How to implement authentication from database

Question

I've tried this for hours and hours but can't get it to work. Taken the Acme DemoBundle and added an entity called User:

Symfony/src/Acme/DemoBundle/Entity/User.php

With the content:

<?php
namespace Acme\DemoBundle\Entity;

use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface;

$fp = fopen('/var/www/html/hosts/Acme/Symfony/app/logs/data.txt', 'w');
fwrite($fp, 'file is included');


/**
 * Acme\DemoBundle\Entity\User
 *
 * @ORM\Table(name="jos_users")
 * @ORM\Entity
 */
class User implements UserInterface, \Serializable, PasswordEncoderInterface
{
    /**
     * @ORM\Column(type="integer")
     * @ORM\Id
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    private $id;

    /**
     * @ORM\Column(type="string", length=25, unique=true)
     */
    private $username;

    /**
     * @ORM\Column(type="string", length=64)
     */
    private $password;

    /**
     * @ORM\Column(type="string", length=60, unique=true)
     */
    private $email;

    /**
     * @ORM\Column(name="block", type="integer")
     */
    private $isActive;

    /**
     * @ORM\Column(type="string", length=32)
     */
    private $salt;

    /**
     * Get id
     *
     * @return integer 
     */
    public function getId()
    {
        return $this->id;
    }

    /**
     * Set username
     *
     * @param string $username
     * @return User
     */
    public function setUsername($username)
    {
        $this->username = $username;

        return $this;
    }

    /**
     * Get username
     *
     * @return string 
     */
    public function getUsername()
    {
        return $this->username;
    }

    /**
     * Set password
     *
     * @param string $password
     * @return User
     */
    public function setPassword($password)
    {
        $this->password = $password;

        return $this;
    }

    /**
     * Get password
     *
     * @return string 
     */
    public function getPassword()
    {
        $parts  = explode( ':', $this->password );
        return $parts[0];
    }

    /**
     * Set email
     *
     * @param string $email
     * @return User
     */
    public function setEmail($email)
    {
        $this->email = $email;

        return $this;
    }

    /**
     * Get email
     *
     * @return string 
     */
    public function getEmail()
    {
        return $this->email;
    }

    /**
     * Set isActive
     *
     * @param boolean $isActive
     * @return User
     */
    public function setIsActive($isActive)
    {
        $this->isActive = $isActive?1:0;

        return $this;
    }

    /**
     * Get isActive
     *
     * @return boolean 
     */
    public function getIsActive()
    {
        return !$this->block;
    }
    public function __construct()
    {
$fp = fopen('/var/www/html/hosts/Acme/Symfony/app/logs/data.txt', 'w');
fwrite($fp, 'niceboo, construct is called');
        $this->isActive = 1;
        // may not be needed, see section on salt below
        //$this->salt = md5(uniqid(null, true));
        $this->salt='bXzs4pUB6qElOxIHYcb98jXfsG6lK7ih';
    }


    /**
     * @inheritDoc
     */
    public function getSalt()
    {
//      $parts  = explode( ':', $this->password );
//      return $parts[1];
        return 'bXzs4pUB6qElOxIHYcb98jXfsG6lK7ih';
    }


    /**
     * @inheritDoc
     */
    public function getRoles()
    {
        return array('ROLE_USER');
    }

    /**
     * @inheritDoc
     */
    public function eraseCredentials()
    {
    }

    /**
     * @see \Serializable::serialize()
     */
    public function serialize()
    {
        return serialize(array(
            $this->id,
            $this->username,
            $this->password,
            // see section on salt below
            // $this->salt,
        ));
    }

    /**
     * @see \Serializable::unserialize()
     */
    public function unserialize($serialized)
    {
        list (
            $this->id,
            $this->username,
            $this->password,
            // see section on salt below
            // $this->salt
        ) = unserialize($serialized);
    }
    public function encodePassword($raw, $salt){
$fp = fopen('/var/www/html/hosts/Acme/Symfony/app/logs/data.txt', 'w');
fwrite($fp, 'encode password is called');
        return "hello world";
    }
    public function isPasswordValid($encoded, $raw, $salt){
$fp = fopen('/var/www/html/hosts/Acme/Symfony/app/logs/data.txt', 'w');
fwrite($fp, 'well, its called but return is ignored');
        return true;
    }

 }

Then the Symfony/app/config/security.yml

security:
    encoders:
        Acme\DemoBundle\Entity\User:
            algorithm:        md5
            encode_as_base64: false
            iterations:       1

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    providers:
        dbauthenticator:
            entity: { class: AcmeDemoBundle:User, property: username }

