I hope you'll help me...
When I try to login on my Symfony 6 app, nothing happens. I have no error, but it don't log me. It only refresh the page.
security.yaml
security:
providers:
app_user_provider:
entity:
class: App\Entity\User
property: email
password_hashers:
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
security: false
lazy: true
provider: app_user_provider
custom_authenticator:
- App\Security\AppAuthenticator
logout:
path: app_logout
target: login
secured_area:
pattern: ^/
form_login:
login_path: app_login
check_path: app_login
SecurityController::login
public function login(AuthenticationUtils $authenticationUtils, $errorLog = null): Response
{
if ($this->getUser()) {
return $this->redirectToRoute('app_dashboard');
}
// get the login error if there is one
$error = $authenticationUtils->getLastAuthenticationError();
// last username entered by the user
$lastUsername = $authenticationUtils->getLastUsername();
// var_dump($errorLog);
return $this->render('public/auth/login.html.twig', [
'last_username' => $lastUsername,
'error' => $error
]);
}
My prod server is up to date and I can log me, but in dev (127.0.0.1) it's impossible.
Thank you for your help.
It looks like you have disabled security layer in the main firewall. Try to remove security: falsein the main firewall:
# security.yaml
security:
providers:
app_user_provider:
entity:
class: App\Entity\User
property: email
password_hashers:
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
# security: false # REMOVE THIS LINE
lazy: true
provider: app_user_provider
custom_authenticator:
- App\Security\AppAuthenticator
logout:
path: app_logout
target: login
secured_area:
pattern: ^/
form_login:
login_path: app_login
check_path: app_login