Chapters

47 Chapters | 4:41:51 |

01

composer require seguridad

5:07
02

make:user

5:57
03

Personalizar la clase de usuario

3:08
04

Construir un formulario de inicio de sesión

3:07
05

Cortafuegos y autenticadores

6:39
06

El autentificador y el pasaporte

6:24
07

Consulta de usuario personalizada y credenciales

6:04
08

Éxito de la autenticación y actualización del usuario

6:33
09

Cuando falla la autenticación

7:19
10

Personalizar los mensajes de error y añadir el cierre de sesión

7:33
11

Dar contraseñas a los usuarios

5:26
12

Hash de contraseñas en texto plano y PasswordCredentials

4:22
13

Sistema de eventos de seguridad y protección Csrf

6:40
14

Sistema de recordarme

7:07
15

Recordarme siempre y "signature_properties"

6:28
16

Denegación de acceso, access_control y roles

5:22
17

El punto de entrada: invitar a los usuarios a conectarse

6:45
18

AbstractLoginFormAuthenticator y redireccionamiento a la URL anterior

5:13
19

form_login: El autentificador incorporado

5:42
20

Más configuración de form_login

3:25
21

Negar el acceso en un controlador

4:57
22

Roles dinámicos

4:28
23

Las cadenas especiales ISAUTHENTICATED

9:18
24

Obtención del objeto de usuario

6:38
25

Métodos de usuario personalizados y el usuario en un servicio

7:21
26

Jerarquía de roles

5:37
27

Suplantación: switch_user

5:27
28

La API de usuario y el serializador

5:37
29

¿Utilizar o no la autenticación por token de la API?

4:09
30

Formulario de registro

5:25
31

Autenticación manual

6:12
32

Hacer preguntas propiedad de los usuarios

5:13
33

Aprovechando el propietario de la pregunta

6:09
34

Votantes

6:27
35

Votante personalizado

6:52
36

Verificar el correo electrónico tras el registro

7:57
37

Verificación de la URL firmada del correo electrónico de confirmación

7:18
38

Ralentización de inicio de sesión y eventos

6:11
39

Seguridad Eventos y Listeners

4:00
40

Crear un suscriptor de eventos de seguridad

8:47
41

Redirección personalizada cuando "Email no verificado"

7:16
42

autenticación de 2 factores y tokens de autenticación

8:33
43

2fa con TOTP (Time-Based One Time Password)

5:20
44

Activación de 2FA

5:34
45

Renderización del código QR

6:13
46

Datos QR y escaneo con una aplicación de autenticación

4:35
47

Personalizar el formulario de autenticación de dos factores

5:53

> Symfony 5 > Symfony 5 Seguridad: Autenticadores

Buy Access to Course

18.

AbstractLoginFormAuthenticator y redireccionamiento a la URL anterior

Autoplay

Keep on Learning!

If you liked what you've learned so far, dive in! Subscribe to get
access to this tutorial plus video, code and script downloads.

Start your All-Access Pass

Buy just this tutorial for $12.00

Previous Chapter

Next Chapter

With a Subscription, click any sentence in the script to jump to that part of the video!

Tengo que confesar algo: en nuestro autentificador, ¡hemos hecho demasiado trabajo! Sí, cuando construyes un autenticador personalizado para un "formulario de inicio de sesión", Symfony proporciona una clase base que puede hacer la vida mucho más fácil. En lugar de extender AbstractAuthenticator extiendeAbstractLoginFormAuthenticator:

            Copy Code

                            Show All Lines

                        97 lines
            |
            src/Security/LoginFormAuthenticator.php
        
                Show Lines

                                                    // ... lines 1 - 15
                            
            use Symfony\Component\Security\Http\Authenticator\AbstractLoginFormAuthenticator;
        
                Show Lines

                                                    // ... lines 17 - 25
                            
            class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
        
            {
        
                Show Lines

                                                    // ... lines 28 - 95
                            
            }

Mantén Command o Ctrl para abrir esa clase. Sí, extiende AbstractAuthenticatory también implementa AuthenticationEntryPointInterface. ¡Genial! Eso significa que podemos eliminar nuestro redundante AuthenticationEntryPointInterface:

