermo Zdanowicz | |
200 | 4 | Guillermo Zdanowicz | Tambien se crean 3 metodos |
201 | 4 | Guillermo Zdanowicz | |
202 | 4 | Guillermo Zdanowicz | <pre> |
203 | 4 | Guillermo Zdanowicz | // src/AppBundle/Entity/UserRepository.php |
204 | 4 | Guillermo Zdanowicz | namespace AppBundle\Entity; |
205 | 4 | Guillermo Zdanowicz | |
206 | 4 | Guillermo Zdanowicz | use Symfony\Component\Security\Core\User\UserInterface; |
207 | 4 | Guillermo Zdanowicz | use Symfony\Component\Security\Core\User\UserProviderInterface; |
208 | 4 | Guillermo Zdanowicz | use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; |
209 | 4 | Guillermo Zdanowicz | use Symfony\Component\Security\Core\Exception\UnsupportedUserException; |
210 | 4 | Guillermo Zdanowicz | use Doctrine\ORM\EntityRepository; |
211 | 4 | Guillermo Zdanowicz | |
212 | 4 | Guillermo Zdanowicz | class UserRepository extends EntityRepository implements UserProviderInterface |
213 | 4 | Guillermo Zdanowicz | { |
214 | 4 | Guillermo Zdanowicz | public function loadUserByUsername($username) |
215 | 4 | Guillermo Zdanowicz | { |
216 | 4 | Guillermo Zdanowicz | $user = $this->createQueryBuilder('u') |
217 | 4 | Guillermo Zdanowicz | ->where('u.username = :username OR u.email = :email') |
218 | 4 | Guillermo Zdanowicz | ->setParameter('username', $username) |
219 | 4 | Guillermo Zdanowicz | ->setParameter('email', $username) |
220 | 4 | Guillermo Zdanowicz | ->getQuery() |
221 | 4 | Guillermo Zdanowicz | ->getOneOrNullResult(); |
222 | 4 | Guillermo Zdanowicz | |
223 | 4 | Guillermo Zdanowicz | if (null === $user) { |
224 | 4 | Guillermo Zdanowicz | $message = sprintf( |
225 | 4 | Guillermo Zdanowicz | 'Unable to find an active admin AppBundle:User object identified by "%s".', |
226 | 4 | Guillermo Zdanowicz | $username |
227 | 4 | Guillermo Zdanowicz | ); |
228 | 4 | Guillermo Zdanowicz | throw new UsernameNotFoundException($message); |
229 | 4 | Guillermo Zdanowicz | } |
230 | 4 | Guillermo Zdanowicz | |
231 | 4 | Guillermo Zdanowicz | return $user; |
232 | 4 | Guillermo Zdanowicz | } |
233 | 4 | Guillermo Zdanowicz | |
234 | 4 | Guillermo Zdanowicz | public function refreshUser(UserInterface $user) |
235 | 4 | Guillermo Zdanowicz | { |
236 | 4 | Guillermo Zdanowicz | $class = get_class($user); |
237 | 4 | Guillermo Zdanowicz | if (!$this->supportsClass($class)) { |
238 | 4 | Guillermo Zdanowicz | throw new UnsupportedUserException( |
239 | 4 | Guillermo Zdanowicz | sprintf( |
240 | 4 | Guillermo Zdanowicz | 'Instances of "%s" are not supported.', |
241 | 4 | Guillermo Zdanowicz | $class |
242 | 4 | Guillermo Zdanowicz | ) |
243 | 4 | Guillermo Zdanowicz | ); |
244 | 4 | Guillermo Zdanowicz | } |
245 | 4 | Guillermo Zdanowicz | |
246 | 4 | Guillermo Zdanowicz | return $this->find($user->getId()); |
247 | 4 | Guillermo Zdanowicz | } |
248 | 4 | Guillermo Zdanowicz | |
249 | 4 | Guillermo Zdanowicz | public function supportsClass($class) |
250 | 4 | Guillermo Zdanowicz | { |
251 | 4 | Guillermo Zdanowicz | return $this->getEntityName() === $class |
252 | 4 | Guillermo Zdanowicz | || is_subclass_of($class, $this->getEntityName()); |
253 | 4 | Guillermo Zdanowicz | } |
254 | 4 | Guillermo Zdanowicz | } |
255 | 4 | Guillermo Zdanowicz | </pre> |
256 | 4 | Guillermo Zdanowicz | |
257 | 4 | Guillermo Zdanowicz | Como paso final se retira de security.yml |
258 | 4 | Guillermo Zdanowicz | |
259 | 4 | Guillermo Zdanowicz | <pre> |
260 | 4 | Guillermo Zdanowicz | property: username |
261 | 4 | Guillermo Zdanowicz | </pre> |