I'm reworking my Silex application to Symfony 4, as Silex will be deprecated in a couple of months. Everything works great, but I'm having a bit of a problem with Symfony's Security Bundle.
The problem is I'm trying to log into the application, but it always redirects me back to my application without any error displayed.
I guess it might be a misconfiguration, but I have been looking for any kind of problems for a while now and I can't seem to find any errors.
Here's my security.yaml
providers:
in_memory:
memory:
users:
admin:
password: foo
roles: ROLE_ADMIN
encoders:
Symfony\Component\Security\Core\User\User: plaintext
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
context: 'secured'
pattern: '^/login'
anonymous: true
provider: in_memory
secured_area:
context: 'secured'
pattern: '^(/admin|/api)'
provider: in_memory
form_login:
login_path: /login/
check_path: /admin/check/
default_target_path: /admin/
logout:
path: /admin/logout/
target: /
invalidate_session: true
access_control:
- { path: '^(/admin|/api)', roles: ROLE_ADMIN }
LoginController
/**
* @Route("/login/", name="login")
*/
public function login(Request $request, AuthorizationCheckerInterface $authChecker, AuthenticationUtils $authUtils): Response
{
$isLoggedIn = $authChecker->isGranted('ROLE_ADMIN');
if ($isLoggedIn) {
return $this->redirectToRoute('admin');
}
return $this->render('login/index.html.twig', [
'error' => $authUtils->getLastAuthenticationError(),
'last_username' => $authUtils->getLastUsername()
]);
}
I tried setting check_path option to /login/check/ and other similar routes, but then Symfony threw an exception that the route is not created (I guess it shouldn't be created).
So, after trying to solve this issue for a half of day, I finally realized what did I do wrong. Unlike Silex, Symfony is not creating routes for login_check and logout by itself. I needed to register the routes somehow in order to run it smoothly.
You can either register the routes in routes.yaml or using annotations.