Problème page de connexion dans le réseau local
Bonjour,
Je suis actuellement sur la version 6.0.1 de Symfony. Mon système d'authentification fonctionne parfaitement. Je décide de lancer la commande suivante pour pouvoir accéder à mon site depuis mon réseau local (je précise, c'est que pour du test, je le mettrais plus tard en production sur un serveur apache) :
php -S 0.0.0.0:8000 -t publicJe peux accéder à mon site depuis mon réseau à l'aide de mon IP : http://192.168.0.70:8000.
Le problème est que lorsque je me connecte sur ma page d'authentification avec cette adresse, en rentrant bien les bonnes informations, le formulaire de connexion est traité mais rien ne se passe, alors que pourtant avec l'adresse http://localhost:8000 sur mon ordinateur, tout fonctionne.
Extrait de mon security.yaml :
security:
enable_authenticator_manager: true
# https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
password_hashers:
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
App\Entity\User:
algorithm: auto
# https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
providers:
# used to reload user from session & other features (e.g. switch_user)
app_user_provider:
entity:
class: App\Entity\User
property: email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
lazy: true
provider: app_user_provider
access_denied_handler: App\Security\AccessDeniedHandler
form_login:
login_path: login
check_path: login
enable_csrf: true
logout:
path: logoutExtrait de mon framework.yaml :
framework:
secret: '%env(APP_SECRET)%'
#csrf_protection: true
http_method_override: false
# Enables session support. Note that the session will ONLY be started if you read or write from it.
# Remove or comment this section to explicitly disable session support.
session:
handler_id: null
cookie_secure: auto
cookie_samesite: lax
storage_factory_id: session.storage.factory.nativeAprès plusieurs tests, je me suis rendu compte que le problème vient des sessions.
Ma question est donc la suivante : pourquoi cela ne fonctionne pas en réseau ?
10 réponses
Hello,
Tu as bien un authenticator ? fait un coup de dd($_SESSION, $_COOKIE); pour voir la différence entre les deux envs dans l'authenticator.
Je pense que c'est un problème de cookie possiblement
J'ai fait cette commande et j'obtient une erreur de Symfony comme quoi la varriable $_SESSION et $_COOKIE ne sont pas définie :
Warning: Undefined global variable $_SESSIONCe que j'aurais fait connecte toi va dans var/log et regarde la sortie fait la même chose dans le cas ou ça ne fonctionne pas.
Tu es en env de dev sur les deux ?
j'ai vidé le cache et j'ai bien fait un composer install. En revanche, je ne comprends pas bien ce que tu me dis avec var/log mais oui je suis en environnement de dev et jai testé également avec un environnement de prod
"\var\log" => répertoire contenant les logs de l'application.
C'est dans ces fichiers que tu trouvera potentiellement plus d'infos sur ton erreur.
Voici mes logs et je remarque que j'ai une erreur CSRF mais je comprends pas trop à quoi elle est dut :
[2022-02-06T13:40:09.916863+00:00] request.INFO: Matched route "login". {"route":"login","route_parameters":{"_route":"login","_controller":"App\\Controller\\Security\\LoginController::index"},"request_uri":"http://192.168.0.53:8000/login","method":"POST"} []
[2022-02-06T13:40:09.932984+00:00] php.DEBUG: User Warning: Configure the "curl.cainfo", "openssl.cafile" or "openssl.capath" php.ini setting to enable the CurlHttpClient {"exception":{"Symfony\\Component\\ErrorHandler\\Exception\\SilencedErrorContext":{"severity":512,"file":"C:\\projects\\MemOlicard\\vendor\\symfony\\http-client\\HttpClient.php","line":57,"trace":[{"file":"C:\\projects\\MemOlicard\\var\\cache\\dev\\ContainerQBBFxNc\\App_KernelDevDebugContainer.php","line":1236,"function":"create","class":"Symfony\\Component\\HttpClient\\HttpClient","type":"::"}],"count":1}}} []
