Add proper auth pages

This commit is contained in:
myrmidex 2026-06-05 18:41:50 +00:00
parent 67a6c7d8dc
commit dd78bf42e3
3 changed files with 41 additions and 7 deletions

View file

@ -19,17 +19,22 @@ security:
main:
lazy: true
provider: app_user_provider
form_login:
login_path: app_login
check_path: app_login
logout:
path: app_logout
# Activate different ways to authenticate:
# https://symfony.com/doc/current/security.html#the-firewall
# https://symfony.com/doc/current/security/impersonating_user.html
# switch_user: true
# Note: Only the *first* matching rule is applied
# Note: Only the *first* matching rule is applied
access_control:
# - { path: ^/admin, roles: ROLE_ADMIN }
# - { path: ^/profile, roles: ROLE_USER }
- {path: ^/account/login, roles: PUBLIC_ACCESS}
- {path: ^/account/register, roles: PUBLIC_ACCESS}
- {path: ^/, roles: ROLE_USER}
when@test:
security:

View file

@ -16,7 +16,7 @@ use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
class AccountController extends AbstractController
{
#[Route('/account/login')]
#[Route('/account/login', name: 'app_login')]
public function login(AuthenticationUtils $authUtils): Response
{
$error = $authUtils->getLastAuthenticationError();
@ -28,7 +28,7 @@ class AccountController extends AbstractController
]);
}
#[Route('/account/register')]
#[Route('/account/register', name: 'app_register')]
public function register(
Request $request,
UserPasswordHasherInterface $passwordHasher,
@ -58,11 +58,17 @@ class AccountController extends AbstractController
$em->persist($user);
$em->flush();
return $this->redirectToRoute('app_account_login');
return $this->redirectToRoute('app_login');
}
return $this->render('account/register.html.twig', [
'form' => $form,
]);
}
#[Route('/account/logout', name: 'app_logout')]
public function logout(): void
{
throw new \LogicException('This should never be reached.');
}
}

View file

@ -0,0 +1,23 @@
{% extends 'base.html.twig' %}
{% block body %}
<h1>Log in</h1>
{% if error %}
<div>{{ error.messageKey|trans(error.messageData, 'security') }}</div>
{% endif %}
<form method="post">
<label for="email">Email</label>
<input type="email" id="email" name="_username" value="{{ last_username }}">
<label for="password">Password</label>
<input type="password" id="password" name="_password">
<input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
<button type="submit">Log in</button>
</form>
<p>No account yet? <a href="{{ path('app_register') }}">Register</a></p>
{% endblock %}