[make:auth] Use LogoutRouteLoader for logout route when available

src/Maker/MakeAuthenticator.php

@@ -281,7 +281,8 @@ public function generate(InputInterface $input, ConsoleStyle $io, Generator $gen
                 $input->hasArgument('user-class') ? $input->getArgument('user-class') : null,
                 $input->hasArgument('logout-setup') ? $input->getArgument('logout-setup') : false,
                 $supportRememberMe,
-                $alwaysRememberMe
+                $alwaysRememberMe,
+                !file_exists('config/routes/security.yaml'),
             )
         );
     }
@@ -387,10 +388,6 @@ private function generateFormLoginFiles(string $controllerClass, string $userNam
 
         $this->securityControllerBuilder->addLoginMethod($manipulator);
 
-        if ($logoutSetup) {
-            $this->securityControllerBuilder->addLogoutMethod($manipulator);
-        }
-
         $this->generator->dumpFile($controllerPath, $manipulator->getSourceCode());
 
         // create login form template
@@ -409,7 +406,7 @@ private function generateFormLoginFiles(string $controllerClass, string $userNam
     }
 
     /** @return string[] */
-    private function generateNextMessage(bool $securityYamlUpdated, string $authenticatorType, string $authenticatorClass, ?string $userClass, bool $logoutSetup, bool $supportRememberMe, bool $alwaysRememberMe): array
+    private function generateNextMessage(bool $securityYamlUpdated, string $authenticatorType, string $authenticatorClass, ?string $userClass, bool $logoutSetup, bool $supportRememberMe, bool $alwaysRememberMe, bool $hasSecurityRouteFile): array
     {
         $nextTexts = ['Next:'];
         $nextTexts[] = '- Customize your new authenticator.';
@@ -437,6 +434,11 @@ private function generateNextMessage(bool $securityYamlUpdated, string $authenti
             $nextTexts[] = '- Review & adapt the login template: <info>'.$this->fileManager->getPathForTemplate('security/login.html.twig').'</info>.';
         }
 
+        // If the security.logout_route_loader is not loaded from the default flex recipe
+        if (!$hasSecurityRouteFile) {
+            $nextTexts[] = '- Be sure to add the "logout" route to <info>config/routes/security.yaml</info> or upgrade the <info>symfony/security-bundle</info> recipe.';
+        }
+
         return $nextTexts;
     }
 

src/Maker/Security/MakeFormLogin.php

@@ -28,7 +28,6 @@
 use Symfony\Bundle\MakerBundle\Security\SecurityConfigUpdater;
 use Symfony\Bundle\MakerBundle\Security\SecurityControllerBuilder;
 use Symfony\Bundle\MakerBundle\Str;
-use Symfony\Bundle\MakerBundle\Util\ClassSourceManipulator;
 use Symfony\Bundle\MakerBundle\Util\UseStatementGenerator;
 use Symfony\Bundle\MakerBundle\Util\YamlSourceManipulator;
 use Symfony\Bundle\MakerBundle\Validator;
@@ -66,8 +65,11 @@ final class MakeFormLogin extends AbstractMaker
     public function __construct(
         private FileManager $fileManager,
         private SecurityConfigUpdater $securityConfigUpdater,
-        private SecurityControllerBuilder $securityControllerBuilder,
+        private ?SecurityControllerBuilder $securityControllerBuilder = null,
     ) {
+        if (null !== $this->securityControllerBuilder) {
+            trigger_deprecation('symfony/maker-bundle', 'v1.61', 'The "%s $securityControllerBuilder" constructor argument is deprecated, you should stop using it', SecurityControllerBuilder::class);
+        }
     }
 
     public static function getCommandName(): string
@@ -145,7 +147,7 @@ public function generate(InputInterface $input, ConsoleStyle $io, Generator $gen
         $controllerNameDetails = $generator->createClassNameDetails($this->controllerName, 'Controller\\', 'Controller');
         $templatePath = strtolower($controllerNameDetails->getRelativeNameWithoutSuffix());
 
-        $controllerPath = $generator->generateController(
+        $generator->generateController(
             $controllerNameDetails->getFullName(),
             'security/formLogin/LoginController.tpl.php',
             [
@@ -155,14 +157,6 @@ public function generate(InputInterface $input, ConsoleStyle $io, Generator $gen
             ]
         );
 
