mysql - How to use recaptcha in login page of FOSUserBundle -


i m working on symfony 2.2 project in m using "fosuserbundle" security works . m using "ewzrecaptchabundle" working fine . problem want use recaptcha in login page of fosuserbundle . follow adding captcha symfony2 login page link overriding firewall still after making new form , passing recaptcha not checking recaptcha value .

i have edited code follow :

my listener :

 <?php   /*   * file part of symfony package.   *   * (c) fabien potencier <fabien@symfony.com>   *   * full copyright , license information, please view license   * file distributed source code.   */  namespace webmuch\userbundle\listener;   use symfony\component\security\http\firewall\usernamepasswordformauthenticationlistener    baselistener;  use symfony\component\form\extension\csrf\csrfprovider\csrfproviderinterface;  use symfony\component\httpfoundation\request;  use psr\log\loggerinterface;   /**    * canduuserloginformlistener custom implementation of    * authentication via simple form composed of username , password.    *    * @author fabien potencier <fabien@symfony.com>    */  class userloginformlistener extends baselistener   {  private $csrfprovider;     /**      * {@inheritdoc}      */ public function __construct(securitycontextinterface $securitycontext, authenticationmanagerinterface $authenticationmanager,sessionauthenticationstrategyinterface $sessionstrategy, httputils $httputils, $providerkey, authenticationsuccesshandlerinterface $successhandler, authenticationfailurehandlerinterface $failurehandler, array $options = array(), loggerinterface $logger = null, eventdispatcherinterface $dispatcher = null, csrfproviderinterface $csrfprovider = null) {     parent::__construct($securitycontext, $authenticationmanager, $sessionstrategy, $httputils, $providerkey, $successhandler, $failurehandler, array_merge(array(         'username_parameter' => '_username',         'password_parameter' => '_password',         'csrf_parameter'     => '_csrf_token',         'captcha'            => 'ewz_recaptcha',         'intention'          => 'authenticate',         'post_only'          => true,     ), $options), $logger, $dispatcher);      $this->csrfprovider = $csrfprovider; }  /**  * {@inheritdoc}  */ protected function requiresauthentication(request $request) {     if ($this->options['post_only'] && !$request->ismethod('post')) {         return false;     }      return parent::requiresauthentication($request); }  /**  * {@inheritdoc}  */ protected function attemptauthentication(request $request) {     if ($this->options['post_only'] && 'post' !== strtolower($request->getmethod())) {         if (null !== $this->logger) {             $this->logger->debug(sprintf('authentication method not supported: %s.', $request->getmethod()));         }          return null;     }      if (null !== $this->csrfprovider) {         $csrftoken = $request->get($this->options['csrf_parameter'], null, true);          if (false === $this->csrfprovider->iscsrftokenvalid($this->options['intention'],$csrftoken)) { throw new invalidcsrftokenexception('invalid csrf token.');           }     }      // check here captcha value     $usercaptcha = $request->get($this->options['captcha'], null, true);     $dummy = $request->getsession()->get('gcb_captcha');     $sessioncaptcha = $dummy['phrase'];    // if captcha not correct, throw exception     if ($usercaptcha !== $sessioncaptcha) {         throw new badcredentialsexception('captcha invalid');     }      $username = trim($request->get($this->options['username_parameter'], null, true));     $password = $request->get($this->options['password_parameter'], null, true);      $request->getsession()->set(securitycontextinterface::last_username,$username);      return $this->authenticationmanager->authenticate(new usernamepasswordtoken($username, $password, $this->providerkey));     } }

while set service in parameters.yml below 

 parameters:     database_driver:   pdo_mysql     database_host:     localhost     database_port:     null     database_name:     project     database_user:     root     database_password: root      mailer_transport:  smtp     mailer_host:       smtp.gmail.com     mailer_auth_mode:  login     mailer_user:       mymail@gmail.com     mailer_password:   mymailpassword      locale:            en     secret:            thistokenisnotsosecretchangeit     database_path:     null     security.authentication.listener.form.class:     webmuch\userbundle\listener\userloginformlistener

then after created userformtype below:

      <?php              /*            * file part of fosuserbundle package.            *            * (c) friendsofsymfony <http://friendsofsymfony.github.com/>            *            * full copyright , license information, please view license            * file distributed source code.            */             namespace webmuch\userbundle\form;                 class newuserloginformtype extends abstracttype                 {                public function buildform(formbuilderinterface $builder, array $options)                    {                $builder                     ->add('_username', 'email', array('label' => 'form.username',                        'translation_domain' => 'fosuserbundle')) // todo: user can login email inhibit  user enter username                     ->add('_password', 'password', array(                        'label' => 'form.current_password',                        'translation_domain' => 'fosuserbundle',                        'mapped' => false,))             ->add('recaptcha', 'ewz_recaptcha', array(                   'attr'          => array(               'options' => array(                'theme' => 'red'                   )                    ),                  'label' => "verification",                          'property_path' => false,                  'constraints'   => array(                     new true()                          ),                  'label' => "enter words in box."))                            ->add('recaptcha_challenge_field', 'hidden',  array('property_path' => false))                           ->add('recaptcha_response_field', 'hidden', array('property_path' => false));        }                          public function setdefaultoptions(optionsresolverinterface $resolver)                          {                         $resolver->setdefaults(array(                               'data_class' => 'webmuch\userbundle\entity\user',                               'intention'  => 'authenticate',                             ));                             }                         public function getname()                        {                       return 'webmuch_user_newloginform';                         }                      }

in security controller:

