Reputation: 15494
Redirecting after Success on Symfony 2
According to the symfony 2 documentation, by default if a user tries to access a secure page they will be prompt to the login page, after a successful login they will be redirected to the original page they intend to. (Reference).
But in my application the user is always been redirected to the / no matter if they try to access mysite.com/blog/post/2/edit.
This is my security.yml:
jms_security_extra:
secure_all_services: false
expressions: true
security:
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
providers:
main:
entity: {class: Done\PunctisBundle\Entity\User, property: username}
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
remember_me:
key: %secret%
lifetime: 3600
path: /
domain: ~
pattern: ^/
anonymous: ~
form_login:
login_path: /login
check_path: /login_check
logout:
path: /logout
target: /
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/signup, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/verification, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/popup/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/ajax/track, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/ajax/socialbox, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_USER }
encoders:
Done\PunctisBundle\Entity\User:
algorithm: md5
iterations: 1
encode_as_base64: false
And the login form:
<?php $view -> extend('DonePunctisBundle:TemplateBases:default.html.php'); ?>
<?php $view['slots']->start('body')
?>
<h1 class="worldH1">
Effettua il <span>login</span> su Punctis<br>e inizia a guadagnare!
</h1>
<div id="loginContent" class="container pageContent">
<?php
if(isset($error)){
?>
<div class="alert alert-error">
<?=$error->getMessage() ?>
</div>
<?php
} else{?>
<div class="alert">
<strong>SEI NUOVO?</strong> Se non hai ancora un account, <a href="#">registrati</a> in meno di un minuto!
</div>
<?php } ?>
<div id="loginForm">
<div class="row">
<div class="span3">
<h2>Logina via Social</h2>
<p>
<a href="#" id="signupFacebookStart" class="socialButton"> <?=$this -> get('translator') -> trans('login.via.facebook', array(), 'front'); ?></a>
</p>
<p>
<a href="#" id="signupTwitterStart" class="socialButton tw"> <?=$this -> get('translator') -> trans('login.via.twitter', array(), 'front'); ?></a>
</p>
</div>
<div class="span4">
<div id="loginFormCanvas">
<h2>Logina via Mail</h2>
<form action="<?php echo $view['router']->generate('done_punctis_user_login_check') ?>" method="post">
<label class="control-label required" for="login_email">Mail:</label>
<input type="text" value="<?php echo (isset($last_username)? $last_username: null); ?>" id="login_email" name="_username" class="input-large">
<label class="control-label required" for="login_email">Password:</label>
<input type="password" name="_password" value="" id="login_email" class="input-large">
<label for="remember_me" class="checkbox"><input type="checkbox" id="remember_me" name="_remember_me" checked /> Remember me</label>
<input type="hidden" name="_target_path" value="/" />
<button class="btn btn-primary" type="submit">Login</button> <a id="loginForgetPass" href="#">Password Dimenticata?</a>
</form>
</div>
<div class="clear"></div>
</div>
</div>
</div>
</div>
<?php $view['slots']->stop() ?>
Upvotes: 0
Views: 878
Answers (2)
Reputation: 12717
In the form_login part of your firewell in security.yml, you have to specify that you wanna use referer :
security:
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
providers:
main:
entity: {class: Done\PunctisBundle\Entity\User, property: username}
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
remember_me:
key: %secret%
lifetime: 3600
path: /
domain: ~
pattern: ^/
anonymous: ~
form_login:
login_path: /login
check_path: /login_check
use_referer: true
logout:
path: /logout
target: /
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/signup, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/verification, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/popup/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/ajax/track, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/ajax/socialbox, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_USER }
encoders:
Done\PunctisBundle\Entity\User:
algorithm: md5
iterations: 1
encode_as_base64: false
Upvotes: 0
Reputation: 3419
By default, the form login strategy for the property path is, when a user tries to access a secured page without being authenticated, to store the path into the session before redirecting to the login page. So after successfully logging in, the user is redirected to this path. But are two ways of disabling this mechanism.
If you set the always_use_default_target_path option to TRUE, no path will be stored and the user will always be redirected to the configured default_target_path (default /) after successfully loggin in.
And if you add a _target_path parameter to your request, the user will be redirected to the path this parameter contains after successfully logging in.
So in your example, the user is always redirected to the path / after logging in because you have a _target_path hidden field with the value / in your login form.
Upvotes: 2
Related Questions
- How to 'immediately' redirect in Symfony?
- Redirect after form success symfony 4
- Symfony2 RedirectResponse message
- Symfony redirect(reload) to another page after success
- How to properly redirect in Symfony?
- RedirectResponse in Symfony
- Redirect page Symfony
- Redirection in Symfony2
- symfony2 redirectResponse
- Symfony2 - Redirection after successful login