Пытаюсь разобраться с авторизацией в Symfony, используя родной Security Component.
security.ymlsecurity:
encoders:
AppBundle\Entity\User:
algorithm: bcrypt
cost: 10
providers:
in_database:
entity:
class: AppBundle:User
property: username
firewalls:
main:
pattern: /.*
form_login: ~
anonymous: ~
provider: in_database
access_control:
- { path: ^/admin, roles: ROLE_USER }
- { path: ^/.*, roles: IS_AUTHENTICATED_ANONYMOUSLY }
SecurityControlleruse Symfony\Bundle\FrameworkBundle\Controller\Controller;
class SecurityController extends Controller
{
public function loginAction()
{
$authenticationUtils = $this->get('security.authentication_utils');
$error = $authenticationUtils->getLastAuthenticationError();
$lastUsername = $authenticationUtils->getLastUsername();
return $this->render('AppBundle:Security:login.html.twig', [
'last_username' => $lastUsername,
'error' => $error,
]);
}
}
login.html.twig{% extends '::base.html.twig' %}
{% block body %}
{% if error %}
<div>{{ error.message }}</div>
{% endif %}
<form action="{{ path('login_check') }}" method="post">
<label for="username">Username:</label>
<input type="text" id="username" name="_username" value="{{ last_username }}"/>
<label for="password">Password:</label>
<input type="password" id="password" name="_password"/>
<button type="submit">login</button>
</form>
{% endblock %}
User.phpnamespace AppBundle\Entity;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* @ORM\Table(name="app_user")
* @ORM\Entity(repositoryClass="AppBundle\Repository\UserRepository")
*/
class User implements UserInterface, \Serializable
{
/**
* @ORM\Column(type="integer")
* @ORM\Id
* @ORM\GeneratedValue(strategy="AUTO")
*/
private $id;
/**
* @ORM\Column(type="string", length=25, unique=true)
*/
private $username;
/**
* @ORM\Column(type="string", length=64)
*/
private $password;
/**
* @return int
*/
public function getId(): int
{
return $this->id;
}
/**
* @return string
*/
public function getUsername(): string
{
return $this->username;
}
/**
* @param string $username
* @return User
*/
public function setUsername(string $username)
{
$this->username = $username;
return $this;
}
/**
* @return string
*/
public function getPassword(): string
{
return $this->password;
}
/**
* @param string $password
* @return User
*/
public function setPassword(string $password)
{
$this->password = $password;
return $this;
}
/**
* @return array
*/
public function getRoles(): array
{
return ['ROLE_USER'];
}
/**
* @return null
*/
public function getSalt()
{
return null;
}
public function eraseCredentials() {}
/**
* @return string
*/
public function serialize(): string
{
return serialize([
$this->id,
$this->username,
$this->password,
]);
}
public function unserialize($serialized)
{
[$this->id, $this->username, $this->password] = unserialize($serialized);
}
}
Авторизация проходит успешно, если я ввожу правильную пару логин:пароль. Если вводить неверные данные - скрипт валится по таймауту...
Вопрос - как правильно получить ошибки авторизации ($error)? 
Средний