-        if ($this->willLogout) {
-            $manipulator = new ClassSourceManipulator($generator->getFileContentsForPendingOperation($controllerPath));
-
-            $this->securityControllerBuilder->addLogoutMethod($manipulator);
-
-            $generator->dumpFile($controllerPath, $manipulator->getSourceCode());
-        }
-
         $generator->generateTemplate(
             sprintf('%s/login.html.twig', $templatePath),
             'security/formLogin/login_form.tpl.php',

src/Resources/config/makers.xml

@@ -156,7 +156,6 @@
             <service id="maker.maker.make_form_login" class="Symfony\Bundle\MakerBundle\Maker\Security\MakeFormLogin">
                 <argument type="service" id="maker.file_manager" />
                 <argument type="service" id="maker.security_config_updater" />
-                <argument type="service" id="maker.security_controller_builder" />
                 <tag name="maker.command" />
             </service>
 

src/Resources/skeleton/security/formLogin/login_form.tpl.php

@@ -11,7 +11,7 @@
 <?php if ($logout_setup): ?>
         {% if app.user %}
             <div class="mb-3">
-                You are logged in as {{ app.user.userIdentifier }}, <a href="{{ path('app_logout') }}">Logout</a>
+                You are logged in as {{ app.user.userIdentifier }}, <a href="{{ logout_path() }}">Logout</a>
             </div>
         {% endif %}
 

src/Security/SecurityConfigUpdater.php

@@ -111,7 +111,7 @@ public function updateForAuthenticator(string $yamlSource, string $firewallName,
         }
 
         if (!isset($firewall['logout']) && $logoutSetup) {
-            $firewall['logout'] = ['path' => 'app_logout'];
+            $firewall['logout'] = ['path' => '/logout'];
             $firewall['logout'][] = $this->manipulator->createCommentLine(
                 ' where to redirect after logout'
             );
@@ -172,7 +172,7 @@ public function updateForLogout(string $yamlSource, string $firewallName): strin
      */
     private function configureLogout(array $securityData, string $firewallName): void
     {
-        $securityData['security']['firewalls'][$firewallName]['logout'] = ['path' => 'app_logout'];
+        $securityData['security']['firewalls'][$firewallName]['logout'] = ['path' => '/logout'];
         $securityData['security']['firewalls'][$firewallName]['logout'][] = $this->manipulator->createCommentLine(
             ' where to redirect after logout'
         );

src/Security/SecurityControllerBuilder.php

@@ -66,19 +66,4 @@ public function addLoginMethod(ClassSourceManipulator $manipulator): void
         );
         $manipulator->addMethodBuilder($loginMethodBuilder);
     }
-
-    public function addLogoutMethod(ClassSourceManipulator $manipulator): void
-    {
-        $logoutMethodBuilder = $manipulator->createMethodBuilder('logout', 'void', false);
-
-        $logoutMethodBuilder->addAttribute($manipulator->buildAttributeNode(Route::class, ['path' => '/logout', 'name' => 'app_logout']));
-
-        $manipulator->addUseStatementIfNecessary(Route::class);
-        $manipulator->addMethodBody($logoutMethodBuilder, <<<'CODE'
-            <?php
-            throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
-            CODE
-        );
-        $manipulator->addMethodBuilder($logoutMethodBuilder);
-    }
 }

tests/Maker/MakeAuthenticatorTest.php

@@ -274,7 +274,7 @@ public function getTestDetails(): \Generator
 
                 $securityConfig = $runner->readYaml('config/packages/security.yaml');
                 $this->assertEquals(
-                    'app_logout',
+                    '/logout',
                     $securityConfig['security']['firewalls']['main']['logout']['path']
                 );
             }),

tests/Maker/Security/MakeFormLoginTest.php

@@ -48,7 +48,7 @@ public function getTestDetails(): \Generator
                 $this->assertSame('app_login', $securityConfig['security']['firewalls']['main']['form_login']['login_path']);
                 $this->assertSame('app_login', $securityConfig['security']['firewalls']['main']['form_login']['check_path']);
                 $this->assertTrue($securityConfig['security']['firewalls']['main']['form_login']['enable_csrf']);
-                $this->assertSame('app_logout', $securityConfig['security']['firewalls']['main']['logout']['path']);
+                $this->assertSame('/logout', $securityConfig['security']['firewalls']['main']['logout']['path']);
 
                 $this->runLoginTest($runner);
             }),
@@ -66,7 +66,7 @@ public function getTestDetails(): \Generator
                 $this->assertStringContainsString('Success', $output);
                 $fixturePath = \dirname(__DIR__, 2).'/fixtures/security/make-form-login/expected';
 
