symfony redirect user after authentication

1
votes

I have two bundles userBundle and xxxBundle. I want after authenticating a user in the user bundle to redirect it to the xxxBundle. But, depending on roles (ROLE_ADMIN and ROLE_USER), I will redirect him to two different routes (route1, route2).

I added this controller to my userBundle

class SecurityController extends Controller
{
  public function loginAction()
  {
    if ($this->get('security.context')->isGranted('ROLE_ADMIN')) {
      return $this->redirect($this->generateUrl('route1'));

    }
if ($this->get('security.context')->isGranted('ROLE_USER')) {
      return $this->redirect($this->generateUrl('route2'));

    }

    $request = $this->getRequest();
    $session = $request->getSession();

    // On vérifie s'il y a des erreurs d'une précédent soumission du formulaire
    if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
      $error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
    } else {
      $error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
      $session->remove(SecurityContext::AUTHENTICATION_ERROR);
    }

    return $this->render('UserBundle:Security:login.html.twig', array(
      // Valeur du précédent nom d'utilisateur rentré par l'internaute
      'last_username' => $session->get(SecurityContext::LAST_USERNAME),
      'error'         => $error,
    ));
  }

But, this does not give the appropriate result: for a correct username and password, the user is redirected to the welcome symfony page. Does anybody have an explanation for that?

I found in the symfony documentation that I can control the redirect from the login form using the hiddden field as follow:

{# src/Acme/SecurityBundle/Resources/views/Security/login.html.twig #}
{% if error %}
    <div>{{ error.message }}</div>
{% endif %}

<form action="{{ path('login_check') }}" method="post">
    <label for="username">Username:</label>
    <input type="text" id="username" name="_username" value="{{ last_username }}" />

    <label for="password">Password:</label>
    <input type="password" id="password" name="_password" />

    <input type="hidden" name="_target_path" value="account" />

    <input type="submit" name="login" />
</form>

Question : how could I parametrise the route to be responsible for user and admin.

1
phpsymfony
Would it be more appropriate to use Access Control Lists (ACLs)?user2269869
Are you certain that route1 and route2 exist? Symfony may be providing you with the welcome URL for routes that do not exist. Perhaps add some debugging (var_dump/die) to see what's going on?Phill Sparks
the routes route1 and route2 are routes of my bundle that I have defined by myself @PhillSparksuser2269869
I think that the best solution is to forward from this controller in the user bundle to the controller of xxxBundle. But I don't know if this is possible. Do u have an idea about? @PhillSparksuser2269869

1 Answers

3
votes

Use the _target_path input field and direct the authenticated user to a route with a controller from you. Inside the controller you check the role of the user and forward to another controller based upon that.