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false

        login:
            pattern:  ^/demo/secured/login$
            security: false

        secured_area:
            pattern:    ^/demo/secured/
            form_login:
                check_path: _security_check
                login_path: _demo_login
            logout:
                path:   _demo_logout
                target: _demo
            #anonymous: ~
            #http_basic:
            #    realm: "Secured Demo Area"

    access_control:
        - { path: ^/demo/secured/hello/admin/, roles: ROLE_ADMIN }
        #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }

When I try to log in I always get "bad credentials", not sure how to encode the password but the function isPasswordValid would suggest it is used to validate the password (it isn't because nothing is written to the file). If it's not used then what's the point of trying to implement PasswordEncoderInterface and use that under encoders?

The only text in data.txt is "file is included", the database log does show that it has been queried for the user but password is probably never valid (user does exist and re running the query does give me a record).

How would I have Symfony use isPasswordValid or encodePassword in User?

Answer 1

Must have forgotten a comma somewhere or something but it seems to work now.

Symfony/app/config/config.yml

...unchanged other stuff
services:
    acme.legacy_encoder:
        class: Acme\DemoBundle\Entity\User
...unchanged other stuff

Symfony/src/Acme/DemoBundle/Entity/User.php

namespace Acme\DemoBundle\Entity;

use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface;

/**
 * Acme\DemoBundle\Entity\User
 *
 * @ORM\Table(name="jos_users")
 * @ORM\Entity
 */
class User implements UserInterface, \Serializable,PasswordEncoderInterface
{
    /**
     * @ORM\Column(type="integer")
     * @ORM\Id
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    private $id;

    /**
     * @ORM\Column(type="string", length=25, unique=true)
     */
    private $username;

    /**
     * @ORM\Column(type="string", length=64)
     */
    private $password;

    /**
     * @ORM\Column(type="string", length=60, unique=true)
     */
    private $email;

    /**
     * @ORM\Column(name="block", type="integer")
     */
    private $isActive;

    /**
     * @ORM\Column(type="string", length=32)
     */
    private $salt;

    /**
     * Get id
     *
     * @return integer 
     */
    public function getId()
    {
        return $this->id;
    }

    /**
     * Set username
     *
     * @param string $username
     * @return User
     */
    public function setUsername($username)
    {
        $this->username = $username;

        return $this;
    }

    /**
     * Get username
     *
     * @return string 
     */
    public function getUsername()
    {
        return $this->username;
    }

    /**
     * Set password
     *
     * @param string $password
     * @return User
     */
    public function setPassword($password)
    {
        $this->password = $password;

        return $this;
    }

    /**
     * Get password
     *
     * @return string 
     */
    public function getPassword()
    {
        $parts  = explode( ':', $this->password );
        return $parts[0];
    }

    /**
     * Set email
     *
     * @param string $email
     * @return User
     */
    public function setEmail($email)
    {
        $this->email = $email;

        return $this;
    }

    /**
     * Get email
     *
     * @return string 
     */
    public function getEmail()
    {
        return $this->email;
    }

    /**
     * Set isActive
     *
     * @param boolean $isActive
     * @return User
     */
    public function setIsActive($isActive)
    {
        $this->isActive = $isActive?1:0;

        return $this;
    }

    /**
     * Get isActive
     *
     * @return boolean 
     */
    public function getIsActive()
    {
        return !$this->block;
    }
    public function __construct()
    {
        $this->isActive = 1;
        // may not be needed, see section on salt below
        //$this->salt = md5(uniqid(null, true));
    }


    /**
     * @inheritDoc
     */
    public function getSalt()
    {
        return $this->salt;
    }


    /**
     * @inheritDoc
     */
    public function getRoles()
    {
        return array('ROLE_USER');
    }

    /**
     * @inheritDoc
     */
    public function eraseCredentials()
    {
    }

    /**
     * @see \Serializable::serialize()
     */
    public function serialize()
    {
        return serialize(array(
            $this->id,
            $this->username,
            $this->password,
            // see section on salt below
            // $this->salt,
        ));
    }

    /**
     * @see \Serializable::unserialize()
     */
    public function unserialize($serialized)
    {
        list (
            $this->id,
            $this->username,
            $this->password,
            // see section on salt below
            // $this->salt
        ) = unserialize($serialized);
    }
    public function encodePassword($raw, $salt){
        return "hello world";
    }
    public function isPasswordValid($encoded, $raw, $salt){
        return true;
    }
 }

Since isPasswordValid always returns true it now logs me in on any existing account. I can now continue with the tutorial and try to implement group