thank you for your answer to my question.
I have just tested it with annotations, but unfortunately it doesn't work for me even with that. When I submit the "empty" login form, I get the message "Invalid credentials.".
I don't understand why Symfony is checking the login data here even though the form fields are empty.
Before the access data can be validated, it must first be checked whether the form has been filled out correctly.
Here is some sample code to illustrate what I'm trying to do.
User.php
<?php
declare(strict_types=1);
namespace App\Entity;
use App\Repository\UserRepository;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* @ORM\Entity(repositoryClass=UserRepository::class)
*/
class User implements UserInterface
{
/**
* @ORM\Id()
* @ORM\GeneratedValue()
* @ORM\Column(type="integer")
*/
private $id;
/**
* @ORM\Column(type="string", length=180, unique=true)
*/
private $username;
/**
* @var string The hashed password
* @ORM\Column(type="string")
*/
private $password;
/**
* @ORM\Column(type="json")
*/
private $roles = [];
public function getId(): ?int
{
return $this->id;
}
/**
* @return string|null
*/
public function getUsername(): ?string
{
return $this->username;
}
/**
* @param string|null $username
* @return $this
*/
public function setUsername(?string $username): self
{
$this->username = $username;
return $this;
}
/**
* @return string|null
*/
public function getPassword(): ?string
{
return $this->password;
}
/**
* @param string|null $password
* @return $this
*/
public function setPassword(?string $password): self
{
$this->password = $password;
return $this;
}
/**
* @return array
*/
public function getRoles(): array
{
$roles = $this->roles;
$roles[] = 'ROLE_USER';
return array_unique($roles);
}
/**
* @param array $roles
* @return $this
*/
public function setRoles(array $roles): self
{
$this->roles = $roles;
return $this;
}
/**
* @return string|null
*/
public function getSalt() :?string
{
return null;
}
/**
* @see UserInterface
*/
public function eraseCredentials()
{
}
}
LoginType.php
<?php
declare(strict_types=1);
namespace App\Form;
use App\Entity\User;
use Gregwar\CaptchaBundle\Type\CaptchaType;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Extension\Core\Type\PasswordType;
use Symfony\Component\Form\Extension\Core\Type\SubmitType;
use Symfony\Component\Form\Extension\Core\Type\TextType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolver;
class LoginType extends AbstractType
{
public const CAPTCHA_REQUIRED = 'captcha_required';
/**
* @param FormBuilderInterface $builder
* @param array $options
*/
public function buildForm(FormBuilderInterface $builder, array $options): void
{
$builder
->add('username', TextType::class, ['label' => 'login_form.username'])
->add('password', PasswordType::class, ['label' => 'login_form.password'])
->add('submit', SubmitType::class, ['label' => 'button.login']);
if ($options[self::CAPTCHA_REQUIRED]) {
$builder
->add('captcha', CaptchaType::class, ['label' => 'login_form.captcha']);
}
}
/**
* @param OptionsResolver $resolver
*/
public function configureOptions(OptionsResolver $resolver): void
{
$resolver->setDefaults([
'data_class' => User::class,
self::CAPTCHA_REQUIRED => false,
]);
}
}
validator.yaml
framework:
validation:
enabled: true
email_validation_mode: html5
validation.yaml
App\Entity\User:
properties:
username:
- NotBlank: ~
password:
- NotBlank: ~
Incidentally, I have no problems with any of the other forms.
Only especially with my login form does the validation of the constraints not work.
I suspect because Symfony first validates the access data instead of checking the constraints first.
Have you ever successfully used constraints in a Syfmony login form?