Rendering that Login Form

How did you complete that loginAction and bootrow?

Hey Richard ,

What do you mean? You may find all the code in this screencast below the video in course script. Our code blocks are expandable, it means you can click on double arrow against the line to load more context of the file. Or you can download the whole course project code in up right corner: "Download" -> "Course Code" if you want to see the final code to the end of this course - but it's available for users who one the course or have paid subscription only. Does it makes sense for you?

Cheers!

No. As you typed the bootstrap code it auto completed. Some sort of downloadable template for Idea editor?

Hey Richard

I believe you are talking about "live templates", if you are using PHPStorm, you can create your own templates by going to: settings > editor > live templates

You can read more info here: https://www.jetbrains.com/h...

Have a nice day

Oh, I thought KNP had a library of them somewhere. I shall google more. Thank you.

Hey Richard ,

Yea, we have one, check it out here: https://github.com/knpunive... . But as Diego said, you can create your owns very easy. Check out our screencast about PhpStorm to get more info about how to do it: https://knpuniversity.com/s...

Cheers!

One question guys do we need to put to the login form some csrf protection?

Hey Ponrad,

Good question! Yes, it's a good practice. And Symfony docs recommend to do this to protect your login form against CSRF attacks: http://symfony.com/doc/curr...

Cheers!

Error " Variable "form" does not exist in security\login.html.twig at line 11"

Controller Security
namespace Admin\AdminBundle\Controller;

use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Admin\AdminBundle\Form\LoginForm;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;

class SecurityController extends Controller
{

/**
* @Route("/login", name="security_login")
*/
public function loginAction()
{
$authenticationUtils = $this->get('security.authentication_utils');

$error = $authenticationUtils->getLastAuthenticationError();

// Ия пользователя
$lastUsername = $authenticationUtils->getLastUsername();

$form = $this->createForm(LoginForm::class, [
'_username' => $lastUsername,
]);

return $this->render(
'security/login.html.twig',
array(
'last_username' => $lastUsername,
'error' => $error,
)
);
}

}

LoginForm Class
namespace Admin\AdminBundle\Form;

use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Extension\Core\Type\PasswordType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolver;
use Symfony\Component\Form\Extension\Core\Type\SubmitType;

class LoginForm extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder
->add('_username')
->add('_password', PasswordType::class);
}
}

login.html.twig
{% extends 'base.html.twig' %}
{% block body %}
<div class="row">
<div class="small-12 medium-12 large-12 columns">
<h2>Login</h2>

{% if error %}
<div>{{ error.messageKey|trans(error.messageDate, 'security') }}</div>
{% endif %}

{{ form_start(form) }}
{{ form_widget(form) }}
{{ form_row(form._username) }}
{{ form_row(form._password) }}
<button type="submit">login</button>
{{ form_end(form) }}

</div>
</div>
{% endblock %}

Hey Andrey,

What's your question here? :)

I think you probably forget to pass $form to the template, here's a fix:

return $this->render('security/login.html.twig', array(
  'last_username' => $lastUsername,
  'error' => $error,
  'form' => $form->createView(),
));

P.S. Don't forget to call "createView()" method on form object before passing it to the template.

Cheers!

AppBundle\Controller\:
resource: '../../src/AppBundle/Controller'
public: true
tags: ['controller.service_arguments']
All things are same as u mentioned but still i am getting error following error

Controller
"EmployeeBundle\Controller\webLoginController::loginAction()" requires
that you provide a value for the "$authUtils" argument. Either the
argument is nullable and no null value has been provided, no default
value has been provided or because there is a non optional argument
after this one.

Iam using symfony 3.3.5V

Hey Asimsagir Abbasi

Could you show me your controller's code? So, I can help you debugging.

Cheers!

