Add the _failure_path hidden field in template

damienalexandre · web-flow · commit 93cf9bdedc96 · 2017-03-13T17:57:55.000+01:00
diff --git a/security/form_login.rst b/security/form_login.rst
@@ -218,57 +218,14 @@ this by setting ``use_referer`` to true (it defaults to false):
             ),
         ));
 
-Control the Redirect URL from inside the Form
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-You can also override where the user is redirected to via the form itself by
-including a hidden field with the name ``_target_path``. For example, to
-redirect to the URL defined by some ``account`` route, use the following:
-
-.. configuration-block::
-
-    .. code-block:: html+twig
-
-        {# src/AppBundle/Resources/views/Security/login.html.twig #}
-        {% if error %}
-            <div>{{ error.message }}</div>
-        {% endif %}
-
-        <form action="{{ path('login') }}" method="post">
-            <label for="username">Username:</label>
-            <input type="text" id="username" name="_username" value="{{ last_username }}" />
-
-            <label for="password">Password:</label>
-            <input type="password" id="password" name="_password" />
-
-            <input type="hidden" name="_target_path" value="account" />
-
-            <input type="submit" name="login" />
-        </form>
-
-    .. code-block:: html+php
-
-        <!-- src/AppBundle/Resources/views/Security/login.html.php -->
-        <?php if ($error): ?>
-            <div><?php echo $error->getMessage() ?></div>
-        <?php endif ?>
-
-        <form action="<?php echo $view['router']->generate('login') ?>" method="post">
-            <label for="username">Username:</label>
-            <input type="text" id="username" name="_username" value="<?php echo $last_username ?>" />
-
-            <label for="password">Password:</label>
-            <input type="password" id="password" name="_password" />
-
-            <input type="hidden" name="_target_path" value="account" />
-
-            <input type="submit" name="login" />
-        </form>
+Redirecting on Login Failure
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-Now, the user will be redirected to the value of the hidden form field. The
-value attribute can be a relative path, absolute URL, or a route name. You
-can even change the name of the hidden form field by changing the ``target_path_parameter``
-option to another value.
+In addition to redirecting the user after a successful login, you can also set
+the URL that the user should be redirected to after a failed login (e.g. an
+invalid username or password was submitted). By default, the user is redirected
+back to the login form itself. You can set this to a different route (e.g.
+``login_failure``) with the following config:
 
 .. configuration-block::
 
@@ -282,7 +239,8 @@ option to another value.
                 main:
                     # ...
                     form_login:
-                        target_path_parameter: redirect_url
+                        # ...
+                        failure_path: login_failure
 
     .. code-block:: xml
 
@@ -299,7 +257,7 @@ option to another value.
 
                 <firewall name="main">
                     <!-- ... -->
-                    <form-login target-path-parameter="redirect_url" />
+                    <form-login failure-path="login_failure" />
                 </firewall>
             </config>
         </srv:container>
@@ -314,20 +272,68 @@ option to another value.
                 'main' => array(
                     // ...
                     'form_login' => array(
-                        'target_path_parameter' => 'redirect_url',
+                        // ...
+                        'failure_path' => 'login_failure',
                     ),
                 ),
             ),
         ));
 
-Redirecting on Login Failure
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Control the Redirect URL from inside the Form
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-In addition to redirecting the user after a successful login, you can also set
-the URL that the user should be redirected to after a failed login (e.g. an
-invalid username or password was submitted). By default, the user is redirected
-back to the login form itself. You can set this to a different route (e.g.
-``login_failure``) with the following config:
+You can also override where the user is redirected to via the form itself by
+including a hidden field with the name ``_target_path`` for success and
+``_failure_path`` for failure. For example, to redirect to the URL defined 
+by some ``account`` route, use the following:
+
+.. configuration-block::
+
+    .. code-block:: html+twig
+
+        {# src/AppBundle/Resources/views/Security/login.html.twig #}
+        {% if error %}
+            <div>{{ error.message }}</div>
+        {% endif %}
+
+        <form action="{{ path('login') }}" method="post">
+            <label for="username">Username:</label>
+            <input type="text" id="username" name="_username" value="{{ last_username }}" />
+
+            <label for="password">Password:</label>
+            <input type="password" id="password" name="_password" />
+
+            <input type="hidden" name="_target_path" value="account" />
+            <input type="hidden" name="_failure_path" value="login" />
+
+            <input type="submit" name="login" />
+        </form>
+
+    .. code-block:: html+php
+
+        <!-- src/AppBundle/Resources/views/Security/login.html.php -->
+        <?php if ($error): ?>
+            <div><?php echo $error->getMessage() ?></div>
+        <?php endif ?>
+
+        <form action="<?php echo $view['router']->path('login') ?>" method="post">
+            <label for="username">Username:</label>
+            <input type="text" id="username" name="_username" value="<?php echo $last_username ?>" />
+
+            <label for="password">Password:</label>
+            <input type="password" id="password" name="_password" />
+
+            <input type="hidden" name="_target_path" value="account" />
+            <input type="hidden" name="_failure_path" value="login" />
+
+            <input type="submit" name="login" />
+        </form>
+
+Now, the user will be redirected to the value of the hidden form field. The
+value attribute can be a relative path, absolute URL, or a route name. 
+You can even change the name of the hidden form field by changing the 
+``target_path_parameter`` and ``failure_path_parameter`` options to another 
+value.
 
 .. configuration-block::
 
@@ -341,8 +347,8 @@ back to the login form itself. You can set this to a different route (e.g.
                 main:
                     # ...
                     form_login:
-                        # ...
-                        failure_path: login_failure
+                        target_path_parameter: redirect_url
+                        failure_path_parameter: redirect_url
 
     .. code-block:: xml
 
@@ -359,7 +365,8 @@ back to the login form itself. You can set this to a different route (e.g.
 
                 <firewall name="main">
                     <!-- ... -->
-                    <form-login failure-path="login_failure" />
+                    <form-login target-path-parameter="redirect_url" />
+                    <form-login failure-path-parameter="redirect_url" />
                 </firewall>
             </config>
         </srv:container>
@@ -374,8 +381,8 @@ back to the login form itself. You can set this to a different route (e.g.
                 'main' => array(
                     // ...
                     'form_login' => array(
-                        // ...
-                        'failure_path' => 'login_failure',
+                        'target_path_parameter' => 'redirect_url',
+                        'failure_path_parameter' => 'redirect_url',
                     ),
                 ),
             ),