[2022-02-06T13:40:09.933433+00:00] php.DEBUG: User Notice: Upgrade the curl extension or run "composer require amphp/http-client" to perform async HTTP operations, including full HTTP/2 support {"exception":{"Symfony\\Component\\ErrorHandler\\Exception\\SilencedErrorContext":{"severity":1024,"file":"C:\\projects\\MemOlicard\\vendor\\symfony\\http-client\\HttpClient.php","line":64,"trace":[{"file":"C:\\projects\\MemOlicard\\var\\cache\\dev\\ContainerQBBFxNc\\App_KernelDevDebugContainer.php","line":1236,"function":"create","class":"Symfony\\Component\\HttpClient\\HttpClient","type":"::"}],"count":1}}} []
[2022-02-06T13:40:10.015714+00:00] security.DEBUG: Checking for authenticator support. {"firewall_name":"main","authenticators":2} []
[2022-02-06T13:40:10.015811+00:00] security.DEBUG: Checking support on authenticator. {"firewall_name":"main","authenticator":"App\\Security\\Authenticator\\GoogleAuthenticator"} []
[2022-02-06T13:40:10.015873+00:00] security.DEBUG: Authenticator does not support the request. {"firewall_name":"main","authenticator":"App\\Security\\Authenticator\\GoogleAuthenticator"} []
[2022-02-06T13:40:10.015927+00:00] security.DEBUG: Checking support on authenticator. {"firewall_name":"main","authenticator":"Symfony\\Component\\Security\\Http\\Authenticator\\FormLoginAuthenticator"} []
[2022-02-06T13:40:10.029750+00:00] security.INFO: Authenticator failed. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\InvalidCsrfTokenException(code: 0): Invalid CSRF token. at C:\\projects\\MemOlicard\\vendor\\symfony\\security-http\\EventListener\\CsrfProtectionListener.php:51)","authenticator":"Symfony\\Component\\Security\\Http\\Authenticator\\Debug\\TraceableAuthenticator"} []
[2022-02-06T13:40:10.029948+00:00] security.DEBUG: Authentication failure, redirect triggered. {"failure_path":"login"} []
[2022-02-06T13:40:10.037958+00:00] security.DEBUG: The "Symfony\Component\Security\Http\Authenticator\Debug\TraceableAuthenticator" authenticator set the failure response. {"authenticator":"Symfony\\Component\\Security\\Http\\Authenticator\\Debug\\TraceableAuthenticator"} []
[2022-02-06T13:40:10.038355+00:00] security.DEBUG: The "Symfony\Component\Security\Http\Authenticator\Debug\TraceableAuthenticator" authenticator set the response. Any later authenticator will not be called {"authenticator":"Symfony\\Component\\Security\\Http\\Authenticator\\Debug\\TraceableAuthenticator"} []
[2022-02-06T13:40:10.086246+00:00] doctrine.DEBUG: SHOW FULL TABLES WHERE Table_type = 'BASE TABLE' [] []
[2022-02-06T13:40:10.089103+00:00] doctrine.DEBUG: SHOW FULL TABLES WHERE Table_type = 'BASE TABLE' [] []
[2022-02-06T13:40:10.098706+00:00] doctrine.DEBUG: SELECT DATABASE() [] []
[2022-02-06T13:40:10.099133+00:00] doctrine.DEBUG: SELECT COLUMN_NAME AS Field, COLUMN_TYPE AS Type, IS_NULLABLE AS `Null`, COLUMN_KEY AS `Key`, COLUMN_DEFAULT AS `Default`, EXTRA AS Extra, COLUMN_COMMENT AS Comment, CHARACTER_SET_NAME AS CharacterSet, COLLATION_NAME AS Collation FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = 'memolicard' AND TABLE_NAME = 'doctrine_migration_versions' ORDER BY ORDINAL_POSITION ASC [] []
[2022-02-06T13:40:10.101406+00:00] doctrine.DEBUG: SELECT DATABASE() [] []
