src/Controller/SecurityController.php line 18

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use Symfony\Bundle\FrameworkBundle\Controller\Controller;
  6. use Symfony\Component\HttpFoundation\RedirectResponse;
  7. use Symfony\Component\HttpFoundation\Response;
  8. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
  9. use Symfony\Component\Routing\Annotation\Route;
  10. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  11. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  13. class SecurityController extends Controller
  14. {
  15.     /**
  16.      * @Route("/", name="index")
  17.      */
  18.     public function index(): Response {
  19.         return $this->redirectToRoute('security_login');
  20.     }
  23.     /**
  24.      * @Route("/login", name="security_login")
  25.      */
  26.     public function login(AuthenticationUtils $authenticationUtils): Response
  27.     {
  28.         // get the login error if there is one
  29.         $error $authenticationUtils->getLastAuthenticationError();
  30.         // last username entered by the user
  31.         $lastUsername $authenticationUtils->getLastUsername();
  33.         $security_context $this->get('security.authorization_checker');
  35.         if($security_context->isGranted('IS_AUTHENTICATED_FULLY')) {
  37.             return $this->redirectToRoute('security_dispatch_by_role');
  38.         }
  40.         return $this->render('Security/login.html.twig', ['last_username' => $lastUsername'error' => $error]);
  41.     }
  43.     /**
  44.      * @Route("/logout", name="security_logout")
  45.      */
  46.     public function logout(): void {
  48.         throw new Exception("Nobody is supposed reaching this point");
  49.     }
  51.     /**
  52.      * Sends the user to the appropriate backend.
  53.      * In other words, it boots the right kernel mode.
  54.      *
  55.      * @Route("/dispatch", name="security_dispatch_by_role")
  56.      */
  57.     public function dispatchByRole(AuthorizationCheckerInterface $auth_checker): RedirectResponse {
  59.         // Here, we can't use routes' names because backends routes are generated dynamically
  60.         // in the kernel, according to the path the user asked for. So, at this time routes don't exist.
  62.         $mappings = [
  63.             'ROLE_SUPER_ADMIN' => '/system',
  64.             'ROLE_ADMIN' => '/admin',
  65.             'ROLE_MANAGER' => '/manager',
  66.             'ROLE_AGENT' => '/agent',
  67.             'ROLE_CUSTOMER'  => '/customer',
  68.         ];
  70.         foreach($mappings as $role => $path) {
  72.             if($auth_checker->isGranted($role)) {
  73.                 return new RedirectResponse($path);
  74.             }
  75.         }
  77.         throw new AccessDeniedHttpException();
  78.     }
  79. }