This forum is in READ-ONLY mode.
You can look around, but if you want to ask a new question, please use Stack Overflow.

User not loged out when session change (passowrd/email)

New topics about Symfony 2 should go here

User not loged out when session change (passowrd/email)

by cosmaru » Wed May 20, 2015 10:29 am

Hello, this is my first project in symfony (V 2.6.7) so i may get some "symfony words" wrong...
I'm not using the FOSUserBundle, i have my own user entity (using ORM doctrim) whit it's own provider.
Entity
Code: Select all
namespace mctdev\UserBundle\Entity;

use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\AdvancedUserInterface;
use Symfony\Component\Validator\Constraints as Assert;

use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;

/**
 * Utente
 *
 * @ORM\Table(name="utenti")
 * @ORM\Entity(repositoryClass="mctdev\UserBundle\Entity\UtenteRepository")
 * @UniqueEntity(
 *     fields={"username"},
 *     message="Nome utente già presente nel database."
 * )
 * @UniqueEntity(
 *     fields={"email"},
 *     message="Esiste già un utente con questa e-mail."
 * )
 *
 */
class Utente implements AdvancedUserInterface, \Serializable
{
    /**
     * @var integer
     *
     * @ORM\Column(name="id", type="integer")
     * @ORM\Id
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    private $id;

    /**
     * @var string
     *
     * @ORM\Column(name="username", type="string", length=255, unique=true)
     * @Assert\NotBlank()
     */
    private $username;

    /**
     * @var string
     *
     * @ORM\Column(name="password", type="string", length=255)
     * @Assert\NotBlank()
     * @Assert\Length(
     *      min = 8,
     *      minMessage = "Your password must be at least {{ limit }} characters long",
     * )
     */
    private $password;

    /**
     * @var string
     *
     * @ORM\Column(name="nome", type="string", length=255)
     * @Assert\NotBlank()
     */
    private $nome;

    /**
     * @var string
     *
     * @ORM\Column(name="cognome", type="string", length=255)
     * @Assert\NotBlank()
     */
    private $cognome;

    /**
     * @var string
     *
     * @ORM\Column(name="ragione_sociale", type="string", length=255)
     * @Assert\NotBlank()
     */
    private $ragioneSociale;

    /**
     * @var string
     *
     * @ORM\Column(name="p_iva", type="string", length=100)
     * @Assert\NotBlank()
     */
    private $p_Iva;

    /**
     * @var string
     *
     * @ORM\Column(name="telefono", type="string", length=50)
     * @Assert\NotBlank()
     */
    private $telefono;

    /**
     * @var string
     *
     * @ORM\Column(name="cellulare", type="string", length=50)
     * @Assert\NotBlank()
     */
    private $cellulare;

    /**
     * @var string
     *
     * @ORM\Column(name="email", type="string", length=255, unique=true)
     * @Assert\NotBlank()/**
     * @Assert\Email(
     *     message = "The email '{{ value }}' is not a valid email.",
     *     checkMX = true
     * )
     */
    private $email;

    /**
     * @var integer
     *
     * @ORM\Column(name="livello", type="smallint")
     * @Assert\NotBlank()
     */
    private $livello;

    /**
     * @var boolean
     *
     * @ORM\Column(name="is_active", type="boolean", nullable=true)
     */
    private $isActive;


    /**
     * @var string
     *
     * @ORM\Column(name="lastLogin", type="datetime", nullable=true)
     */
    private $LastLogin;

    /**
     * @var \DateTime
     *
     * @ORM\Column(name="creato_il", type="datetime")
     */
    private $creatoIl;

    /**
     * @var string
     *
     * @ORM\Column(name="confirmationToken", type="string", length=255)
     */
    private $confirmationToken;

    /**
     * @var \DateTime
     *
     * @ORM\Column(name="passwordRequestedAt", type="datetime", nullable=true)
     */
    private $passwordRequestedAt;


    /**
     * Serializes the user.
     *
     * The serialized data have to contain the fields used by the equals method and the username.
     *
     * @return string
     */
    public function serialize()
    {
        return serialize(array(
            $this->password,
            $this->username,
            $this->isActive,
            $this->id
        ));
    }

    /**
     * Unserializes the user.
     *
     * @param string $serialized
     */
    public function unserialize($serialized)
    {
        list(
            $this->password,
            $this->username,
            $this->isActive,
            $this->id
            ) = unserialize($serialized);
    }
    /**
     * Get id
     *
     * @return integer
     */
    public function getId()
    {
        return $this->id;
    }

    /**
     * Set username
     *
     * @param string $username
     * @return Utente
     */
    public function setUsername($username)
    {
        $this->username = $username;

        return $this;
    }

    /**
     * Get username
     *
     * @return string
     */
    public function getUsername()
    {
        return $this->username;
    }

    public function getSalt()
    {
        // you *may* need a real salt depending on your encoder
        // see section on salt below
        return null;
    }

    public function eraseCredentials()
    {
    }

    /**
     * Set password
     *
     * @param string $password
     * @return Utente
     */
    public function setPassword($password)
    {
        $this->password = $password;

        return $this;
    }

    /**
     * Get password
     *
     * @return string
     */
    public function getPassword()
    {
        return $this->password;
    }

    /**
     * Set nome
     *
     * @param string $nome
     * @return Utente
     */
    public function setNome($nome)
    {
        $this->nome = $nome;

        return $this;
    }

    /**
     * Get nome
     *
     * @return string
     */
    public function getNome()
    {
        return $this->nome;
    }