[2022-02-06T13:40:10.101781+00:00] doctrine.DEBUG: SELECT DISTINCT k.`CONSTRAINT_NAME`, k.`COLUMN_NAME`, k.`REFERENCED_TABLE_NAME`, k.`REFERENCED_COLUMN_NAME`, k.`ORDINAL_POSITION` /*!50116 , c.update_rule, c.delete_rule */ FROM information_schema.key_column_usage k /*!50116 INNER JOIN information_schema.referential_constraints c ON c.constraint_name = k.constraint_name AND c.table_name = 'doctrine_migration_versions' */ WHERE k.table_name = 'doctrine_migration_versions' AND k.table_schema = 'memolicard' /*!50116 AND c.constraint_schema = 'memolicard' */ AND k.`REFERENCED_COLUMN_NAME` is not NULL ORDER BY k.`ORDINAL_POSITION` [] []
[2022-02-06T13:40:10.102680+00:00] doctrine.DEBUG: SELECT DATABASE() [] []
[2022-02-06T13:40:10.102973+00:00] doctrine.DEBUG: SELECT NON_UNIQUE AS Non_Unique, INDEX_NAME AS Key_name, COLUMN_NAME AS Column_Name, SUB_PART AS Sub_Part, INDEX_TYPE AS Index_Type FROM information_schema.STATISTICS WHERE TABLE_NAME = 'doctrine_migration_versions' AND TABLE_SCHEMA = 'memolicard' ORDER BY SEQ_IN_INDEX ASC [] []
[2022-02-06T13:40:10.103500+00:00] doctrine.DEBUG: SELECT t.ENGINE, t.AUTO_INCREMENT, t.TABLE_COMMENT, t.CREATE_OPTIONS, t.TABLE_COLLATION, ccsa.CHARACTER_SET_NAME FROM information_schema.TABLES t INNER JOIN information_schema.`COLLATION_CHARACTER_SET_APPLICABILITY` ccsa ON ccsa.COLLATION_NAME = t.TABLE_COLLATION WHERE TABLE_TYPE = 'BASE TABLE' AND TABLE_SCHEMA = DATABASE() AND TABLE_NAME = 'doctrine_migration_versions' [] []
[2022-02-06T13:40:10.104935+00:00] doctrine.DEBUG: SELECT * FROM doctrine_migration_versions [] []
[2022-02-06T13:40:10.108049+00:00] doctrine.DEBUG: SELECT DATABASE() [] []
[2022-02-06T13:40:10.145923+00:00] php.INFO: User Deprecated: Method "Symfony\Component\EventDispatcher\EventSubscriberInterface::getSubscribedEvents()" might add "array" as a native return type declaration in the future. Do the same in implementation "App\Security\LoginSubscriber" now to avoid errors or add an explicit @return annotation to suppress this message. {"exception":"[object] (ErrorException(code: 0): User Deprecated: Method \"Symfony\\Component\\EventDispatcher\\EventSubscriberInterface::getSubscribedEvents()\" might add \"array\" as a native return type declaration in the future. Do the same in implementation \"App\\Security\\LoginSubscriber\" now to avoid errors or add an explicit @return annotation to suppress this message. at C:\\projects\\MemOlicard\\vendor\\symfony\\error-handler\\DebugClassLoader.php:328)"} []
[2022-02-06T13:40:10.496754+00:00] request.INFO: Matched route "login". {"route":"login","route_parameters":{"_route":"login","_controller":"App\\Controller\\Security\\LoginController::index"},"request_uri":"http://192.168.0.53:8000/login","method":"GET"} []
[2022-02-06T13:40:10.518199+00:00] php.DEBUG: User Warning: Configure the "curl.cainfo", "openssl.cafile" or "openssl.capath" php.ini setting to enable the CurlHttpClient {"exception":{"Symfony\\Component\\ErrorHandler\\Exception\\SilencedErrorContext":{"severity":512,"file":"C:\\projects\\MemOlicard\\vendor\\symfony\\http-client\\HttpClient.php","line":57,"trace":[{"file":"C:\\projects\\MemOlicard\\var\\cache\\dev\\ContainerQBBFxNc\\App_KernelDevDebugContainer.php","line":1236,"function":"create","class":"Symfony\\Component\\HttpClient\\HttpClient","type":"::"}],"count":1}}} []
[2022-02-06T13:40:10.518337+00:00] php.DEBUG: User Notice: Upgrade the curl extension or run "composer require amphp/http-client" to perform async HTTP operations, including full HTTP/2 support {"exception":{"Symfony\\Component\\ErrorHandler\\Exception\\SilencedErrorContext":{"severity":1024,"file":"C:\\projects\\MemOlicard\\vendor\\symfony\\http-client\\HttpClient.php","line":64,"trace":[{"file":"C:\\projects\\MemOlicard\\var\\cache\\dev\\ContainerQBBFxNc\\App_KernelDevDebugContainer.php","line":1236,"function":"create","class":"Symfony\\Component\\HttpClient\\HttpClient","type":"::"}],"count":1}}} []
