How to create a login authentification form with symfony 4

0
votes

Firstly I'm sorry to ask that kind of questions here but the symfony documentation doesn't provide too much complete example if you never been a symfony project before.

So I already installed the symfony/security package and i began like in this tutorial https://symfony.com/doc/current/security/form_login_setup.html

Packages/security.yaml

security:
    providers:
        users:
            entity:
                class: Entity:Users
    firewalls:
        main:
            anonymous: ~
            form_login:
                login_path: login
                check_path: login

Login_path and check_path are the road use by my security controller, but what is the difference between both of them ?

I don't know how i should configure my Entity::Users like which one

https://symfony.com/doc/current/security.html#security-user-providers https://symfony.com/doc/current/doctrine/registration_form.html

And the biggest thing that i'm never able to check my the login by myself (I guess that the security should use a specifical users implementations but I'm puzzled :( )

This is my road

config/routes.yaml

login:
    path: /
    controller: App\Controller\SecurityController::login

logged:
    path: /
    controller: App\Controller\SecurityController::logged

My security controller

src/Controller/SecurityController.php

<?php  // src/Controller/SecurityController.php

namespace App\Controller;

use Doctrine\ORM\EntityManagerInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;


class SecurityController extends Controller
{

    public function logged(EntityManagerInterface $em, Request $request, AuthenticationUtils $authUtils) 
    {

        error_log(".OMG.");


        return $this->render('security/logged.html.twig', array(
            'username' => $username,
            'password' => $password,
        ));
    }

    public function login(Request $request, AuthenticationUtils $authUtils)
    {
        error_log(".Login.");
        $username = $request->get('_username');
        $password = $request->get('_password');

    // get the login error if there is one
        $error = $authUtils->getLastAuthenticationError();

    // last username entered by the user
        $lastUsername = $authUtils->getLastUsername();

        return $this->render('security/login.html.twig', array(
            'last_username' => $lastUsername,
            'error'         => $error,
        ));
    }

}

And the template twig that i'm calling inside it

templates/security/login.html.twig

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
    <meta name="description" content="">
    <meta name="author" content="">
    <link rel="icon" href="../../../../favicon.ico">

    <title>Signin Template for Bootstrap</title>

    <!-- Bootstrap core CSS -->
    <link href="{{ asset('bootstrap/css/bootstrap.min.css') }}" rel="stylesheet">

    <!-- Custom styles for this template -->
    <link href="{{ asset('css/login.css') }}" rel="stylesheet">
</head>

<body>

    <div class="container">


        <button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>


        {% if error %}
        <div>{{ error.messageKey|trans(error.messageData, 'security') }}</div>
        {% endif %}

        <form action="{{ path('logged') }}" method="post" class="form-signin">
            <h2 class="form-signin-heading">Please sign in</h2>

            <label for="username" class="sr-only">Username:</label>
            <input type="text" id="username" name="_username" value="{{ last_username }}" class="form-control" required autofocus/>

            <label for="password" class="sr-only">Password:</label>
            <input type="password" id="password" name="_password"  class="form-control" placeholder="Password" required/>

            <div class="checkbox">
                <label>
                    <input type="checkbox" value="remember-me"> Remember me
                </label>
            </div>

            {#
                If you want to control the URL the user
                is redirected to on success (more details below)
                <input type="hidden" name="_target_path" value="/account" />
                #}

            <button type="submit">login</button>
        </form>


    </div> <!-- /container -->
</body>
</html>

The problem here is that I'm trying to call my SecurityController::logged() when I use the form action {{ path('logged') }} but whatever happen i'm never printing ".OMG." and I'm always printing the ".Login.".

My goal is just to provide a nice authentification user form... Someone have an advice, an answer to one of my questions ?

Or even an exemple for doing a easy one but where we can see the ORM/Users the Packages/security, the config/routes, the Controller/SecurityController and the twig file in the same tutorial ?

Thank you very much for read all of that btw !

1
phpsymfonysecuritydoctrine-orm
So many questions. Start with the first one. login_path is a GET request used to display your login form. The security system uses this to automatically redirect an un logged in user when needed. The check_login is a POST request. It is what the login form should post to. S security listener handles this to log in a user so you won't have a controller for it.Cerad
Thank's ! I found a dirty way to do what I was looking for, I use "http_basic" instead of "form_login" and I do my check in the security controller. If we shouldn't have a security Controller why are there asking to in the first documentation link that i let ? I guess that it's easier to make a proper security connexion with the FOS::UserBundles :(Alexandre Corvino
Exactly I am at a similar situation, you have to find documentation that are split up in parts and combine them ourselves. Any beginners trying to understand from the documentation will be easily put off.Sanjok Gurung
blog.dev-web.io/2017/12/16/… if you use it with a translator this might help you !Alexandre Corvino

1 Answers

3
votes

You have a lot of questions in one post. Probably you could create several posts with each question.

check_path is the post URL for login which is handled by FOS bundle. I would keep it something different than login to avoid confusion.

You have listed your providers but the provider is not mentioned in your login method.

Try following code and see if the login works.

security:
    providers:
        users:
            entity:
                class: Entity:Users
    firewalls:
        main:
            anonymous: ~
            form_login:
                provider: users
                login_path: login
                check_path: login_check
                post_only:  true
                default_target_path: logged

Also change the post url in your form with {{ path('login_check') }}