[CORE][SECURITY] Move to the new authentication format, for Symfony 5.3

2021-11-16 14:48:18 +00:00 · 2021-11-16 14:48:18 +00:00 · d9544c6edb
commit d9544c6edb
parent 05758c999f
3 changed files with 21 additions and 8 deletions
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@ -3,8 +3,8 @@ security:
    password_hashers:
        App\Entity\LocalUser:
            algorithm: auto
    providers:
    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
    providers:
        local_user:
            chain:
                providers: [local_user_by_nickname, local_user_by_email]
--- a/src/Security/Authenticator.php
+++ b/src/Security/Authenticator.php
@ -82,9 +82,9 @@ class Authenticator extends AbstractFormLoginAuthenticator implements Authentica
    public function getCredentials(Request $request): array
    {
        return [
-            'nickname_or_email' => $request->request->get('nickname_or_email'),
+            'nickname_or_email' => $request->request->get('_username'),
-            'password' => $request->request->get('password'),
+            'password'          => $request->request->get('_password'),
-            'csrf_token' => $request->request->get('_csrf_token'),
+            'csrf_token'        => $request->request->get('_csrf_token'),
        ];
    }
@ -161,7 +161,21 @@ class Authenticator extends AbstractFormLoginAuthenticator implements Authentica
        return new RedirectResponse(Router::url('main_all'));
    }
-    protected function getLoginUrl(): string
+    public function authenticate(Request $request): PassportInterface
    {
        $nickname = $request->request->get('nickname', '');
        $request->getSession()->set(Security::LAST_USERNAME, $nickname);
        return new Passport(
            new UserBadge($nickname),
            new PasswordCredentials($request->request->get('password', '')),
            [
                new CsrfTokenBadge('authenticate', $request->request->get('_csrf_token')),
            ],
        );
    }
    protected function getLoginUrl()
    {
        return Router::url(self::LOGIN_ROUTE);
    }
--- a/templates/security/login.html.twig
+++ b/templates/security/login.html.twig
@ -39,13 +39,12 @@
                    <div class="mb-3">
                        <label class="section-form-label" for="inputNicknameOrEmail">{{ "Nickname or Email" | trans }}</label>
-                        <input type="text" value="{{ last_login_id }}" name="nickname_or_email" id="inputNicknameOrEmail"
+                        <input type="text" value="{{ last_login_id }}" name="_username" id="inputNicknameOrEmail" class="form-control" required autofocus>
                               class="form-control" required autofocus>
                        <p class="help-text">{{ "Your nickname or email address." | trans }}</p>
                    </div>
                    <div class="mb-3">
                        <label class="section-form-label" for="inputPassword">{{ "Password" | trans }}</label>
-                        <input type="password" name="password" id="inputPassword" class="form-control" required>
+                        <input type="password" name="_password" id="inputPassword" class="form-control" required>
                        <p class="help-text">{{ "Your account's password." | trans }}</p>
                    </div>