@@ -44,11 +44,11 @@ and your generated code may be slightly different:
4444
4545 Support for login form authentication was added to ``make:auth `` in MakerBundle 1.8.
4646
47- This generates the following: 1) a login route & controller, 2) a template that
47+ This generates the following: 1) login/logout routes & controller, 2) a template that
4848renders the login form, 3) a :doc: `Guard authenticator </security/guard_authentication >`
4949class that processes the login submit and 4) updates the main security config file.
5050
51- **Step 1. ** The ``/login `` route & controller::
51+ **Step 1. ** The ``/login ``/`` /logout `` routes & controller::
5252
5353 // src/Controller/SecurityController.php
5454 namespace App\Controller;
@@ -65,6 +65,10 @@ class that processes the login submit and 4) updates the main security config fi
6565 */
6666 public function login(AuthenticationUtils $authenticationUtils): Response
6767 {
68+ // if ($this->getUser()) {
69+ // return $this->redirectToRoute('target_path');
70+ // }
71+
6872 // get the login error if there is one
6973 $error = $authenticationUtils->getLastAuthenticationError();
7074 // last username entered by the user
@@ -75,10 +79,17 @@ class that processes the login submit and 4) updates the main security config fi
7579 'error' => $error
7680 ]);
7781 }
82+
83+ /**
84+ * @Route("/logout", name="app_logout")
85+ */
86+ public function logout()
87+ {
88+ throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
89+ }
7890 }
7991
80- Edit the ``security.yaml `` file in order to allow access for anyone to the
81- ``/login `` route:
92+ Edit the ``security.yaml `` file in order to declare the ``/logout `` path:
8293
8394.. configuration-block ::
8495
@@ -88,9 +99,12 @@ Edit the ``security.yaml`` file in order to allow access for anyone to the
8899 security :
89100 # ...
90101
91- access_control :
92- - { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
102+ providers :
93103 # ...
104+ logout :
105+ path : app_logout
106+ # where to redirect after logout
107+ # target: app_any_route
94108
95109code-block :: xml
96110
@@ -137,6 +151,12 @@ a traditional HTML form that submits to ``/login``:
137151 <div class="alert alert-danger">{{ error.messageKey|trans(error.messageData, 'security') }}</div>
138152 {% endif %}
139153
154+ {% if app.user %}
155+ <div class="mb-3">
156+ You are logged in as {{ app.user.username }}, <a href="{{ path('app_logout') }}">Logout</a>
157+ </div>
158+ {% endif %}
159+
140160 <h1 class="h3 mb-3 font-weight-normal">Please sign in</h1>
141161 <label for="inputEmail" class="sr-only">Email</label>
142162 <input type="email" value="{{ last_username }}" name="email" id="inputEmail" class="form-control" placeholder="Email" required autofocus>
@@ -171,7 +191,6 @@ a traditional HTML form that submits to ``/login``:
171191
172192 use App\Entity\User;
173193 use Doctrine\ORM\EntityManagerInterface;
174-
175194 use Symfony\Component\HttpFoundation\RedirectResponse;
176195 use Symfony\Component\HttpFoundation\Request;
177196 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
@@ -192,7 +211,7 @@ a traditional HTML form that submits to ``/login``:
192211 {
193212 use TargetPathTrait;
194213
195- private const LOGIN_ROUTE = 'app_login';
214+ public const LOGIN_ROUTE = 'app_login';
196215
197216 private $entityManager;
198217 private $urlGenerator;
@@ -250,6 +269,14 @@ a traditional HTML form that submits to ``/login``:
250269 return $this->passwordEncoder->isPasswordValid($user, $credentials['password']);
251270 }
252271
272+ /**
273+ * Used to upgrade (rehash) the user's password automatically over time.
274+ */
275+ public function getPassword($credentials): ?string
276+ {
277+ return $credentials['password'];
278+ }
279+
253280 public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
254281 {
255282 if ($targetPath = $this->getTargetPath($request->getSession(), $providerKey)) {
0 commit comments