            Copy Code

                            Show All Lines

                        97 lines
            |
            src/Security/LoginFormAuthenticator.php
        
                Show Lines

                                                    // ... lines 1 - 23
                            
            use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
        
            class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
        
            {
        
                Show Lines

                                                    // ... lines 28 - 95
                            
            }

La clase abstracta requiere que añadamos un nuevo método llamado getLoginUrl(). Dirígete a la parte inferior de esta clase y ve a "Código"->"Generar" -o Command+N en un Mac- y luego a "Implementar métodos" para generar getLoginUrl(). Para el interior, roba el código de arriba... y devuelve $this->router->generate('app_login'):

            Copy Code

                            Show All Lines

                        97 lines
            |
            src/Security/LoginFormAuthenticator.php
        
                Show Lines

                                                    // ... lines 1 - 25
                            
            class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
        
            {
        
                Show Lines

                                                    // ... lines 28 - 91
                            
                protected function getLoginUrl(Request $request): string
        
                {
        
                    return $this->router->generate('app_login');
        
                }
        
            }

La utilidad de esta clase base es bastante fácil de ver: ¡implementa tres de los métodos por nosotros! Por ejemplo, implementa supports() comprobando si el método es POST y si la cadena getLoginUrl() coincide con la URL actual. En otras palabras, hace exactamente lo mismo que nuestro método supports(). También gestionaonAuthenticationFailure() -almacenando el error en la sesión y redirigiendo de nuevo a la página de inicio de sesión- y también el punto de entrada - start() - redirigiendo, una vez más, a /login.

Esto significa que... oh sí... ¡podemos eliminar código! Veamos: eliminar supports(),onAuthenticationFailure() y también start():

            Copy Code

                            Show All Lines

                        97 lines
            |
            src/Security/LoginFormAuthenticator.php
        
                Show Lines

                                                    // ... lines 1 - 25
                            
            class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
        
            {
        
                Show Lines

                                                    // ... lines 28 - 36
                            
                public function supports(Request $request): ?bool
        
                {
        
                    return ($request->getPathInfo() === '/login' && $request->isMethod('POST'));
        
                }
        
                Show Lines

                                                    // ... lines 41 - 75
                            
                public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
        
                {
        
                    $request->getSession()->set(Security::AUTHENTICATION_ERROR, $exception);
        
                    return new RedirectResponse(
        
                        $this->router->generate('app_login')
        
                    );
        
                }
        
                public function start(Request $request, AuthenticationException $authException = null): Response
        
                {
        
                    return new RedirectResponse(
        
                        $this->router->generate('app_login')
        
                    );
        
                }
        
                Show Lines

                                                    // ... lines 91 - 95
                            
            }

Mucho más bonito:

            Copy Code

                            Show All Lines

                        76 lines
            |
            src/Security/LoginFormAuthenticator.php
        
                Show Lines

                                                    // ... lines 1 - 25
                            
            class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
        
            {
        
                private UserRepository $userRepository;
        
                private RouterInterface $router;
        
                public function __construct(UserRepository $userRepository, RouterInterface $router)
        
                {
        
                Show Lines

                                                    // ... lines 33 - 34
                            
                }
        
                public function authenticate(Request $request): PassportInterface
        
                {
        
                Show Lines

                                                    // ... lines 39 - 61
                            
                }
        
                public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
        
                {
        
                Show Lines

                                                    // ... lines 66 - 68
                            
                }
        
                protected function getLoginUrl(Request $request): string
        
                {
        
                Show Lines

                                                    // ... line 73
                            
                }
        
            }

Asegurémonos de que no rompemos nada: vamos a /admin y... ¡perfecto! El método start() nos sigue redirigiendo a /login. Entremos conabraca_admin@example.com, contraseña tada y... ¡sí! Eso también sigue funcionando: nos redirige a la página de inicio... porque eso es lo que estamos haciendo dentro deonAuthenticationSuccess:

            Copy Code

                            Show All Lines

                        76 lines
            |
            src/Security/LoginFormAuthenticator.php
        
                Show Lines

                                                    // ... lines 1 - 25
                            
            class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
        
            {
        
                Show Lines

                                                    // ... lines 28 - 63
                            
                public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
        
                {
        
                    return new RedirectResponse(
        
                        $this->router->generate('app_homepage')
        
                    );
        
                }
        
                Show Lines

                                                    // ... lines 70 - 74
                            
            }

TargetPathTrait: Redirección inteligente

Pero... si lo piensas... eso no es lo ideal. Ya que en un principio intentaba ir a /admin... ¿no debería el sistema ser lo suficientemente inteligente como para redirigirnos de nuevo allí después de que hayamos entrado con éxito? Sí Y eso es totalmente posible.