Hi,thanks for your reply I have solved my issue:)

Cool! I'm glad to hear you could fix it by yourself :)

:) but i am facing new prblm ,i am always receiving invalid credentials . i am using my own EmployeeBundle
pls let me know why this happening

following is my security.yml file codes:

security:
    encoders:
        EmployeeBundle\Entity\EmployeeLogin:
            algorithm: bcrypt
    # https://symfony.com/doc/current/security.html#b-configuring-how-users-are-loaded
    providers:
        db_provider:
            entity:
                class: EmployeeBundle:EmployeeLogin
                property: userName

    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main:
            anonymous: ~
            form_login:
                login_path: login
                check_path: login

This is my controller:

use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;

class webLoginController extends Controller
{
    /**
     * @Route("/login",name="login")
     */
    public function loginAction(Request $request,AuthenticationUtils $authUtils)
    {

        // get the login error if there is one
        $error = $authUtils->getLastAuthenticationError();

        // last username entered by the user
        $lastUsername = $authUtils->getLastUsername();

        return $this->render('EmployeeBundle:webLogin:login.html.twig', array(
            'last_username' => $lastUsername,
            'error'         => $error,
        ));
    }
}

And this is my login form:

<form action="{{ path('login') }}" method="post">
    <label for="userName">Username:</label>
    <input type="text" id="userName" name="_userName" value="{{ last_username }}" />

    <label for="password">Password:</label>
    <input type="password" id="password" name="_password" />

    {#
        If you want to control the URL the user
        is redirected to on success (more details below)
        <input type="hidden" name="_target_path" value="/account" />
    #}

    <button type="submit">login</button>
</form>

Hey Asimsagir,

Input fields names are important here, they should be "_username" and "_password". Please, notice the letter case for username: "_username" not "_userName", etc.. I think that's the problem.

Cheers!

yes I think u r right that's the issue .. thnks

This no longer works with the demo code from the symfony site, you need to copy it from the script or the downloads finish folder.

Yo Robert Went!

You're right that you can always copy from the finish folder :). But, I *am* curious which part changed - was it the login template? Or the login controller? I *think* I know the issue (and it's my fault - I updated the documentation on Symfony.com): In Symfony 3.3, you can fetch services in a new way (we're talking about it here: http://knpuniversity.com/sc.... The Symfony.com documentation has been updated to use this... which is cool! Except if you're using a Symfony 3.2 project... and then you try to copy from the 3.3 version of the docs (which show up by default). If I'm right, then it was the controller code that was the problem. Was that it?

Oh, also, for other people, we do have the code on each page below the video - so if you ever want to copy a bit of code, you can grab it there really quickly.

Cheers!

Ah yeah, that makes sense.

It was the controller code for the login action from the 3.3 version which shows up as default

public function loginAction(Request $request, AuthenticationUtils $authUtils)```


$request isn't defined.

Ah, I was actually expending an error with the $autUtils part! :) As long as you have the use statement for the Request, that should actually pass you the request (in any Symfony version). But anyways... there is a legit difference in 3.3 - so I'm glad you asked!

Cheers!

Its not the request part :

public function loginAction(Request $request, AuthenticationUtils $authUtils)

Its the authenticationUtils parameter. That doesnt work. Interestingly the symfony docs go from:

public function loginAction(Request $request)

to

public function loginAction(Request $request, AuthenticationUtils $authUtils)

without any explanation. Is this some sort for dependency injection perhaps or "auto something or other" that saves us having to query the container?

Hey Max,

Yes, this auto-injection feature by typehint in actions allows do not use container directly, i.e. fetch services from the container, and as a consequence, you can make more your services private, what is cool.

Cheers!

Hey Ryan,
Actually I got an error with the updated code from Symfony doc; I'm running 3.3.2 so I thought I'd try it :)

Controller "AdminBundle\Controller\SecurityController::loginAction()" requires that you provide a value for the "$authUtils" argument. Either the argument is nullable and no null value has been provided, no default value has been provided or because there is a non optional argument after this one.
There isn't much on the official doc to help me figure it out; I know I'm supposed to pass the $authUtils argument but what is it exactly? :p

Hey Edouard PERRIN!

Hmm, let's see if we can find your problem... and maybe also improve the docs at the same time :).