                   public function loginaction()                    {                      $form = $this->container->get('form.factory')->create(new newuserloginformtype());                     $request = $this->container->get('request');                     /* @var $request \symfony\component\httpfoundation\request */                      $session = $request->getsession();                      /* @var $session \symfony\component\httpfoundation\session */                    // error if (works forward , redirect -- see below)                   if ($request->attributes->has(securitycontext::authentication_error))               {                    $error = $request->attributes-    >get(securitycontext::authentication_error);                       } elseif (null !== $session && $session->has(securitycontext::authentication_error)) {                     $error = $session->get(securitycontext::authentication_error);                     $session->remove(securitycontext::authentication_error);                      } else {                         $error = '';                        }                      if ($error) {                     // todo: potential security risk (see http://trac.symfony-                    project.org/ticket/9523)                    //$error = $error->getmessage();                     $session = $this->container->get('session');                      $session->setflash('error','invalid username or password');                       return new redirectresponse($this->container->get('router')- >generate('fos_user_security_login'));                       }                       // last username entered user                    $lastusername = (null === $session) ? '' : $session-  >get(securitycontext::last_username);                     $csrftoken = $this->container->get('form.csrf_provider')->generatecsrftoken('authenticate');                      return $this->renderlogin(array( `enter code here`                     'last_username' => $lastusername,                      'error'         => $error,                       'csrf_token' => $csrftoken,                       'form'   => $form->createview(),                         ));                        }

and login.html.twig:

                {% extends "::base1.html.twig" %}                 {% block userprofile %}               {% if error %}                  <div>{{ error|trans({}, 'fosuserbundle') }}</div>                {% endif %}                 <h2 class="gradwellhead">login here</h2>               <div class="row-fluid marginbottom10">              <div class="span6 well">                <form class="form-horizontal" action="{{ path("fos_user_security_check")                   }}" method="post">                <input type="hidden" name="_csrf_token" value="{{ csrf_token }}" />                 <div class="control-group">                 <label class="control-label" for="username">{{ 'form.username'|trans({},  'fosuserbundle') }}</label>                  <div class="controls">                 <input type="text" id="username" name="_username" value="{{ last_username }}" required="required" placeholder="username"/>                  </div>                 </div>                <div class="control-group">                  <label class="control-label" for="password">{{ 'form.password'|trans({}, 'fosuserbundle') }}</label>                 <div class="controls">                 <input type="password" id="password" name="_password"  required="required" placeholder="password"/>                 </div>                </div>               <div class="control-group">                    <label class="control-label" for="recaptcha">recaptcha</label>               <div class="controls">                    {% form_theme form    'ewzrecaptchabundle:form:ewz_recaptcha_widget.html.twig' %}                   {{ form_widget(form.recaptcha, { 'attr': {'options' : {'theme' : 'clean',},} }) }}                  </div>              </div>               <div class="control-group">                     <div class="controls">                    <label class="checkbox">                     <input type="checkbox" id="remember_me" name="_remember_me" value="on" />remember me?                 </label>                   <input class="btn" type="submit" id="_submit" name="_submit" value="{{ 'form.submit'|trans({}, 'fosuserbundle') }}" />                   <a href="{{ path('fos_user_resetting_request') }}">forget password ?</a>                     {{ facebook_login_button({'autologoutlink': true}) }}                 </div>                </div>               </form>              </div>           <div class="span6 well">          <img src="{{asset('img/candu_manifesto_starburst.jpg')}}">           </div>            </div>              {% endblock  %}

if have idea please me .

thanks in advance !

i have solved issue making custom authenticator ..


Comments

Post a Comment

Popular posts from this blog

c# - Send Image in Json : 400 Bad request -

from android trying send image class of data, iis webservice. (c#) the problem 400 bad request . the image being encoded base64 . , placed json rest of class elements. my guess base64 not valid inside json. server not understand it. if set string "" , post accepted fine. so question is, how make base64 valid within json array? ( tried url.encode no success). or how should send image android webservice? gson gson = new gson(); string json = gson.tojson(record); // record has param { string base64photo } how big image? i'm pretty sure surpassing iis json size limit (default 4 mb). check http://geekswithblogs.net/frankw/archive/2008/08/05/how-to-configure-maxjsonlength-in-asp.net-ajax-applications.aspx or http://www.webtrenches.com/post.cfm/iis7-file-upload-size-limits good luck!
Read more

jquery - Fancybox - apply a function to several elements -

this source code below posted cristiano g. carvalho in answer question: calling fancybox gallery other link made user. <div class="details_gallery"> <a href="#" class="manualfancybox">manual call fancybox</a> <div class="details_gallery_min"> <a rel="details" href="max/1.jpg" class="fancybox"><img src="min/1.jpg" alt="" /></a> <a rel="details" href="max/2.jpg" class="fancybox"><img src="min/2.jpg" alt="" /></a> <a rel="details" href="max/3.jpg" class="fancybox"><img src="min/3.jpg" alt="" /></a> <a rel="details" href="max/4.jpg" class="fancybox"><img src="min/4.jpg" alt="" /></a> </div> </div> <script> $(document).read
Read more

An easy way to program an Android keyboard layout app -

i program android app replaces standard keyboard 1 one-hand optimized coffee++ keyboard layout. what special problems have face in progress? guess such project go deep android core, cause keyboard such essential thing. is wise start android developer tools (adt)—eclipse plugin described in this tutorial ? or there better way achieve goal? i new android programming, firm in php, mysql , javascript , use eclipse php i guess such project go deep android core, cause keyboard such essential thing. no. can create inputmethodservice implementation of keyboard. there sample soft keyboard in android sdk installation (if chose download sample code sdk manager), , there open source input methods floating around well, such hacker's keyboard. inputmethodservice distributed part of ordinary android application, , user can elect activate input method if user chooses. is wise start android developer tools (adt)—eclipse plugin described in tutorial? that fine s
Read more