I'm using Symfony3 for a web application with the FosUserBundle for user management.
I inserted in my app the login and register form as followed in my header.html.twig. This file (header) is inserted in my main file (base.html.twig) which means that it is inserted on almost all my pages.
<div class="modal fade" id="registerModal" role="dialog">
{{ render(controller('UserBundle:Registration:Register', {'request': app.request})) }}
</div>
<div class="modal fade" id="loginModal" role="dialog">
{{ render(controller('UserBundle:Security:Login')) }}
</div>
The problem is that when I try to access the home page http://localhost/baseurl/web/app_dev.php/ I am redirected to http://localhost/baseurl/web/app_dev.php/login fos_user_security_login (the FosUserBundle login route configured in the login_path of the security.yml.)
I don't understand how to configure and use the FUB in the case I have overrided and inserted the security_login form in the header
My security.yml is as followed :
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
FOS\UserBundle\Model\UserInterface: sha512
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
login_path: fos_user_security_login
check_path: fos_user_security_check
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
default_target_path: /
failure_path: /
logout:
path: /logout
target: /
anonymous: true
remember_me:
secret: '%secret%'
lifetime: 604800 # 1 week in seconds
path: /
role_hierarchy:
ROLE_SECRETAIRE: [ROLE_USER]
ROLE_ADMIN: [ROLE_SECRETAIRE]
access_control:
- { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_SECRETAIRE }
config.yml :
# FOSUserBundle Configuration
fos_user:
db_driver: orm
firewall_name: main
user_class: UserBundle\Entity\User
use_listener: true
use_flash_notifications: true
use_authentication_listener: true
use_username_form_type: true
model_manager_name: null # change it to the name of your entity/document manager if you don't want to use the default one.
from_email:
address: [email protected]
sender_name: Gauthier
profile:
form:
type: FOS\UserBundle\Form\Type\ProfileFormType
name: fos_user_profile_form
validation_groups: [Profile, Default]
change_password:
form:
type: FOS\UserBundle\Form\Type\ChangePasswordFormType
name: fos_user_change_password_form
validation_groups: [ChangePassword, Default]
registration:
confirmation:
enabled: false
template: '@FOSUser/Registration/email.txt.twig'
form:
type: UserBundle\Form\Type\RegistrationType
name: fos_user_registration_form
validation_groups: [Registration, Default]
resetting:
token_ttl: 86400
email:
template: '@FOSUser/Resetting/email.txt.twig'
form:
type: FOS\UserBundle\Form\Type\ResettingFormType
name: fos_user_resetting_form
validation_groups: [ResetPassword, Default]
service:
mailer: fos_user.mailer.default
email_canonicalizer: fos_user.util.canonicalizer.default
username_canonicalizer: fos_user.util.canonicalizer.default
token_generator: fos_user.util.token_generator.default
user_manager: fos_user.user_manager.default
When I add a die('ok'); in my controller matched with the route 'homepage' (http://localhost/baseurl/web/app_dev.php/), I'm not redirected to /login but I have "ok" print on a white page. I don't understand where the redirection to /login is done
From the FOSUserBundle docs
Next, take a look at and examine the firewalls section. Here we have declared a firewall named main. By specifying form_login, you have told the Symfony Framework that any time a request is made to this firewall that leads to the user needing to authenticate himself, the user will be redirected to a form where he will be able to enter his credentials.
To allow accesss to your homepage you could add something like this:
# app/config/security.yml file
security:
...
access_control:
# allow anonymous access to the homepage:
- { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
In this case, the pattern for the index action in routing.yml has to be "/".