[2022-02-06T13:40:10.608109+00:00] security.DEBUG: Checking for authenticator support. {"firewall_name":"main","authenticators":2} []
[2022-02-06T13:40:10.608269+00:00] security.DEBUG: Checking support on authenticator. {"firewall_name":"main","authenticator":"App\\Security\\Authenticator\\GoogleAuthenticator"} []
[2022-02-06T13:40:10.608347+00:00] security.DEBUG: Authenticator does not support the request. {"firewall_name":"main","authenticator":"App\\Security\\Authenticator\\GoogleAuthenticator"} []
[2022-02-06T13:40:10.608462+00:00] security.DEBUG: Checking support on authenticator. {"firewall_name":"main","authenticator":"Symfony\\Component\\Security\\Http\\Authenticator\\FormLoginAuthenticator"} []
[2022-02-06T13:40:10.608574+00:00] security.DEBUG: Authenticator does not support the request. {"firewall_name":"main","authenticator":"Symfony\\Component\\Security\\Http\\Authenticator\\FormLoginAuthenticator"} []
[2022-02-06T13:40:10.704319+00:00] doctrine.DEBUG: SHOW FULL TABLES WHERE Table_type = 'BASE TABLE' [] []
[2022-02-06T13:40:10.707187+00:00] doctrine.DEBUG: SHOW FULL TABLES WHERE Table_type = 'BASE TABLE' [] []
[2022-02-06T13:40:10.715571+00:00] doctrine.DEBUG: SELECT DATABASE() [] []
[2022-02-06T13:40:10.716122+00:00] doctrine.DEBUG: SELECT COLUMN_NAME AS Field, COLUMN_TYPE AS Type, IS_NULLABLE AS `Null`, COLUMN_KEY AS `Key`, COLUMN_DEFAULT AS `Default`, EXTRA AS Extra, COLUMN_COMMENT AS Comment, CHARACTER_SET_NAME AS CharacterSet, COLLATION_NAME AS Collation FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = 'memolicard' AND TABLE_NAME = 'doctrine_migration_versions' ORDER BY ORDINAL_POSITION ASC [] []
[2022-02-06T13:40:10.718622+00:00] doctrine.DEBUG: SELECT DATABASE() [] []
[2022-02-06T13:40:10.719016+00:00] doctrine.DEBUG: SELECT DISTINCT k.`CONSTRAINT_NAME`, k.`COLUMN_NAME`, k.`REFERENCED_TABLE_NAME`, k.`REFERENCED_COLUMN_NAME`, k.`ORDINAL_POSITION` /*!50116 , c.update_rule, c.delete_rule */ FROM information_schema.key_column_usage k /*!50116 INNER JOIN information_schema.referential_constraints c ON c.constraint_name = k.constraint_name AND c.table_name = 'doctrine_migration_versions' */ WHERE k.table_name = 'doctrine_migration_versions' AND k.table_schema = 'memolicard' /*!50116 AND c.constraint_schema = 'memolicard' */ AND k.`REFERENCED_COLUMN_NAME` is not NULL ORDER BY k.`ORDINAL_POSITION` [] []
[2022-02-06T13:40:10.719768+00:00] doctrine.DEBUG: SELECT DATABASE() [] []
[2022-02-06T13:40:10.720052+00:00] doctrine.DEBUG: SELECT NON_UNIQUE AS Non_Unique, INDEX_NAME AS Key_name, COLUMN_NAME AS Column_Name, SUB_PART AS Sub_Part, INDEX_TYPE AS Index_Type FROM information_schema.STATISTICS WHERE TABLE_NAME = 'doctrine_migration_versions' AND TABLE_SCHEMA = 'memolicard' ORDER BY SEQ_IN_INDEX ASC [] []
[2022-02-06T13:40:10.720534+00:00] doctrine.DEBUG: SELECT t.ENGINE, t.AUTO_INCREMENT, t.TABLE_COMMENT, t.CREATE_OPTIONS, t.TABLE_COLLATION, ccsa.CHARACTER_SET_NAME FROM information_schema.TABLES t INNER JOIN information_schema.`COLLATION_CHARACTER_SET_APPLICABILITY` ccsa ON ccsa.COLLATION_NAME = t.TABLE_COLLATION WHERE TABLE_TYPE = 'BASE TABLE' AND TABLE_SCHEMA = DATABASE() AND TABLE_NAME = 'doctrine_migration_versions' [] []
[2022-02-06T13:40:10.722053+00:00] doctrine.DEBUG: SELECT * FROM doctrine_migration_versions [] []
[2022-02-06T13:40:10.725018+00:00] doctrine.DEBUG: SELECT DATABASE() [] []