Vuelve a cerrar la sesión. Cuando un usuario anónimo intenta acceder a una página protegida como /admin, justo antes de llamar a la función del punto de entrada, Symfony almacena la URL actual en algún lugar de la sesión. Gracias a esto, en onAuthenticationSuccess(), podemos leer esa URL -que se denomina "ruta de destino"- y redirigirla allí.

Para ayudarnos a hacer esto, ¡podemos aprovechar un trait! En la parte superior de la claseuse TargetPathTrait:

            Copy Code

                            Show All Lines

                        83 lines
            |
            src/Security/LoginFormAuthenticator.php
        
                Show Lines

                                                    // ... lines 1 - 24
                            
            use Symfony\Component\Security\Http\Util\TargetPathTrait;
        
            class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
        
            {
        
                use TargetPathTrait;
        
                Show Lines

                                                    // ... lines 30 - 81
                            
            }

Luego, abajo, en onAuthenticationSuccess(), podemos comprobar si se ha almacenado una "ruta de destino" en la sesión. Lo hacemos diciendo si$target = $this->getTargetPath() - pasando la sesión -$request->getSession() - y luego el nombre del cortafuegos, que en realidad tenemos como argumento. Esa es la clave main:

            Copy Code

                            Show All Lines

                        83 lines
            |
            src/Security/LoginFormAuthenticator.php
        
                Show Lines

                                                    // ... lines 1 - 26
                            
            class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
        
            {
        
                Show Lines

                                                    // ... lines 29 - 66
                            
                public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
        
                {
        
                    if ($target = $this->getTargetPath($request->getSession(), $firewallName)) {
        
                Show Lines

                                                    // ... line 70
                            
                    }
        
                    return new RedirectResponse(
        
                        $this->router->generate('app_homepage')
        
                    );
        
                }
        
                Show Lines

                                                    // ... lines 77 - 81
                            
            }

Esta línea hace dos cosas a la vez: establece una variable $target a la ruta de destino y, en la sentencia if, comprueba si ésta tiene algo. Porque, si el usuario va directamente a la página de inicio de sesión, entonces no tendrá una ruta de destino en la sesión.

Así que, si tenemos una ruta de destino, redirige a ella: return new RedirectResponse($target):

            Copy Code

                            Show All Lines

                        83 lines
            |
            src/Security/LoginFormAuthenticator.php
        
                Show Lines

                                                    // ... lines 1 - 26
                            
            class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
        
            {
        
                Show Lines

                                                    // ... lines 29 - 66
                            
                public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
        
                {
        
                    if ($target = $this->getTargetPath($request->getSession(), $firewallName)) {
        
                        return new RedirectResponse($target);
        
                    }
        
                    return new RedirectResponse(
        
                        $this->router->generate('app_homepage')
        
                    );
        
                }
        
                Show Lines

                                                    // ... lines 77 - 81
                            
            }

¡Hecho y listo! Si mantienes Command o Ctrl y haces clic en getTargetPath() para saltar a ese método central, puedes ver que es súper sencillo: sólo lee una clave muy específica de la sesión. Esta es la clave que el sistema de seguridad establece cuando un usuario anónimo intenta acceder a una página protegida.

¡Vamos a probar esto! Ya hemos cerrado la sesión. Dirígete a /admin. Nuestro punto de entrada nos redirige a /login. Pero además, entre bastidores, Symfony acaba de fijar la URL/admin en esa clave de la sesión. Así que cuando nos conectamos ahora con nuestro correo electrónico y contraseña habituales... ¡impresionante! ¡Se nos redirige de nuevo a /admin!

Siguiente: um... seguimos haciendo demasiado trabajo en LoginFormAuthenticator. ¡Maldita sea! Resulta que, a menos que necesitemos algunas cosas especialmente personalizadas, si estás construyendo un formulario de inicio de sesión, puedes omitir por completo la clase del autentificador personalizado y confiar en un autentificador central de Symfony.

