Skip to content

[Security] Make login redirection logic available to programmatic login #17556

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 21, 2023
Merged

[Security] Make login redirection logic available to programmatic login #17556

merged 1 commit into from
Mar 21, 2023

Conversation

hellomedia
Copy link
Contributor

Make regular login redirection logic available in programmatic login as proposed in symfony/symfony#48582 .

User can ignore the redirectResponse and implement its own redirection logic.

@carsonbot carsonbot added this to the 6.3 milestone Dec 12, 2022
@hellomedia hellomedia mentioned this pull request Dec 12, 2022
Merged
@hellomedia hellomedia changed the title Make login redirection logic available in programmatic login Make login redirection logic available to programmatic login Dec 12, 2022
nicolas-grekas added a commit to symfony/symfony that referenced this pull request Dec 21, 2022
@nicolas-grekas
feature #48582 [Security] Make login redirection logic available to p…
ecf5f63 
…rogrammatic login (hellomedia)

This PR was squashed before being merged into the 6.3 branch.

Discussion
----------

[Security] Make login redirection logic available to programmatic login

| Q             | A
| ------------- | ---
| Branch?       | 6.3
| Bug fix?      | no
| New feature?  | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no
| Tickets       | -
| License       | MIT
| Doc PR        |  [17556](symfony/symfony-docs#17556)

The `Security::login()` method [introduced in 6.2](https://github.com/symfony/symfony/pull/41274/files) returns `void`, whereas `UserAuthenticator::authenticateUser()` called under the hood returns a response which can be used to redirect the user.

This PR makes `login()` return the response from `authenticateUser()`, allowing the regular login redirection logic to be used if needed.

**Usage**

````php

use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Bundle\SecurityBundle\Security;
use Symfony\Component\HttpFoundation\Response;

class RegistrationController extends AbstractController
{
    public function verifyUserEmail(Security $security): Response
    {

        ...

        $redirectResponse = $security->login($user);

        return $redirectResponse;
    }
}
````

**TODO**
- test
- update CHANGELOG ?

Commits
-------

568191f [Security] Make login redirection logic available to programmatic login
@carsonbot carsonbot changed the title Make login redirection logic available to programmatic login [Security] Make login redirection logic available to programmatic login Mar 21, 2023
@javiereguiluz javiereguiluz merged commit ba0e2a4 into symfony:6.3 Mar 21, 2023
@javiereguiluz
Copy link
Member

Thanks Nicolas ... and sorry it took us so long to merge your contribution.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Security Status: Reviewed
Projects
None yet
Milestone
6.3
Development

Successfully merging this pull request may close these issues.
3 participants
@hellomedia @javiereguiluz @carsonbot