Skip to content

updated generated code according to make:auth results in Symfony 5.1 #13864

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jun 23, 2020
Merged

updated generated code according to make:auth results in Symfony 5.1 #13864

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 35 additions & 8 deletions security/form_login_setup.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,11 +44,11 @@ and your generated code may be slightly different:

Support for login form authentication was added to ``make:auth`` in MakerBundle 1.8.

This generates the following: 1) a login route & controller, 2) a template that
This generates the following: 1) login/logout routes & controller, 2) a template that
renders the login form, 3) a :doc:`Guard authenticator </security/guard_authentication>`
class that processes the login submit and 4) updates the main security config file.

**Step 1.** The ``/login`` route & controller::
**Step 1.** The ``/login``/``/logout`` routes & controller::

// src/Controller/SecurityController.php
namespace App\Controller;
Expand All @@ -65,6 +65,10 @@ class that processes the login submit and 4) updates the main security config fi
*/
public function login(AuthenticationUtils $authenticationUtils): Response
{
// if ($this->getUser()) {
// return $this->redirectToRoute('target_path');
// }

// get the login error if there is one
$error = $authenticationUtils->getLastAuthenticationError();
// last username entered by the user
Expand All @@ -75,10 +79,17 @@ class that processes the login submit and 4) updates the main security config fi
'error' => $error
]);
}

/**
* @Route("/logout", name="app_logout")
*/
public function logout()
{
throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
}
}

Edit the ``security.yaml`` file in order to allow access for anyone to the
``/login`` route:
Edit the ``security.yaml`` file in order to declare the ``/logout`` path:

.. configuration-block::

Expand All @@ -88,9 +99,12 @@ Edit the ``security.yaml`` file in order to allow access for anyone to the
security:
# ...

access_control:
- { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
providers:
# ...
logout:
path: app_logout
# where to redirect after logout
# target: app_any_route

.. code-block:: xml

Expand Down Expand Up @@ -137,6 +151,12 @@ a traditional HTML form that submits to ``/login``:
<div class="alert alert-danger">{{ error.messageKey|trans(error.messageData, 'security') }}</div>
{% endif %}

{% if app.user %}
<div class="mb-3">
You are logged in as {{ app.user.username }}, <a href="{{ path('app_logout') }}">Logout</a>
</div>
{% endif %}

<h1 class="h3 mb-3 font-weight-normal">Please sign in</h1>
<label for="inputEmail" class="sr-only">Email</label>
<input type="email" value="{{ last_username }}" name="email" id="inputEmail" class="form-control" placeholder="Email" required autofocus>
Expand Down Expand Up @@ -171,7 +191,6 @@ a traditional HTML form that submits to ``/login``:

use App\Entity\User;
use Doctrine\ORM\EntityManagerInterface;

use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
Expand All @@ -192,7 +211,7 @@ a traditional HTML form that submits to ``/login``:
{
use TargetPathTrait;

private const LOGIN_ROUTE = 'app_login';
public const LOGIN_ROUTE = 'app_login';

private $entityManager;
private $urlGenerator;
Expand Down Expand Up @@ -250,6 +269,14 @@ a traditional HTML form that submits to ``/login``:
return $this->passwordEncoder->isPasswordValid($user, $credentials['password']);
}

/**
* Used to upgrade (rehash) the user's password automatically over time.
*/
public function getPassword($credentials): ?string
{
return $credentials['password'];
}

public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
{
if ($targetPath = $this->getTargetPath($request->getSession(), $providerKey)) {
Expand Down