12 Comments

Sort By

Mahmut-A 1 year ago edited

Hello,

I kindly request a help about one error: I have a controller as below:

    #[Route('/{username}/index.html' ,name: 'app_main_homepage')]
    public function homepage(LabRepository $labdata  ): Response
    {
        $lablist = $labdata->findAll();

        $user = $this->getUser();

        return $this->render('index.html.twig', ['LabList' => $lablist, 'user' => $user,]);
    }

My purpose is, when user logged in, url should redirect his page. I coded as below to LoginFormAuthenticator.

public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
{
    $user = $token->getUser();
    $username = strtolower(str_replace(' ', '-', $user->getUsername()));

    if ($target = $this->getTargetPath($request->getSession(), $firewallName)) {
        return new RedirectResponse($target);
    }

    return new RedirectResponse(
        $this->router->generate('app_main_homepage', ['username' => $username])
    );
}

However, I am getting below error. Could you please help me to why ı am getting this?

An exception has been thrown during the rendering of a template ("Some mandatory parameters are missing ("username") to generate a URL for route "app_main_homepage".").

| Reply |

Victor SFCASTS Mahmut-A 1 year ago

Hey Mahmut,

Are you sure the error you see is related to the code you showed above? :) Because that code looks good to me, probably you have another spot in your app where you generate app_main_homepage route without parameters? Please, double-check it. You can easily debug it with dd() before and after that route generation:

dd('before');
$this->router->generate('app_main_homepage', ['username' => $username])
dd('after');

Make sure you hit "before" spot first, then comment it out and make sure you hit the "after". Also, probably you generate route that shows the error on the redirected page? I would recommend you to search for app_main_homepage globally in your project to see if there are any spots where you forgot that mandatory parameter. If everything looks good - hm, maybe try to clear the cache just in case, sometimes it helps!

Also, make sure that the $username you're passing to generate() is not null or empty string :)

Cheers!

| Reply |

Mahmut-A Victor 1 year ago

hello Victor,

I found the problem, ı was missing the parameter to path ( app_main_homepage). I added and fixed.

| Reply |

Victor SFCASTS Mahmut-A 1 year ago

Hey Mahmut,

Great! Easy fix :)

| Reply |

MattWelander 3 years ago

Very happy with all these walkthroughs as always. One question - I have the following authenticate() method with a flag on the user to block login via the form for certain users.
As it currently behaves, it will check whether this block flag is on or not BEFORE the password is checked. This has the side effect that you can find out whether a user exists or not even if you don't pass the correct password.

Where would I put this deny-flag-check in order to do it only once the password is successfully checked (but before the user is authenticated... I understand that I could do it in the onAuthenticationSuccess method, but I want it before the session is approved)

public function authenticate(Request $request): PassportInterface
{

    $email = $request->request->get('email');
    $password = $request->request->get('password');

    return new Passport(
        new UserBadge($email, function($userIdentifier) {
            // optionally pass a callback to load the User manually
            $user = $this->userRepository->findOneBy(['email' => $userIdentifier]);

            if (!$user) {
                throw new UserNotFoundException();
            } elseif ($user->isDenyFormLogin() == true) { //checking for denyFlag on user
                throw new CustomUserMessageAuthenticationException('Form login denied for this user.');
            }

            return $user;
        }),
        new PasswordCredentials($password),
        [
            new CsrfTokenBadge(
                'authenticate',
                $request->request->get('_csrf_token')
            ),
            (new RememberMeBadge())->enable(),
        ]
    );
}

| Reply |

weaverryan SFCASTS MattWelander 3 years ago

Hey MattWelander!

Happy new year! This is an excellent question. Take this logic out of your authenticator and instead, add it to an event subscriber on the CheckPassportEvent::class event. The PasswordCredentials themselves are actually checked via a listener on this event: https://github.com/symfony/symfony/blob/6.3/src/Symfony/Component/Security/Http/EventListener/CheckCredentialsListener.php - you can use it as a guide. To be sure that you're running AFTER the password check, you could set your priority to -1 for this subscriber - so like this:

public static function getSubscribedEvents(): array
{
    return [CheckPassportEvent::class => ['checkPassport', -1]];
}

Let me know if that works out! Btw, a side effect of this (which is probably good) is that if you have any other ways for a user to authenticate (including, iirc, via a "remember me cookie"), those will also be "subject" to this check. In other words, no matter how your user tries to log in, if they fail this check, they will fail authentication. If this is NOT what you want (and you only want this check to happen for this ONE authenticator), that's no problem. Do this:

A) Create a new badge class - e.g. CheckDenyFormLoginBadge. It can basically be empty
B) Add this to your Passport
C) In your subscriber, only run the check if this badge is present.