    /**
     * Set cognome
     *
     * @param string $cognome
     * @return Utente
     */
    public function setCognome($cognome)
    {
        $this->cognome = $cognome;

        return $this;
    }

    /**
     * Get cognome
     *
     * @return string
     */
    public function getCognome()
    {
        return $this->cognome;
    }

    /**
     * Set ragioneSociale
     *
     * @param string $ragioneSociale
     * @return Utente
     */
    public function setRagioneSociale($ragioneSociale)
    {
        $this->ragioneSociale = $ragioneSociale;

        return $this;
    }

    /**
     * Get ragioneSociale
     *
     * @return string
     */
    public function getRagioneSociale()
    {
        return $this->ragioneSociale;
    }

    /**
     * Set p_Iva
     *
     * @param string $pIva
     * @return Utente
     */
    public function setPIva($pIva)
    {
        $this->p_Iva = $pIva;

        return $this;
    }

    /**
     * Get p_Iva
     *
     * @return string
     */
    public function getPIva()
    {
        return $this->p_Iva;
    }

    /**
     * Set telefono
     *
     * @param string $telefono
     * @return Utente
     */
    public function setTelefono($telefono)
    {
        $this->telefono = $telefono;

        return $this;
    }

    /**
     * Get telefono
     *
     * @return string
     */
    public function getTelefono()
    {
        return $this->telefono;
    }

    /**
     * Set cellulare
     *
     * @param string $cellulare
     * @return Utente
     */
    public function setCellulare($cellulare)
    {
        $this->cellulare = $cellulare;

        return $this;
    }

    /**
     * Get cellulare
     *
     * @return string
     */
    public function getCellulare()
    {
        return $this->cellulare;
    }

    /**
     * Set email
     *
     * @param string $email
     * @return Utente
     */
    public function setEmail($email)
    {
        $this->email = $email;

        return $this;
    }

    /**
     * Get email
     *
     * @return string
     */
    public function getEmail()
    {
        return $this->email;
    }

    /**
     * Set livello
     *
     * @param integer $livello
     * @return Utente
     */
    public function setLivello($livello)
    {
        $this->livello = $livello;

        return $this;
    }

    /**
     * Get livello
     *
     * @return integer
     */
    public function getLivello()
    {
        return $this->livello;
    }

    public function getRoles()
    {
        if($this->livello == 1)
            return array('ROLE_ADMIN');
        else
            return array('ROLE_USER');
    }
    /**
     * Set isActive
     *
     * @param boolean $isActive
     * @return Utente
     */
    public function setIsActive($isActive)
    {

        $this->isActive = ($isActive=='') ? 0:$isActive;

        return $this;
    }

    /**
     * Get isActive
     *
     * @return boolean
     */
    public function getIsActive()
    {
        return $this->isActive;
    }

    public function isAccountNonExpired()
    {
        return true;
    }

    public function isAccountNonLocked()
    {
        return true;
    }

    public function isCredentialsNonExpired()
    {
        return true;
    }

    public function isEnabled()
    {
        return $this->isActive;
    }

    /**
     * Set creatoIl
     *
     * @param \DateTime $creatoIl
     * @return Utente
     */
    public function setCreatoIl(\DateTime $creatoIl = null)
    {
        $this->creatoIl = $creatoIl;

        return $this;
    }

    /**
     * Get creatoIl
     *
     * @return \DateTime
     */
    public function getCreatoIl()
    {
        return $this->creatoIl;
    }

    /**
     * Set confirmationToken
     *
     * @param string $confirmationToken
     * @return Utente
     */
    public function setConfirmationToken($confirmationToken)
    {
        $this->confirmationToken = $confirmationToken;

        return $this;
    }

    /**
     * Get confirmationToken
     *
     * @return string
     */
    public function getConfirmationToken()
    {
        return $this->confirmationToken;
    }

    /**
     * Set passwordRequestedAt
     *
     * @param \DateTime $passwordRequestedAt
     * @return Utente
     */
    public function setPasswordRequestedAt($passwordRequestedAt)
    {
        $this->passwordRequestedAt = $passwordRequestedAt;

        return $this;
    }

    /**
     * Get passwordRequestedAt
     *
     * @return \DateTime
     */
    public function getPasswordRequestedAt()
    {
        return $this->passwordRequestedAt;
    }

    /**
     * Set LastLogin
     *
     * @param \DateTime $lastLogin
     * @return Utente
     */
    public function setLastLogin($lastLogin)
    {
        $this->LastLogin = $lastLogin;

        return $this;
    }

    /**
     * Get LastLogin
     *
     * @return \DateTime
     */
    public function getLastLogin()
    {
        return $this->LastLogin;
    }
}



security.yml (provider)
Code: Select all
    providers:
        db_provider:
            entity:
              class: mctdevUserBundle:Utente
              property: username


From what i read on http://symfony.com/doc/current/cookbook ... vider.html at every request there is a check to see if the session unserialized data (user) and the refreshed unserilezed user (from the database) are the same if they are not symfonys security will force the user to login once more.... my problem is that this dose not happen i tried changing the username or password directly from the database and from symfony (user edit interface that i build) but nothing the user is still loged in (whit the new user name if that was changed). As this is an AdvancedUserInterface only if i set the isActive to 0 is the user forced to login, i know there is a function "hasUserChanged" that is called at every request and i checked it dose say it has changed but nothing appears to happen.

What am i doing wrong? What more information do i need to provide to get a helping hand?
Thanks in advance.
cosmaru
Junior Member
 
Posts: 1
Joined: Wed May 20, 2015 10:03 am