T
T
TANK_IST2017-08-14 19:04:00
symfony
TANK_IST, 2017-08-14 19:04:00

Why do I always get Invalid credentials when I log in?

After registering, I try to log in, but I always get Invalid credentials.
security.yml

security:
    encoders:
        OwrBundle\Entity\User:
            algorithm: bcrypt

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    providers:
        main:
            entity: { class: OwrBundle\Entity\User, property: username }

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            pattern: ^/
            form_login:
                check_path: /login_check
                login_path: /login
                csrf_token_generator: security.csrf.token_manager
                default_target_path: admin
            logout:
                path:   /logout
                target: /
            anonymous: true
            security: true

    access_control:
        - { path: /admin/.*, role: ROLE_ADMIN }
        - { path: /.*, role: IS_AUTHENTICATED_ANONYMOUSLY }

LoginController.php
<?php
namespace OwrBundle\Controller;

use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\Security;

class LoginController extends Controller
{
    public function showAction(Request $request)
    {
        if ($request->attributes->has(Security::AUTHENTICATION_ERROR)) {
            $error = $request->attributes->get(Security::AUTHENTICATION_ERROR);
        } else {
            $error = $request->getSession()->get(Security::AUTHENTICATION_ERROR);
        }

        return $this->render('OwrBundle:Page:login.html.twig', array(
            'last_username' => $request->getSession()->get(Security::LAST_USERNAME),
            'error' => $error
        ));
    }
}

RegisterController.php
<?php
namespace OwrBundle\Controller;

use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\{ Request, Response };
use OwrBundle\Entity\{ Role, User };
use Symfony\Component\Filesystem\{ Filesystem, Exception\IOExceptionInterface };

class RegisterController extends Controller
{
    public function createAction(Request $request)
    {
        $user = new User;
        $factory = $this->get('security.encoder_factory');
        $encoder = $factory->getEncoder($user);

        //...

        $password = $encoder->encodePassword($user, $user->getPlainPassword());
        $user->setPassword($password);

        //...

        return new Response('Ok');
    }
}

dev.log
[2017-08-14 18:05:57] request.INFO: Matched route "_security_check". {"route":"_security_check","route_parameters":{"_route":"_security_check"},"request_uri":"http://127.0.0.1:8000/login_check","method":"POST"} []
[2017-08-14 18:05:57] doctrine.DEBUG: SELECT t0.user_id AS user_id_1, t0.email AS email_2, t0.password AS password_3, t0.fname AS fname_4, t0.sname AS sname_5, t0.gender AS gender_6, t0.birth AS birth_7, t0.phone AS phone_8, t0.about AS about_9, t0.city_id AS city_id_10, t0.address AS address_11, t0.passport AS passport_12, t0.created AS created_13, t0.avatar AS avatar_14, t0.partner AS partner_15, t0.balance AS balance_16, t0.verified AS verified_17, t0.passport_verified AS passport_verified_18, t0.email_verified AS email_verified_19, t0.phone_verified AS phone_verified_20, t0.rating_owner AS rating_owner_21, t0.rating_passport AS rating_passport_22, t0.rating_partner AS rating_partner_23, t0.is_active AS is_active_24 FROM "user" t0 WHERE t0.email = ? LIMIT 1 ["[email protected]"] []
[2017-08-14 18:05:59] security.INFO: Authentication request failed. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\BadCredentialsException(code: 0): Bad credentials. at /Users/viktor/symfony/owr/vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php:90, Symfony\\Component\\Security\\Core\\Exception\\BadCredentialsException(code: 0): The presented password is invalid. at /Users/viktor/symfony/owr/vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authentication/Provider/DaoAuthenticationProvider.php:67)"} []
[2017-08-14 18:05:59] security.DEBUG: Authentication failure, redirect triggered. {"failure_path":"/login"} []
[2017-08-14 18:06:00] request.INFO: Matched route "_security_login". {"route":"_security_login","route_parameters":{"_controller":"OwrBundle\\Controller\\LoginController::showAction","_route":"_security_login"},"request_uri":"http://127.0.0.1:8000/login","method":"GET"} []
[2017-08-14 18:06:00] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
[2017-08-14 18:06:00] request.INFO: Matched route "_assetic_1956b98_0". {"route":"_assetic_1956b98_0","route_parameters":{"_controller":"assetic.controller:render","name":"1956b98","pos":0,"_format":"css","_route":"_assetic_1956b98_0"},"request_uri":"http://127.0.0.1:8000/asset/style_bootstrap.min_1.css","method":"GET"} []
[2017-08-14 18:06:00] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
[2017-08-14 18:06:00] request.INFO: Matched route "_assetic_1956b98_1". {"route":"_assetic_1956b98_1","route_parameters":{"_controller":"assetic.controller:render","name":"1956b98","pos":1,"_format":"css","_route":"_assetic_1956b98_1"},"request_uri":"http://127.0.0.1:8000/asset/style_style_2.css","method":"GET"} []
[2017-08-14 18:06:00] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
[2017-08-14 18:06:00] request.INFO: Matched route "_assetic_a6a2f7e_0". {"route":"_assetic_a6a2f7e_0","route_parameters":{"_controller":"assetic.controller:render","name":"a6a2f7e","pos":0,"_format":"js","_route":"_assetic_a6a2f7e_0"},"request_uri":"http://127.0.0.1:8000/asset/app_jquery_1.js","method":"GET"} []
[2017-08-14 18:06:01] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
[2017-08-14 18:06:01] request.INFO: Matched route "_assetic_a6a2f7e_1". {"route":"_assetic_a6a2f7e_1","route_parameters":{"_controller":"assetic.controller:render","name":"a6a2f7e","pos":1,"_format":"js","_route":"_assetic_a6a2f7e_1"},"request_uri":"http://127.0.0.1:8000/asset/app_ion.rangeSlider.min_2.js","method":"GET"} []
[2017-08-14 18:06:01] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
[2017-08-14 18:06:01] request.INFO: Matched route "_assetic_a6a2f7e_2". {"route":"_assetic_a6a2f7e_2","route_parameters":{"_controller":"assetic.controller:render","name":"a6a2f7e","pos":2,"_format":"js","_route":"_assetic_a6a2f7e_2"},"request_uri":"http://127.0.0.1:8000/asset/app_jquery.datetimepicker.min_3.js","method":"GET"} []
[2017-08-14 18:06:01] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
[2017-08-14 18:06:01] request.INFO: Matched route "_assetic_a6a2f7e_3". {"route":"_assetic_a6a2f7e_3","route_parameters":{"_controller":"assetic.controller:render","name":"a6a2f7e","pos":3,"_format":"js","_route":"_assetic_a6a2f7e_3"},"request_uri":"http://127.0.0.1:8000/asset/app_app_4.js","method":"GET"} []
[2017-08-14 18:06:01] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
[2017-08-14 18:06:02] request.INFO: Matched route "_wdt". {"route":"_wdt","route_parameters":{"_controller":"web_profiler.controller.profiler:toolbarAction","token":"4d54bc","_route":"_wdt"},"request_uri":"http://127.0.0.1:8000/_wdt/4d54bc","method":"GET"} []

I do not use salt because the bcrypt encoding algorithm.
How to fix it? Thank you.

Answer the question

In order to leave comments, you need to log in

1 answer(s)
T
TANK_IST, 2017-08-14
@TANK_IST

Found the problem.

$password = $encoder->encodePassword($user, $user->getPlainPassword());
        $user->setPassword($password);

needs to be replaced with
$password = $encoder->encodePassword($user->getPlainPassword(), $user->getSalt());
        $user->setPassword($password);

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question