Cheers!

| Reply |

Andrea Gelmini 4 years ago edited

Hello.

Great guide. it's really helping me a lot.
I am writing this comment because while I was trying this step "AbstractLoginFormAuthenticator & Redirecting to Previous URL", after all the changes the authentication process did not seem to take place.

the solution I found was to change the LoginFormAuthenticator class
adding the motodo

    public function supports(Request $request): bool
    {
        return $request->isMethod('POST') && $this->getLoginUrl($request) === $request->getRequestUri();
    }

this

$this->getLoginUrl($request) === $request->getPathInfo()

it returned false and did not make the magic work.

| Reply |

MolloKhan SFCASTS Andrea Gelmini 4 years ago edited

Hey Andrea Gelmini !

It look like you have a tiny error in your first code example. This is how we do the supports() check


    public function supports(Request $request): ?bool
    {
        return ($request->getPathInfo() === '/login' && $request->isMethod('POST'));
    }

You can notice we hardcode the "/login" string

Cheers!

| Reply |

MattWelander MolloKhan 3 years ago

I'm confused =)

At one stage in this script you say:
"This means that... oh yea... we can remove code! Let's see: delete supports(), onAuthenticationFailure() and also start():"

In the resulting example, the method supports() is completely erased. Like Andrea Gelmini says above, this causes the authenticator to go completely disconnect. the login form is no longer attached to an authenticator, submitting the form will only render the login form anew.

By your answer to Andrea above, it seems that you confirm that the supports() method should still be in the LoginFormAuthenticator? Was it a mistake to tell us to remove it alltogether and the script needs amending? Or is there something in mine and Andreas environment that is configured differently than in your environment, causing the supports() method from the AbstractLoginFormAuthenticator to go disconnect?

| Reply |

weaverryan SFCASTS MattWelander 3 years ago

Hmm, I see what you mean. Let me clarify what's going on. I think you likely already know some of this, but just to clear everything up:

A) Every authenticator DOES need a supports() method.
B) But, when we extend AbstractLoginFormAuthenticator, you can remove the supports() method in your class, simply because it already exists in the parent class.

So yes, I think Diego's comment was not quite right.

Now, to the real question:

Or is there something in mine and Andreas environment that is configured differently than in your environment, causing the supports() method from the AbstractLoginFormAuthenticator to go disconnect?

Yes, possibly :). For some reason, the supports() method that you're inheriting is returning false when it should return true. You could add some debugging code to that method to find out why, though I might have an idea: are you running your site at the root of a domain - e.g. http://127.0.0.1:8000 is your homepage? Or is it under a subdirectory - e.g. http://127.0.0.1:8000/site is the homepage? If it is the latter, there is a known bug in that inherited method that makes it not match correctly. In that case, you should keep your supports() method so it works. Wow, and apparently I opened that issue - lol - https://github.com/symfony/symfony/issues/44893 - and it's fixed in Symfony 5.4.13, 6.0.14, 6.1.6 and 6.2.0 and higher.

Anyways, that was just a guess at the problem. If I'm wrong, I'd love to know what you find going wrong in that parent supports() method!

Cheers!

| Reply |

MattWelander weaverryan 3 years ago

That was in fact a pretty good guess - I'm testing it off of http://localhost:8888/mysite/ 😂 thanks

| Reply |

weaverryan SFCASTS MattWelander 3 years ago

Yay! Well then I'm double glad that this will, at least, be fixed in later versions!

Have fun!

| Reply |

¡Este tutorial también funciona muy bien para Symfony 6!

symfony 5.3

What PHP libraries does this tutorial use?