Do you have the use statement for the AuthenticationUtils class? It would be:

use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;

If you do have that, can you post your loginAction exactly? Also, is this a new project or did you upgrade from an older version of Symfony? What does your services.yml file look like?

Cheers!

Hey weaverryan,

Ok, so I thought it was working but trying the new code again, it still doesn't work.
Everything works with the old way btw.

I have the use statement; I upgraded mid-project from Symfony 3.something to 3.3.2

Services.yml
https://pastebin.com/RsTi71bZ

Security.yml
https://pastebin.com/ztPu8ZPR

SecurityController
https://pastebin.com/340jchpb

LoginForm
https://pastebin.com/3tBc5Wy0

LoginFormAuthenticator
https://pastebin.com/nSMfwJR6

Yo Edouard PERRIN!

Ah, ok, I've got it! In order for the "service controller argument" thing to work (http://knpuniversity.com/sc..., your controller must be registered as a service. Basically, when you upgrade from Symfony 3.2 to 3.3, *if* you want to use all of the new features, you need some config changes in services.yml. We talk about this in the 3.3 tutorial: http://knpuniversity.com/sc.... Most notably, you need this bit of configuration: http://knpuniversity.com/sc.... In fact, I think you could add just those lines (I'm talking about the first code block on that page - lines 23-28) and that would do it :).

Cheers!

Nice catch weaverryan!! That was the right move, it works smoothly now. Guess I better take a few moments to watch the 3.3 tutorial :)
Thanks for your help!

Woohoo! Cheers! It's a tricky transition (but ultimately optional) to the new fancy stuff ;)

I'm getting the same issue, using 3.3.0.

Controller "AppBundle\Controller\SecurityController::LoginAction()" requires that you provide a value for the "$authUtils" argument. Either the argument is nullable and no null value has been provided, no default value has been provided or because there is a non optional argument after this one.

Even though I do have the controllers added in the services.yml.

        AppBundle\Controller\:
        resource: '../../src/AppBundle/Controller'
        public: true
        tags: ['controller.service_arguments']

And I have the use statement:

use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;

However, when I was using basically the same code in a project that was 3.3.4 (i think?) it worked without a hiccup. I'm going to walk away and come back, because it seems like something I'm missing...unless the minor version makes a difference here.

That said, it does work if I just use:

        $authUtils = $this->get('security.authentication_utils');

Hey Geoff,

Yep, it should work for public services well, but if you have private one but can't get that controller's argument injection worked - you need to manually make your services public. Thanks for sharing this workaround for others!

Cheers!

Hey Geoff.

Hm, it should work for 3.3.0. I'm not 100% sure but probably you need to add:

services:
    # default configuration for services in *this* file
    _defaults:
        # automatically registers your services as commands, event subscribers, etc.
        autoconfigure: true

I think it should help, just don't forget to clear the cache after this change. If it does not help, could you make sure that your Symfony dependencies are locked at least at those versions: https://github.com/symfony/symfony-standard/blob/3.3/composer.json#L16-L28 - I suppose it's not enough to just have symfony/symfony 3.3.0.

Cheers!

Yeah, not sure what's up. As per my last comment, i tried 3.3.4 with this project and it made no difference. So it must be another config issue. I do have that already set in services.yml

services:
    # default configuration for services in *this* file
    _defaults:
        # automatically injects dependencies in your services
        autowire: true
        # automatically registers your services as commands, event subscribers, etc.
        autoconfigure: true
        # this means you cannot fetch services directly from the container via $container->get()
        # if you need to do this, you can override this setting on individual services
        public: false

    # makes classes in src/AppBundle available to be used as services
    # this creates a service per class whose id is the fully-qualified class name
    AppBundle\:
        resource: '../../src/AppBundle/*'
        # you can exclude directories or files
        # but if a service is unused, it's removed anyway
        exclude: '../../src/AppBundle/{Entity,Repository,Resources}'

    # controllers are imported separately to make sure they're public
    # and have a tag that allows actions to type-hint services
    AppBundle\Controller\:
        resource: '../../src/AppBundle/Controller'
        public: true
        tags: ['controller.service_arguments']

An additional followup here...I tried to update the project to 3.3.4, and it's still throwing the same error. So it's not the symfony version. Not sure what else to try to get this to work injecting the AuthenticationUtils class.

