Add proper auth pages
This commit is contained in:
parent
67a6c7d8dc
commit
dd78bf42e3
3 changed files with 41 additions and 7 deletions
|
|
@ -19,17 +19,22 @@ security:
|
|||
main:
|
||||
lazy: true
|
||||
provider: app_user_provider
|
||||
|
||||
form_login:
|
||||
login_path: app_login
|
||||
check_path: app_login
|
||||
logout:
|
||||
path: app_logout
|
||||
# Activate different ways to authenticate:
|
||||
# https://symfony.com/doc/current/security.html#the-firewall
|
||||
|
||||
# https://symfony.com/doc/current/security/impersonating_user.html
|
||||
# switch_user: true
|
||||
|
||||
# Note: Only the *first* matching rule is applied
|
||||
# Note: Only the *first* matching rule is applied
|
||||
access_control:
|
||||
# - { path: ^/admin, roles: ROLE_ADMIN }
|
||||
# - { path: ^/profile, roles: ROLE_USER }
|
||||
- {path: ^/account/login, roles: PUBLIC_ACCESS}
|
||||
- {path: ^/account/register, roles: PUBLIC_ACCESS}
|
||||
- {path: ^/, roles: ROLE_USER}
|
||||
|
||||
when@test:
|
||||
security:
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
|
|||
|
||||
class AccountController extends AbstractController
|
||||
{
|
||||
#[Route('/account/login')]
|
||||
#[Route('/account/login', name: 'app_login')]
|
||||
public function login(AuthenticationUtils $authUtils): Response
|
||||
{
|
||||
$error = $authUtils->getLastAuthenticationError();
|
||||
|
|
@ -28,7 +28,7 @@ class AccountController extends AbstractController
|
|||
]);
|
||||
}
|
||||
|
||||
#[Route('/account/register')]
|
||||
#[Route('/account/register', name: 'app_register')]
|
||||
public function register(
|
||||
Request $request,
|
||||
UserPasswordHasherInterface $passwordHasher,
|
||||
|
|
@ -58,11 +58,17 @@ class AccountController extends AbstractController
|
|||
$em->persist($user);
|
||||
$em->flush();
|
||||
|
||||
return $this->redirectToRoute('app_account_login');
|
||||
return $this->redirectToRoute('app_login');
|
||||
}
|
||||
|
||||
return $this->render('account/register.html.twig', [
|
||||
'form' => $form,
|
||||
]);
|
||||
}
|
||||
|
||||
#[Route('/account/logout', name: 'app_logout')]
|
||||
public function logout(): void
|
||||
{
|
||||
throw new \LogicException('This should never be reached.');
|
||||
}
|
||||
}
|
||||
|
|
|
|||
23
templates/account/login.html.twig
Normal file
23
templates/account/login.html.twig
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
{% extends 'base.html.twig' %}
|
||||
|
||||
{% block body %}
|
||||
<h1>Log in</h1>
|
||||
|
||||
{% if error %}
|
||||
<div>{{ error.messageKey|trans(error.messageData, 'security') }}</div>
|
||||
{% endif %}
|
||||
|
||||
<form method="post">
|
||||
<label for="email">Email</label>
|
||||
<input type="email" id="email" name="_username" value="{{ last_username }}">
|
||||
|
||||
<label for="password">Password</label>
|
||||
<input type="password" id="password" name="_password">
|
||||
|
||||
<input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
|
||||
|
||||
<button type="submit">Log in</button>
|
||||
</form>
|
||||
|
||||
<p>No account yet? <a href="{{ path('app_register') }}">Register</a></p>
|
||||
{% endblock %}
|
||||
Loading…
Reference in a new issue