// composer.json
{
    "require": {
        "php": ">=8.2",
        "ext-ctype": "*",
        "ext-iconv": "*",
        "babdev/pagerfanta-bundle": "^3.3", // v3.3.0
        "composer/package-versions-deprecated": "^1.11", // 1.11.99.4
        "doctrine/annotations": "^1.0", // 1.13.2
        "doctrine/doctrine-bundle": "^2.1", // 2.6.3
        "doctrine/doctrine-migrations-bundle": "^3.0", // 3.1.1
        "doctrine/orm": "^2.7", // 2.10.1
        "knplabs/knp-markdown-bundle": "^1.8", // 1.9.0
        "knplabs/knp-time-bundle": "^1.11", // v1.16.1
        "pagerfanta/doctrine-orm-adapter": "^3.3", // v3.3.0
        "pagerfanta/twig": "^3.3", // v3.3.0
        "phpdocumentor/reflection-docblock": "^5.2", // 5.2.2
        "scheb/2fa-bundle": "^5.12", // v5.12.1
        "scheb/2fa-qr-code": "^5.12", // v5.12.1
        "scheb/2fa-totp": "^5.12", // v5.12.1
        "sensio/framework-extra-bundle": "^6.0", // v6.2.0
        "stof/doctrine-extensions-bundle": "^1.4", // v1.6.0
        "symfony/asset": "5.3.*", // v5.3.4
        "symfony/console": "5.3.*", // v5.3.7
        "symfony/dotenv": "5.3.*", // v5.3.8
        "symfony/flex": "^1.3.1", // v1.21.6
        "symfony/form": "5.3.*", // v5.3.8
        "symfony/framework-bundle": "5.3.*", // v5.3.8
        "symfony/monolog-bundle": "^3.0", // v3.7.0
        "symfony/property-access": "5.3.*", // v5.3.8
        "symfony/property-info": "5.3.*", // v5.3.8
        "symfony/rate-limiter": "5.3.*", // v5.3.4
        "symfony/runtime": "5.3.*", // v5.3.4
        "symfony/security-bundle": "5.3.*", // v5.3.8
        "symfony/serializer": "5.3.*", // v5.3.8
        "symfony/stopwatch": "5.3.*", // v5.3.4
        "symfony/twig-bundle": "5.3.*", // v5.3.4
        "symfony/ux-chartjs": "^1.3", // v1.3.0
        "symfony/validator": "5.3.*", // v5.3.8
        "symfony/webpack-encore-bundle": "^1.7", // v1.12.0
        "symfony/yaml": "5.3.*", // v5.3.6
        "symfonycasts/verify-email-bundle": "^1.5", // v1.5.0
        "twig/extra-bundle": "^2.12|^3.0", // v3.3.3
        "twig/string-extra": "^3.3", // v3.3.3
        "twig/twig": "^2.12|^3.0" // v3.3.3
    },
    "require-dev": {
        "doctrine/doctrine-fixtures-bundle": "^3.3", // 3.4.0
        "symfony/debug-bundle": "5.3.*", // v5.3.4
        "symfony/maker-bundle": "^1.15", // v1.34.0
        "symfony/var-dumper": "5.3.*", // v5.3.8
        "symfony/web-profiler-bundle": "5.3.*", // v5.3.8
        "zenstruck/foundry": "^1.1" // v1.13.3
    }
}

Previous Chapter

Next Chapter

AbstractLoginFormAuthenticator y redireccionamiento a la URL anterior

Share this awesome video!

Keep on Learning!

TargetPathTrait: Redirección inteligente

12 Comments

Delete comment?

What PHP libraries does this tutorial use?

Show Lines	// ... lines 1 - 15
	use Symfony\Component\Security\Http\Authenticator\AbstractLoginFormAuthenticator;
Show Lines	// ... lines 17 - 25
	class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
	{
Show Lines	// ... lines 28 - 95
	}

Show Lines	// ... lines 1 - 23
	use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;

	class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
	{
Show Lines	// ... lines 28 - 95
	}

Show Lines	// ... lines 1 - 25
	class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
	{
Show Lines	// ... lines 28 - 91
	protected function getLoginUrl(Request $request): string
	{
	return $this->router->generate('app_login');
	}
	}

Show Lines	// ... lines 1 - 24
	use Symfony\Component\Security\Http\Util\TargetPathTrait;

	class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
	{
	use TargetPathTrait;
Show Lines	// ... lines 30 - 81
	}

Show Lines	// ... lines 1 - 26
	class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
	{
Show Lines	// ... lines 29 - 66
	public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
	{
	if ($target = $this->getTargetPath($request->getSession(), $firewallName)) {
Show Lines	// ... line 70
	}

	return new RedirectResponse(
	$this->router->generate('app_homepage')
	);
	}
Show Lines	// ... lines 77 - 81
	}