The weird thing is in my OTHER project that is on 3.3.4 and has basically the same code, the services.yml files are almost identical (the only differences are unrelated services).

Hey geoff,

I see the latest version of Symfony is v3.3.11 in that branch. Why didn't you update the project to the latest one? And btw, how did you update it? what steps did you use? Tweaked "symfony/symfony" version to "3.3.4" in composer.json and ran exactly "composer update" command?

Cheers!

It's possible some context of my issue got lost here because it's in different comments - I updated to 3.3.4 specifically because injecting AuthenticationUtils is working in another very similar project I have (it was a test project I started with most of the same code). However, when I updated in this project, it made no difference. I could try 3.3.11, but I don't think that's the issue.

More context: Another similar project that I have that is on 3.3.4 - so that's why I tried it.

OK, great. But what about your way of updating dependencies? Did you tweak your dependencies versions to match these minor versions: https://github.com/symfony/... ? Also, you need to run "composer update" to upgrade all the packages, not only "symfony/symfony" one.

Cheers!

As a test, I injected the class into the constructor rather than directly into the loginAction, and that worked. Any thought on why that would be the case?

class SecurityController extends Controller
{
    private $authUtils;

    public function __construct(AuthenticationUtils $authenticationUtils)
    {
        $this->authUtils = $authenticationUtils;
    }
    /**
     * @param Request $request
     * @return \Symfony\Component\HttpFoundation\Response
     */
    public function loginAction(Request $request)
    {
        // TODO fix injection: should be able to inject AuthenticationUtils into this action, but it's throwing an error unless i inject into constructor
        //$authUtils = $this->get('security.authentication_utils');

        // get the login error if there is one
        $error = $this->authUtils->getLastAuthenticationError();
...

Hm, ok, then 2 questions:

1. What namespace (FQCN) has your SecurityController?
2. And what real path it has (relative path to the SecurityController.php file in your filesystem)?

Probably somehow it does not match criteria of this filter:

services:

    AppBundle\Controller\:
        resource: '../../src/AppBundle/Controller'

and registers as a service.

Cheers!

Thanks for following up on this. Unfortunately I don't really see an issue there.

services.yml
Path: project\app\config\services.yml

SecurityController.php

namespace AppBundle\Controller;
...

Path: project\src\AppBundle\Controller\SecurityController.php

Hey Geoff Maddock

Can you try something for me? Create a new action method in that controller and inject any other service, let's see if that works

I had the same issue.

public function loginAction() {

// instead of using dependency injection fill the variable straight with get() method.
$authUtils = $this->get('security.authentication_utils');

// get the login error if there is one
$error = ........

+1 this code (as we do it in the tutorial) is safe in all versions of Symfony :). There is a different way to do it also in Symfony 3.3 - but if you're not sure, just use this way - it's totally great!

Thanks for the comment!

welcome ;)

SF 3.3.6 doesn't have getName() after form creation but it does have getBlockPrefix(). Should this function be removed as well?

Hey Mike P.

Yeah, feel free to remove it from your Form class, it is used to name the Form element and the default value is really good.

From docs: The block prefix defaults to the underscored short class name with the "Type" suffix removed (e.g. "UserProfileType" => "user_profile").

Cheers!

there hi,
Yip it's1 me again, Got a question about phpStorm.
So 1. the ACTION Live Template I got and created but..
2. The "options -> Create template" shortcut key ??

First I'm on windows 10 pro, yip I know bad misstake I know but Mac book pro is just out of budget reach.. you get.
I did do one thing correct I bought phpStorm v2017.3.4
Am I missing a plugin ?

OK found it ... on windows "Alt+Enter" pfff