CODEWITHSUNDEEP
authenticationsymfonyerror-logging
Lea
Lea

Reputation: 1

Symfony authentication failed after a fisrt succeed login

after many hours of search and talk with my friend chatgpt, you are my only hope !! I have a loginController in Symfony and a registration controller as well. When I create a user and after creation, i log the user. I have no issue.But, when I log out the user and try to loggin again for the second time, nothing happened. I can't loggin. It was working before. My phpMyadmin db crashed and I had to regerate it again from scratch from Symfony. However, I am pretty sure that the problem comes from the ROLE_USER. there is the log for a start (weird that there is an issue with password as it has worked the first time). I can give the files if needed.

Symfony\Component\Security\Core\Exception\BadCredentialsException {#196 ▼
  #message: "The presented password is invalid."
  #code: 0
  #file: "C:\xampp\htdocs\PROJET_SYMFONY\Ventalis\restaurant - 14122023\vendor\symfony\security-http\EventListener\CheckCredentialsListener.php"
  #line: 69
  #serialized: null
  -token: null
  trace: {▼
    C:\xampp\htdocs\PROJET_SYMFONY\Ventalis\restaurant - 14122023\vendor\symfony\security-http\EventListener\CheckCredentialsListener.php:69 {▶}
    C:\xampp\htdocs\PROJET_SYMFONY\Ventalis\restaurant - 14122023\vendor\symfony\http-foundation\Session\Storage\NativeSessionStorage.php:175 {▶}
    C:\xampp\htdocs\PROJET_SYMFONY\Ventalis\restaurant - 14122023\vendor\symfony\http-foundation\Session\Storage\NativeSessionStorage.php:326 {▶}
    C:\xampp\htdocs\PROJET_SYMFONY\Ventalis\restaurant - 14122023\vendor\symfony\http-foundation\Session\Session.php:258 {▶}
    C:\xampp\htdocs\PROJET_SYMFONY\Ventalis\restaurant - 14122023\vendor\symfony\http-foundation\Session\Session.php:278 {▶}
    C:\xampp\htdocs\PROJET_SYMFONY\Ventalis\restaurant - 14122023\vendor\symfony\http-foundation\Session\Session.php:70 {▶}
    C:\xampp\htdocs\PROJET_SYMFONY\Ventalis\restaurant - 14122023\vendor\symfony\security-http\Authentication\AuthenticationUtils.php:40 {▶}
    C:\xampp\htdocs\PROJET_SYMFONY\Ventalis\restaurant - 14122023\src\Controller\LoginController.php:16 {▶}
    C:\xampp\htdocs\PROJET_SYMFONY\Ventalis\restaurant - 14122023\vendor\symfony\http-kernel\HttpKernel.php:163 {▶}
    C:\xampp\htdocs\PROJET_SYMFONY\Ventalis\restaurant - 14122023\vendor\symfony\http-kernel\HttpKernel.php:75 {▶}
    C:\xampp\htdocs\PROJET_SYMFONY\Ventalis\restaurant - 14122023\vendor\symfony\http-kernel\Kernel.php:202 {▶}
    C:\xampp\htdocs\PROJET_SYMFONY\Ventalis\restaurant - 14122023\vendor\symfony\runtime\Runner\Symfony\HttpKernelRunner.php:35 {▶}
    C:\xampp\htdocs\PROJET_SYMFONY\Ventalis\restaurant - 14122023\vendor\autoload_runtime.php:29 {▶}
    C:\xampp\htdocs\PROJET_SYMFONY\Ventalis\restaurant - 14122023\public\index.php:5 {▶}`
  }

I looked for issues with my hashingpassword, users' roles and login method. Cannot find anything wrong

my registration controller:

    <?php

namespace App\Controller;

use App\classes\Mail;
use App\Entity\User;
use App\Security\EmailVerifier;
use App\Form\RegistrationFormType;
use Symfony\Component\Mime\Address;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bridge\Twig\Mime\TemplatedEmail;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Contracts\Translation\TranslatorInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
use SymfonyCasts\Bundle\VerifyEmail\Exception\VerifyEmailExceptionInterface;
use Symfony\Component\Mailer\MailerInterface;

class RegistrationController extends AbstractController
{
    private EmailVerifier $emailVerifier;

    public function __construct(EmailVerifier $emailVerifier)
    {
        $this->emailVerifier = $emailVerifier;
    }

    #[Route('/register', name: 'app_register')]
    public function register(Request $request, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager): Response
    {
        $user = new User();
        $form = $this->createForm(RegistrationFormType::class, $user);
        $form->handleRequest($request);

        if ($form->isSubmitted() && $form->isValid()) {
            // encode the plain password
            $user->setPassword(
                $userPasswordHasher->hashPassword(
                    $user,
                    $form->get('plainPassword')->getData()
                )
            );

            $entityManager->persist($user);
            $entityManager->flush();

            // generate a signed url and email it to the user
            //flash est un mesage une fois affiché, il disparait. Ce ne sera pas visible; il faut du twig
            $mail = new Mail();
            $isSent = $mail->send($user->getEmail(), $user->getFirstname(), 'Vérification adresse Email', 'blabla');
            if ($isSent) {
                $this->addFlash('success', 'Vous allez recevoir un mail de confirmation d\'inscription');
            }


            // return $this->redirectToRoute('app_home');
        }

        return $this->render('registration/register.html.twig', [
            'registrationForm' => $form->createView(),
        ]);
    }
}

login controller:

<?php

namespace App\Controller;

use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;

class LoginController extends AbstractController
{
    #[Route('/login', name: 'app_login')]
    public function index(AuthenticationUtils $authenticationUtils): Response
    {
        // get the login error if there is one
        $error = $authenticationUtils->getLastAuthenticationError();
        dump($error); // Add this line for debugging
        // last username entered by the user
        $lastUsername = $authenticationUtils->getLastUsername();

        return $this->render('login/index.html.twig', [
            'last_username' => $lastUsername,
            'error'         => $error,
        ]);
    }
}

my security.yaml:

security:
    # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
    password_hashers:
        Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
    # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
    
    providers:
        # used to reload user from session & other features (e.g. switch_user)
        app_user_provider:
            entity:
                class: App\Entity\User
                property: email
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            lazy: true
            provider: app_user_provider

            form_login:
                # "app_login" is the name of the route created previously
                login_path: app_login
                check_path: app_login
                enable_csrf: true
                
            logout:
                path: app_logout

            # activate different ways to authenticate
            # https://symfony.com/doc/current/security.html#the-firewall

            # https://symfony.com/doc/current/security/impersonating_user.html
            # switch_user: true

    # Easy way to control access for large sections of your site
    # Note: Only the *first* access control that matches will be used


    role_hierarchy:
        ROLE_EMPLOYEE: ROLE_USER
        ROLE_ADMIN: ROLE_EMPLOYEE
        ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    access_control:
        #- { path: ^/app/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        # - { path: ^/product, roles: ROLE_ADMIN }
        # - { path: ^/profile, roles: ROLE_USER }
        # - { path: ^/admin-employe, roles: ROLE_EMPLOYEE }  

when@test:
    security:
        password_hashers:
            # By default, password hashers are resource intensive and take time. This is
            # important to generate secure password hashes. In tests however, secure hashes
            # are not important, waste resources and increase test times. The following
            # reduces the work factor to the lowest possible values.
            Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
                algorithm: auto
                cost: 4 # Lowest possible value for bcrypt
                time_cost: 3 # Lowest possible value for argon
                memory_cost: 10 # Lowest possible value for argon

Upvotes: 0

Views: 118

Answers (0)

Related Questions