[2022-02-06T13:40:10.769856+00:00] php.INFO: User Deprecated: Method "Symfony\Component\EventDispatcher\EventSubscriberInterface::getSubscribedEvents()" might add "array" as a native return type declaration in the future. Do the same in implementation "App\Security\LoginSubscriber" now to avoid errors or add an explicit @return annotation to suppress this message. {"exception":"[object] (ErrorException(code: 0): User Deprecated: Method \"Symfony\\Component\\EventDispatcher\\EventSubscriberInterface::getSubscribedEvents()\" might add \"array\" as a native return type declaration in the future. Do the same in implementation \"App\\Security\\LoginSubscriber\" now to avoid errors or add an explicit @return annotation to suppress this message. at C:\\projects\\MemOlicard\\vendor\\symfony\\error-handler\\DebugClassLoader.php:328)"} []
[2022-02-06T13:40:11.652533+00:00] request.INFO: Matched route "_wdt". {"route":"_wdt","route_parameters":{"_route":"_wdt","_controller":"web_profiler.controller.profiler::toolbarAction","token":"22add9"},"request_uri":"http://192.168.0.53:8000/_wdt/22add9","method":"GET"} []
[2022-02-06T13:40:11.663900+00:00] php.DEBUG: User Warning: Configure the "curl.cainfo", "openssl.cafile" or "openssl.capath" php.ini setting to enable the CurlHttpClient {"exception":{"Symfony\\Component\\ErrorHandler\\Exception\\SilencedErrorContext":{"severity":512,"file":"C:\\projects\\MemOlicard\\vendor\\symfony\\http-client\\HttpClient.php","line":57,"trace":[{"file":"C:\\projects\\MemOlicard\\var\\cache\\dev\\ContainerQBBFxNc\\App_KernelDevDebugContainer.php","line":1236,"function":"create","class":"Symfony\\Component\\HttpClient\\HttpClient","type":"::"}],"count":1}}} []
[2022-02-06T13:40:11.664026+00:00] php.DEBUG: User Notice: Upgrade the curl extension or run "composer require amphp/http-client" to perform async HTTP operations, including full HTTP/2 support {"exception":{"Symfony\\Component\\ErrorHandler\\Exception\\SilencedErrorContext":{"severity":1024,"file":"C:\\projects\\MemOlicard\\vendor\\symfony\\http-client\\HttpClient.php","line":64,"trace":[{"file":"C:\\projects\\MemOlicard\\var\\cache\\dev\\ContainerQBBFxNc\\App_KernelDevDebugContainer.php","line":1236,"function":"create","class":"Symfony\\Component\\HttpClient\\HttpClient","type":"::"}],"count":1}}} []Est-ce que ton formulaire envoi bien un jeton CSRF ?
(je ne connais pas le nom du champs de tête, mais je pense qu'il y a moyen de le trouver dans la documentation de symfo).
En parralèle, il n'est pas normal que ton application n'affiche pas de message d'erreur dans ce cas là, il pourrait être légime d'améliorer ça.
J'ai bien un token csrf dans mon formulaire. Mais c'est vrai que parfois j'ai une erreur CSRF qui est affiché sur ma page web.
En revanche, je le répète, tout fonctionne avec l'url ip http://localhost:8000 mais le problème est lorsque j'utilise mon adresse ip http://192.168.0.70:8000. La page s'affiche bien correctement dans le cas avec l'adresse http://192.168.0.70:8000 les sessions ne fonctionnent pas comme je l'ai déjà dit plus haut, c'est pour cela qu'il y a des erreurs csrf.
OK, effectivement, j'ai survolé un peu vite le post intial.
Du coup ma dernière réponse n'a aucun intéret.
Alors les questions que je me poserai :
- est-ce que le problème se produit également sur un script "non symfony" (voir éventuellement pour faire un test avec 2 pages PHP toute simple);
- est-ce que le problème se produit également si l'appli est hébergée sur un serveur distant, et accessible via un nom de domaine;
- est-ce que le problème se produit également avec une nouvelle instance de symfony fraichement installée, avec les configurations de bases ?
- est-ce que ça fonctionne toujours en local si utilise "127.0.0.1" au lieu de "localhost" (sans réel conviction pour cette piste... c'est juste parce que ça prend 2 minutes à tester) ?;