How to install ?

[Hanfrey]

Hello, i dont get it working. Is this compatible with symfony 2.7?

1. composer require anyx/login-gate-bundle
2. noticed that my parameters.yml is set to default.
3. Added the "new Anyx\LoginGateBundle\LoginGateBundle()," to the AppKernel
4. Added the login_gate settings to the config.yml and security.yml
5. tried to login
   6 Attempted to load Class BruteForceAttemptListener from Acme\BestBundle\Listener\

There is no Namespace like this, and in the Bundle i cant find that Class.

[anyx]

@Hanfrey
Acme\BestBundle\Listener\BruteForceAttemptListener - this is an example.
You should register you own listener, if you need to do something when bruteforce was detected.

[Hanfrey]

Thanks for the fast response.
I added my own Listener which should dump something if its hit. But its not working like i thought:

If i add the success_handler the login is not working anymore. I commented and tried to bruteforce the login which hit the event.But i get the following error:

The autoloader expected class "AppBundle\EventListener\BruteForceAttemptListener" to be defined in file "src\AppBundle\EventListener\BruteForceAttemptListener.php". The file was found but the class was not in it, the class name or namespace probably has a typo.

          class: AppBundle\EventListener\BruteForceAttemptListener
          tags:
              - { name: kernel.event_listener, event: security.brute_force_attempt, method: onBruteForceAttempt }

The class:

<?
namespace AppBundle\EventListener;

class BruteForceAttemptListener
{
public function onBruteForceAttempt( )
{
dump("got it!");
}
}

Any Idea? Thanks!

[anyx]

@Hanfrey Check your listener's filename - this default autoloader error. Later i will try to check handlers. Also, let me see your security.firewall config, if it possible

[Hanfrey]

@anyx i found it, used <? instead of <?php. But the login is now not working anymore again. something special i have to do in the bruteforce listener?

   firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        login_firewall:
            pattern: ^/login$
            anonymous: ~
        ònlineservice:
             pattern: ^/
             form_login:
                 failure_handler: anyx.login_failure.handler
                 #success_handler: anyx.login_success.handler
                 csrf_provider: security.csrf.token_manager
                 check_path: login_check
                 login_path: login
                 default_target_path: /de/start
             logout:
                 path: /logout
                 target: login
                 invalidate_session: false
``

[Hanfrey]

Got it nearly running.
The login_success does use the referer. This is everytime /login for me. So he redirects to the login again, im now using the default_path_target / path_target.

But i get this Error Message after loading each page:
An error occurred while loading the web debug toolbar (404: Not Found)
Do you want to open the profiler?

Any idea?

[anyx]

I don't want to open profiler.
Looks like you have some problem in framework/webserver configuration.

Please, try to check this: http://stackoverflow.com/questions/21058750/symfony-2-4-an-error-occurred-while-loading-the-web-debug-toolbar-404-not-fou

[Hanfrey]

I think an handler does not fit or something like that. Because i made an copy of the project before adding the Bundle and this is not happening there.

In the login failure handle is an DEPRECATED usage.
Changed from:

use Symfony\Component\Security\Core\SecurityContext;
...
 $request->getSession()->set(SecurityContext::AUTHENTICATION_ERROR, $exception);

use Symfony\Component\Security\Core\Security;
...
 $request->getSession()->set(Security::AUTHENTICATION_ERROR, $exception);

[Hanfrey]

http://127.0.0.1:8000/_wdt/fd9e8d is tried to get accessed, which results in the 404 and error message with debug bar.

It just start to throw if i add the " new Anyx\LoginGateBundle\LoginGateBundle()," to the AppKernel.php

[Hanfrey]

Something i noticed searching for the error:

   $this->getDispatcher()->dispatch(SecurityEvents::BRUTE_FORCE_ATTEMPT, $event);

The BruteForceChecker.php has no method dispatch.

Something is weird with this. This is causing my problem, and i think it fits to the error above. If i take it out of the Authentication.php the 404 Error disappears.

->addMethodCall(
                            'setDispatcher',
                            array(
                                $container->findDefinition('event_dispatcher')
                            )
                    )
``

[anyx]

So BruteForceChecker should not have this method

[anyx]

@Hanfrey i was found several errors with dispatcher in last symfony versions. Tomorrow i will try to find time fix them. Thank you for feedback!

[Hanfrey]

You are welcome, the dispatcher "error" comes because the annotation is wrong of the getDispatcher.

Is:

    /**
     * 
     * @return \Anyx\LoginGateBundle\Service\BruteForceChecker
     */
    public function getDispatcher()
    {
        return $this->dispatcher;
    }

Should be:

    /**
     * 
     * @return \Symfony\Component\EventDispatcher\EventDispatcherInterface
     */
    public function getDispatcher()
    {
        return $this->dispatcher;
    }

[anyx]

@Hanfrey it was a pretty long day)
I believe, this issue (and bundle) is not actual for you.

Anyway, today i made some refactoring, wrote some tests and now time to close this issue, i think