@@ -44,11 +44,11 @@ and your generated code may be slightly different:
4444
4545 Support for login form authentication was added to ``make:auth `` in MakerBundle 1.8.
4646
47- This generates the following: 1) a login route & controller, 2) a template that
47+ This generates the following: 1) login/logout routes & controller, 2) a template that
4848renders the login form, 3) a :doc: `Guard authenticator </security/guard_authentication >`
4949class that processes the login submit and 4) updates the main security config file.
5050
51- **Step 1. ** The ``/login `` route & controller::
51+ **Step 1. ** The ``/login ``/`` /logout `` routes & controller::
5252
5353 // src/Controller/SecurityController.php
5454 namespace App\Controller;
@@ -65,6 +65,10 @@ class that processes the login submit and 4) updates the main security config fi
6565 */
6666 public function login(AuthenticationUtils $authenticationUtils): Response
6767 {
68+ // if ($this->getUser()) {
69+ // return $this->redirectToRoute('target_path');
70+ // }
71+
6872 // get the login error if there is one
6973 $error = $authenticationUtils->getLastAuthenticationError();
7074 // last username entered by the user
@@ -75,10 +79,17 @@ class that processes the login submit and 4) updates the main security config fi
7579 'error' => $error
7680 ]);
7781 }
82+
83+ /**
84+ * @Route("/logout", name="app_logout")
85+ */
86+ public function logout()
87+ {
88+ throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
89+ }
7890 }
7991
80- Edit the ``security.yaml `` file in order to allow access for anyone to the
81- ``/login `` route:
92+ Edit the ``security.yaml `` file in order to declare the ``/logout `` path:
8293
8394.. configuration-block ::
8495
@@ -88,9 +99,12 @@ Edit the ``security.yaml`` file in order to allow access for anyone to the
8899 security :
89100 # ...
90101
91- access_control :
92- - { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
102+ providers :
93103 # ...
104+ logout :
105+ path : app_logout
106+ # where to redirect after logout
107+ # target: app_any_route
94108
95109code-block :: xml
96110
@@ -139,6 +153,12 @@ a traditional HTML form that submits to ``/login``:
139153 <div class="alert alert-danger">{{ error.messageKey|trans(error.messageData, 'security') }}</div>
140154 {% endif %}
141155
156+ {% if app.user %}
157+ <div class="mb-3">
158+ You are logged in as {{ app.user.username }}, <a href="{{ path('app_logout') }}">Logout</a>
159+ </div>
160+ {% endif %}
161+
142162 <h1 class="h3 mb-3 font-weight-normal">Please sign in</h1>
143163 <label for="inputEmail" class="sr-only">Email</label>
144164 <input type="email" value="{{ last_username }}" name="email" id="inputEmail" class="form-control" placeholder="Email" required autofocus>
@@ -173,7 +193,6 @@ a traditional HTML form that submits to ``/login``:
173193
174194 use App\Entity\User;
175195 use Doctrine\ORM\EntityManagerInterface;
176-
177196 use Symfony\Component\HttpFoundation\RedirectResponse;
178197 use Symfony\Component\HttpFoundation\Request;
179198 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
@@ -194,7 +213,7 @@ a traditional HTML form that submits to ``/login``:
194213 {
195214 use TargetPathTrait;
196215
197- private const LOGIN_ROUTE = 'app_login';
216+ public const LOGIN_ROUTE = 'app_login';
198217
199218 private $entityManager;
200219 private $urlGenerator;
@@ -252,6 +271,14 @@ a traditional HTML form that submits to ``/login``:
252271 return $this->passwordEncoder->isPasswordValid($user, $credentials['password']);
253272 }
254273
274+ /**
275+ * Used to upgrade (rehash) the user's password automatically over time.
276+ */
277+ public function getPassword($credentials): ?string
278+ {
279+ return $credentials['password'];
280+ }
281+
255282 public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
256283 {
257284 if ($targetPath = $this->getTargetPath($request->getSession(), $providerKey)) {
0 commit comments