Commit4de8599

committed

minor#7620 Add the_failure_path hidden field in template (damienalexandre, javiereguiluz)

This PR was merged into the 2.7 branch.Discussion----------Add the `_failure_path` hidden field in templateToday I learnt about this [feature](symfony/symfony@d0057d0) so I guess it was time to document it.Basically, what we can do with the `_target_path` form field is also possible for failure via the `_failure_path` field. It's very useful when you want multiple login forms for the same firewall (a general login, and a login during e-commerce checkout for example).I also moved the sections to me more logic, as the last section was about **Redirecting on Login Failure** via the option - because it was not explained yet in the page. This section is now just before the updated **Control the Redirect URL from inside the Form**.Commits-------a865da1 Use different values for target_path_parameter and failure_path_parameter1fc80af Minor rewords93cf9bd Add the `_failure_path` hidden field in template

2 parents6ecfd53 +a865da1 commit4de8599Copy full SHA for 4de8599

File tree

1 file changed

+68

-65

lines changed

security
- form_login.rst

1 file changed

+68

-65

lines changed

`‎security/form_login.rst‎`

Lines changed: 68 additions & 65 deletions

Original file line number	Diff line number	Diff line change
@@ -218,57 +218,12 @@ this by setting ``use_referer`` to true (it defaults to false):
`218`	`218`	`),`
`219`	`219`	`));`
`220`	`220`
`221`		`-Control the Redirect URL from inside the Form`
`222`		`-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
`223`		`-`
`224`		`-You can also override where the user is redirected to via the form itself by`
`225`		-including a hidden field with the name ``_target_path``. For example, to
`226`		-redirect to the URL defined by some ``account`` route, use the following:
`227`		`-`
`228`		`-..configuration-block::`
`229`		`-`
`230`		`- ..code-block::html+twig`
`231`		`-`
`232`		`- {# src/AppBundle/Resources/views/Security/login.html.twig #}`
`233`		`- {% if error %}`
`234`		`- <div>{{ error.message }}</div>`
`235`		`- {% endif %}`
`236`		`-`
`237`		`- <form action="{{ path('login') }}" method="post">`
`238`		`- <label for="username">Username:</label>`
`239`		`- <input type="text" id="username" name="_username" value="{{ last_username }}" />`
`240`		`-`
`241`		`- <label for="password">Password:</label>`
`242`		`- <input type="password" id="password" name="_password" />`
`243`		`-`
`244`		`- <input type="hidden" name="_target_path" value="account" />`
`245`		`-`
`246`		`- <input type="submit" name="login" />`
`247`		`- </form>`
`248`		`-`
`249`		`- ..code-block::html+php`
`250`		`-`
`251`		`- <!-- src/AppBundle/Resources/views/Security/login.html.php -->`
`252`		`- <?php if ($error): ?>`
`253`		`- <div><?php echo $error->getMessage() ?></div>`
`254`		`- <?php endif ?>`
`255`		`-`
`256`		`- <form action="<?php echo $view['router']->generate('login') ?>" method="post">`
`257`		`- <label for="username">Username:</label>`
`258`		`- <input type="text" id="username" name="_username" value="<?php echo $last_username ?>" />`
`259`		`-`
`260`		`- <label for="password">Password:</label>`
`261`		`- <input type="password" id="password" name="_password" />`
`262`		`-`
`263`		`- <input type="hidden" name="_target_path" value="account" />`
`264`		`-`
`265`		`- <input type="submit" name="login" />`
`266`		`- </form>`
	`221`	`+Redirecting on Login Failure`
	`222`	`+~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
`267`	`223`
`268`		`-Now, the user will be redirected to the value of the hidden form field. The`
`269`		`-value attribute can be a relative path, absolute URL, or a route name. You`
`270`		-can even change the name of the hidden form field by changing the ``target_path_parameter``
`271`		`-option to another value.`
	`224`	`+After a failed login (e.g. an invalid username or password was submitted), the`
	`225`	+user is redirected back to the login form itself. Use the ``failure_path``
	`226`	`+option to define the route or URL the user is redirected to:`
`272`	`227`
`273`	`228`	`..configuration-block::`
`274`	`229`
`@@ -282,7 +237,8 @@ option to another value.`
`282`	`237`	`main:`
`283`	`238`	`# ...`
`284`	`239`	`form_login:`
`285`		`-target_path_parameter:redirect_url`
	`240`	`+# ...`
	`241`	`+failure_path:login_failure`
`286`	`242`
`287`	`243`	`..code-block::xml`
`288`	`244`
`@@ -299,7 +255,7 @@ option to another value.`
`299`	`255`
`300`	`256`	`<firewallname="main">`
`301`	`257`	`<!-- ...-->`
`302`		`- <form-logintarget-path-parameter="redirect_url" />`
	`258`	`+ <form-loginfailure-path="login_failure" />`
`303`	`259`	`</firewall>`
`304`	`260`	`</config>`
