Home > Blockchain >  Symfony 5.4 security multiple firewalls
Symfony 5.4 security multiple firewalls

Time:08-20

I'm trying to split the authentication of a user from the authentication of an admin.

So I created 2 firewalls and 2 different access controls.

My security.yaml looks like that:

  enable_authenticator_manager: true
  password_hashers:
    Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
  providers:
    owner_authentication:
      entity:
        class: App\Entity\Merchant\Owner
        property: emailAddress
    user_authentication:
      entity:
        class: App\Entity\User\User
        property: emailAddress
  firewalls:
    dev:
      pattern: ^/(_(profiler|wdt)|css|images|js)/
      security: false
    user:
      lazy: true
      pattern: ^/admin/login/
      provider: user_authentication
      user_checker: App\Security\AuthentificableModelChecker
      form_login:
        provider: user_authentication
        default_target_path: app.dashboard.index
        use_referer: true
        use_forward: false
        login_path: app.authorization.admin_login
        check_path: app.authorization.admin_login
        username_parameter: login[emailAddress]
        password_parameter: login[password]
      logout:
        path: app.authorization.logout
        target: app.authorization.admin_login
    main:
      lazy: true
      pattern: ^/
      provider: owner_authentication
      user_checker: App\Security\AuthentificableModelChecker
      form_login:
        provider: owner_authentication
        default_target_path: app.dashboard.index
        use_referer: true
        use_forward: false
        login_path: app.authorization.login
        check_path: app.authorization.login
        username_parameter: login[emailAddress]
        password_parameter: login[password]
      logout:
        path: app.authorization.logout
        target: app.authorization.login
  access_control:
    - { path: ^/admin/login, roles: PUBLIC_ACCESS}
    - { path: ^/login, roles: PUBLIC_ACCESS }
    - { path: ^/, roles: ROLE_USER }

Everything works fine on the main firewall, but when I submit the button using user (admin) firewall, the login page refreshes itself and nothing happens. I don't have any error.

** If I add user(admin) login on the main firewall, then /admin/login will work fine and the other one won't work anymore.

When I call $authenticationUtils->getLastAuthenticationError() I don't get any error. But the validations don't work either.

This is how my Controller looks like:

    public function adminLogin(AuthenticationUtils $authenticationUtils): Response
    {
        if ($this->getUser()) {
            return $this->redirectToRoute('app.dashboard.index');
        }
        
        $loginForm = $this->createForm(LoginType::class, ['emailAddress' => $authenticationUtils->getLastUsername()]);


        return $this->renderForm('app/pages/authorization/admin_login.html.twig', [
            'title'      => 'Log in',
            'login_form' => $loginForm,
            'error'      => $authenticationUtils->getLastAuthenticationError()?->getMessageKey(),
        ]);
    }

It's the same problem this guy had: https://grafikart.fr/forum/35234 but I can't find any solution for this.

CodePudding user response:

Finally, I found the answer so I'll post it here: https://stackoverflow.com/a/42352112/8003007 What I had to do was to add a context: my_context in both firewalls.

It was a difficult option to identify because it doesn't appear in the official and current Symfony documentation but only in the previous ones, like Symfony 3.4.

Page link:https//www.codepudding.com/Blockchain/517403.html

Prev:API Platform: how to validate parameter?
Next:Using hostname to find Nodename or label to connect to Node
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding