How to debug symfony4 authentication failure

I am trying to set up a traditional login and registration form following the symfony 4 documentation.

Using the registration form I seem to be able to register users correctly into the mariaDB database on arch linux.

I am using the symfony development server. When I try to login with a registered user, I get this HTML on the login page

Authentication request could not be processed due to a system problem.

If the user or the password are bad or if I don’t fill the fields, I get the same error.

Starting the symfony 4 development with -vvv verboses displays

2018-01-26T16:10:26+00:00 [info] Matched route "login".
2018-01-26T16:10:26+00:00 [info] Authentication request failed.
2018-01-26T16:10:26+00:00 [debug] Authentication failure, redirect triggered.
[Fri Jan 26 17:10:26 2018] 127.0.0.1:52250 [302]: /login
2018-01-26T16:10:26+00:00 [info] Matched route "login".
2018-01-26T16:10:26+00:00 [info] Populated the TokenStorage with an anonymous Token.
[Fri Jan 26 17:10:26 2018] 127.0.0.1:52252 [200]: /login

Using the network inspector of Firefox it seems that the loggin post returns error 302. I don’t know how to debug this, or how to obtain more informations.

This is security.yaml

# config/packages/security.yaml                                                                           
security:                                                                                                 
  encoders:                                                                                               
    AppEntityUser:                                                                                      
      algorithm: bcrypt                                                                                   
  providers:                                                                                              
    our_db_provider:                                                                                      
      entity:                                                                                             
        class: AppEntityUser                                                                            
        property: username                                                                                
  firewalls:                                                                                              
    main:                                                                                                 
      provider: our_db_provider                                                                           
      pattern: ^/                                                                                         
      anonymous: ~                                                                                        
      form_login:                                                                                         
        login_path: login                                                                                 
        check_path: login                                                                                 
  access_control:                                                                                         
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }                                              
    - { path: ^/register$, role: IS_AUTHENTICATED_ANONYMOUSLY }                                           
    - { path: ^/, role: ROLE_USER }

I don’t use the username, so I removed it from the User class and the register Controller, and made user.getUsername return the user email, as suggested by the doc.

Answer

Your problem is the following:

property: username

In security yaml just replace it with email as you don’t use the username variable from the user interface.

To find out, use the web helper bundle to analyse the request that returned 302.

Advertisement

Answer