-                $this->assertFileEquals($fixturePath.'/SecurityControllerWithoutLogout.php', $runner->getPath('src/Controller/SecurityController.php'));
+                $this->assertFileEquals($fixturePath.'/SecurityController.php', $runner->getPath('src/Controller/SecurityController.php'));
                 $this->assertFileEquals($fixturePath.'/login_no_logout.html.twig', $runner->getPath('templates/security/login.html.twig'));
 
                 $securityConfig = $runner->readYaml('config/packages/security.yaml');
@@ -96,7 +96,7 @@ public function getTestDetails(): \Generator
 
                 $this->assertSame('app_login', $securityConfig['security']['firewalls']['main']['form_login']['login_path']);
                 $this->assertSame('app_login', $securityConfig['security']['firewalls']['main']['form_login']['check_path']);
-                $this->assertSame('app_logout', $securityConfig['security']['firewalls']['main']['logout']['path']);
+                $this->assertSame('/logout', $securityConfig['security']['firewalls']['main']['logout']['path']);
             }),
         ];
 
@@ -124,7 +124,7 @@ public function getTestDetails(): \Generator
                 $this->assertSame('app_login', $securityConfig['security']['firewalls']['main']['form_login']['login_path']);
                 $this->assertSame('app_login', $securityConfig['security']['firewalls']['main']['form_login']['check_path']);
                 $this->assertTrue($securityConfig['security']['firewalls']['main']['form_login']['enable_csrf']);
-                $this->assertSame('app_logout', $securityConfig['security']['firewalls']['main']['logout']['path']);
+                $this->assertSame('/logout', $securityConfig['security']['firewalls']['main']['logout']['path']);
 
                 $runner->configureDatabase();
                 $runner->runTests();

tests/Security/SecurityControllerBuilderTest.php

@@ -27,28 +27,6 @@ public function testLoginMethod(): void
         );
     }
 
-    public function testLogoutMethod(): void
-    {
-        $this->runMethodTest(
-            'addLogoutMethod',
-            sprintf('%s/%s', $this->expectedBasePath, 'SecurityController_logout.php')
-        );
-    }
-
-    public function testLoginAndLogoutMethod(): void
-    {
-        $builder = new SecurityControllerBuilder();
-        $csm = $this->getClassSourceManipulator();
-
-        $builder->addLoginMethod($csm);
-        $builder->addLogoutMethod($csm);
-
-        $this->assertStringEqualsFile(
-            sprintf('%s/%s', $this->expectedBasePath, 'SecurityController_login_logout.php'),
-            $csm->getSourceCode()
-        );
-    }
-
     private function runMethodTest(string $builderMethod, string $expectedFilePath): void
     {
         $builder = new SecurityControllerBuilder();

tests/Security/yaml_fixtures/expected_authenticator/simple_security_with_firewalls_and_logout.yaml

@@ -16,6 +16,6 @@ security:
             # the entry_point start() method determines what happens when an anonymous user accesses a protected page
             entry_point: App\Security\AppCustomAuthenticator
             logout:
-                path: app_logout
+                path: /logout
                 # where to redirect after logout
                 # target: app_any_route

tests/Security/yaml_fixtures/expected_logout/logout.yaml

@@ -12,6 +12,6 @@ security:
         main:
             lazy: true
             logout:
-                path: app_logout
+                path: /logout
                 # where to redirect after logout
                 # target: app_any_route

tests/fixtures/security/make-form-login/expected/LoginController.php

@@ -23,10 +23,4 @@ public function login(AuthenticationUtils $authenticationUtils): Response
             'error' => $error,
         ]);
     }
-
-    #[Route(path: '/logout', name: 'app_logout')]
-    public function logout(): void
-    {
-        throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
-    }
 }

tests/fixtures/security/make-form-login/expected/SecurityController.php

@@ -23,10 +23,4 @@ public function login(AuthenticationUtils $authenticationUtils): Response
             'error' => $error,
         ]);
     }
-
-    #[Route(path: '/logout', name: 'app_logout')]
-    public function logout(): void
-    {
-        throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
-    }
 }

tests/fixtures/security/make-form-login/expected/login.html.twig

@@ -10,7 +10,7 @@
 
         {% if app.user %}
             <div class="mb-3">
-                You are logged in as {{ app.user.userIdentifier }}, <a href="{{ path('app_logout') }}">Logout</a>
+                You are logged in as {{ app.user.userIdentifier }}, <a href="{{ logout_path() }}">Logout</a>
             </div>
         {% endif %}