jfalque/login-form-bundle

Allows to create login forms using the Form component

v1.0.0 2018-01-03 20:03 UTC

README

A Symfony bundle that provides a login form type.

Symfony natively supports login forms via security firewalls but rendering the HTML form is entirely up to you. The form type provided by this bundle allows you to leverage the Form Component instead:

<?php
// src/Controller/LoginController.php

use Jfalque\Bundle\LoginFormBundle\Form\Type\LoginType;
// ...

class LoginController extends Controller
{
    /**
     * @Route("/login")
     */
    public function loginAction()
    {
        $loginForm = $this->createForm(LoginType::class);

        return $this->render('login.html.twig', [
            'login_form' => $loginForm->createView(),
        ]);
    }
}
{# login.html.twig #}
<html>
    <head></head>
    <body>
        {{ form(login_form) }}
    </body>
</html>

Installation

Run the following Composer command:

$ composer require jfalque/login-form-bundle

Unless you are using Symfony Flex, you need to register the bundle:

<?php
// app/AppKernel.php

class AppKernel extends Kernel
{
    public function registerBundles()
    {
        $bundles = [
            // ...
            new Jfalque\Bundle\LoginFormBundle\LoginFormBundle(),
        ];
        
        // ...
    }
}

The bundle does not require any extra configuration.

The form

When using LoginType, the created form will have three elements:

  • a username field (text);
  • a password field (password);
  • and a submit button.

You can define a default value for the username field by passing data when creating the form:

$form = $this->createForm(LoginType::class, [
    'username' => 'foo',
]);

You can also make the form have two additional fields:

  • a target_path field (hidden);
  • and a failure_path field (hidden).

Each one only exists if you pass it a value when creating the form:

$form = $this->createForm(LoginType::class, [
    'target_path' => '/login-success',
    'failure_path' => '/login-failure',
]);

Note: if the value passed does not start with a /, it will be considered as a route name and the form will try to generate the corresponding path. If the route has required parameters, this will throw an exception as the form does not know about those parameters.

Options

LoginType defines several options. They all default to sane values that fit most cases so changing them should not be required.

Note: the default values are computed based on the first security firewall that has a form_login listener. If no such firewall is available, you will have to provide values to the options when using the form type, an exception will be thrown otherwise.

firewall

type: string default: null

The name of the security firewall the form will be submitted against. The default configuration of the form will match the configuration of this firewall. If null, the first firewall that has a form_login listener will be used.

action

type: string default: the check_path option of the target firewall

This option is inherited from FormType but its default value is overridden with the check path of the target firewall instead of an empty string.

username_field_name

type: string default: the username_parameter option of the target firewall

The HTML name attribute of the username field.

password_field_name

type: string default: the password_parameter option of the target firewall

The HTML name attribute of the password field.

target_path_field_name

type: string default: the target_path_parameter option of the target firewall

The HTML name attribute of the target_path field.

failure_path_field_name

type: string default: the failure_path_parameter option of the target firewall

The HTML name attribute of the failure_path field.

csrf_protection

type: bool default: true if the target firewall has a non empty csrf_token_generator option, false otherwise

This option is inherited from CSRF form extension but its default value is overridden to match the configuration of the target firewall.

Note: to work properly, enabling this options requires that you enable CSRF protection form support.

csrf_field_name

type: string default: the csrf_parameter option of the target firewall

This option is inherited from CSRF form extension but its default value is overridden with the csrf_parameter option of the target firewall.

csrf_token_id

type: string default: the csrf_token_id option of the target firewall

This option is inherited from CSRF form extension but its default value is overridden with the csrf_token_id option of the target firewall.