Configure authentication

2022-03-20 23:48:48 +01:00 · 2022-03-20 23:48:48 +01:00 · 2bf742c933
parent ff7dc737b7
commit 2bf742c933
4 changed files with 65 additions and 1 deletions
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@ -20,6 +20,15 @@ security:
        main:
            lazy: true
            provider: app_user_provider
+            form_login:
+                login_path: app_login
+                check_path: app_login
+                enable_csrf: true
+                default_target_path: app_home
+                always_use_default_target_path: true
+            login_throttling: null
+            logout:
+                path: app_logout

            # activate different ways to authenticate
            # https://symfony.com/doc/current/security.html#the-firewall
@ -30,7 +39,7 @@ security:
    # Easy way to control access for large sections of your site
    # Note: Only the *first* access control that matches will be used
    access_control:
-        # - { path: ^/admin, roles: ROLE_ADMIN }
+        - { path: ^/admin, roles: ROLE_ADMIN }
        # - { path: ^/profile, roles: ROLE_USER }

 when@test:
--- a/config/routes.yaml
+++ b/config/routes.yaml
@ -5,3 +5,7 @@ controllers:
 kernel:
    resource: ../src/Kernel.php
    type: annotation
+
+app_logout:
+    path: /logout
+    methods: [GET, POST]
--- a/src/Controller/LoginController.php
+++ b/src/Controller/LoginController.php
@ -0,0 +1,29 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Controller;
+
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Annotation\Route;
+use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
+
+final class LoginController extends AbstractController
+{
+    #[Route('/login', name: 'app_login')]
+    public function index(
+        AuthenticationUtils $authenticationUtils
+    ): Response {
+        $error = $authenticationUtils->getLastAuthenticationError();
+        $lastUsername = $authenticationUtils->getLastUsername();
+
+        return $this->render(
+            'login/index.html.twig',
+            [
+                'error' => $error,
+                'last_username' => $lastUsername,
+            ]
+        );
+    }
+}
--- a/templates/login/index.html.twig
+++ b/templates/login/index.html.twig
@ -0,0 +1,22 @@
+{% extends 'base.html.twig' %}
+
+{% block title %}Login - Nexus Archive{% endblock %}
+
+{% block body %}
+    {% if error %}
+        <div>{{ error.messageKey|trans(error.messageData, 'security') }}</div>
+    {% endif %}
+
+    <form action="{{ path('app_login') }}" method="post">
+        <label>
+            Email:
+            <input type="text" name="_username" value="{{ last_username }}" autocomplete="off">
+        </label>
+        <label>
+            Password:
+            <input type="password" name="_password"/>
+        </label>
+        <input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
+        <button type="submit">login</button>
+    </form>
+{% endblock %}