`305`	`261`	`</srv:container>`
`@@ -314,20 +270,66 @@ option to another value.`
`314`	`270`	`'main' => array(`
`315`	`271`	`// ...`
`316`	`272`	`'form_login' => array(`
`317`		`- 'target_path_parameter' => 'redirect_url',`
	`273`	`+ // ...`
	`274`	`+ 'failure_path' => 'login_failure',`
`318`	`275`	`),`
`319`	`276`	`),`
`320`	`277`	`),`
`321`	`278`	`));`
`322`	`279`
`323`		`-Redirecting on Login Failure`
`324`		`-~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
	`280`	`+Control the Redirect URL from inside the Form`
	`281`	`+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
`325`	`282`
`326`		`-In addition to redirecting the user after a successful login, you can also set`
`327`		`-the URL that the user should be redirected to after a failed login (e.g. an`
`328`		`-invalid username or password was submitted). By default, the user is redirected`
`329`		`-back to the login form itself. You can set this to a different route (e.g.`
`330`		-``login_failure``) with the following config:
	`283`	`+You can also override where the user is redirected to via the form itself by`
	`284`	+including a hidden field with the name ``_target_path`` for successful logins
	`285`	+and ``_failure_path`` for login errors:
	`286`	`+`
	`287`	`+..configuration-block::`
	`288`	`+`
	`289`	`+ ..code-block::html+twig`
	`290`	`+`
	`291`	`+ {# src/AppBundle/Resources/views/Security/login.html.twig #}`
	`292`	`+ {% if error %}`
	`293`	`+ <div>{{ error.message }}</div>`
	`294`	`+ {% endif %}`
	`295`	`+`
	`296`	`+ <form action="{{ path('login') }}" method="post">`
	`297`	`+ <label for="username">Username:</label>`
	`298`	`+ <input type="text" id="username" name="_username" value="{{ last_username }}" />`
	`299`	`+`
	`300`	`+ <label for="password">Password:</label>`
	`301`	`+ <input type="password" id="password" name="_password" />`
	`302`	`+`
	`303`	`+ <input type="hidden" name="_target_path" value="account" />`
	`304`	`+ <input type="hidden" name="_failure_path" value="login" />`
	`305`	`+`
	`306`	`+ <input type="submit" name="login" />`
	`307`	`+ </form>`
	`308`	`+`
	`309`	`+ ..code-block::html+php`
	`310`	`+`
	`311`	`+ <!-- src/AppBundle/Resources/views/Security/login.html.php -->`
	`312`	`+ <?php if ($error): ?>`
	`313`	`+ <div><?php echo $error->getMessage() ?></div>`
	`314`	`+ <?php endif ?>`
	`315`	`+`
	`316`	`+ <form action="<?php echo $view['router']->path('login') ?>" method="post">`
	`317`	`+ <label for="username">Username:</label>`
	`318`	`+ <input type="text" id="username" name="_username" value="<?php echo $last_username ?>" />`
	`319`	`+`
	`320`	`+ <label for="password">Password:</label>`
	`321`	`+ <input type="password" id="password" name="_password" />`
	`322`	`+`
	`323`	`+ <input type="hidden" name="_target_path" value="account" />`
	`324`	`+ <input type="hidden" name="_failure_path" value="login" />`
	`325`	`+`
	`326`	`+ <input type="submit" name="login" />`
	`327`	`+ </form>`
	`328`	`+`
	`329`	`+Now, the user will be redirected to the value of the hidden form field. The`
	`330`	`+value attribute can be a relative path, absolute URL, or a route name.`
	`331`	`+The name of the hidden fields in the login form is also configurable using the`
	`332`	+``target_path_parameter`` and ``failure_path_parameter`` options of the firewall.
`331`	`333`
`332`	`334`	`..configuration-block::`
`333`	`335`
`@@ -341,8 +343,8 @@ back to the login form itself. You can set this to a different route (e.g.`
`341`	`343`	`main:`
`342`	`344`	`# ...`
`343`	`345`	`form_login:`
`344`		`-# ...`
`345`		`-failure_path:login_failure`
	`346`	`+target_path_parameter:login_success`
	`347`	`+failure_path_parameter:login_fail`
`346`	`348`
`347`	`349`	`..code-block::xml`
`348`	`350`
`@@ -359,7 +361,8 @@ back to the login form itself. You can set this to a different route (e.g.`
`359`	`361`
`360`	`362`	`<firewallname="main">`
`361`	`363`	`<!-- ...-->`
`362`		`- <form-loginfailure-path="login_failure" />`
	`364`	`+ <form-logintarget-path-parameter="login_success" />`
	`365`	`+ <form-loginfailure-path-parameter="login_fail" />`
`363`	`366`	`</firewall>`
`364`	`367`	`</config>`
`365`	`368`	`</srv:container>`
`@@ -374,8 +377,8 @@ back to the login form itself. You can set this to a different route (e.g.`
`374`	`377`	`'main' => array(`
`375`	`378`	`// ...`
`376`	`379`	`'form_login' => array(`
`377`		`-// ...`
`378`		`- 'failure_path' => 'login_failure',`
	`380`	`+'target_path_parameter' => 'login_success',`
	`381`	`+ 'failure_path_parameter' => 'login_fail',`
`379`	`382`	`),`
`380`	`383`	`),`
`381`	`384`	`),`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Commit4de8599

File tree

1 file changed

1 file changed

`‎security/form_login.rst‎`

0 commit comments