symfony/docs/Security.md

# User Authentication

## Create a user class

Permissions are linked to a user object.

```bash
php bin/console make:user
```
Now you will want to sync the databse

```bash
php bin/console make:migration
php bin/console doctrine:migrations:migrate
```

## Registration Form

You can use maker to do this (symfonycasts/verify-email-bundle must be installed, which is done through the install script)
```bash
php bin/console make:registration-form
```

## Login Form

```php bin/console make:controller Login```

You have to add 
```yaml
form_login:
  login_path: app_login
  check_path: app_login
```
to the firewalls section of config/packages/security.yaml

### Modify the controller

```php
$error = $authenticationUtils->getLastAuthenticationError();
        $lastUsername = $authenticationUtils->getLastUsername();
        return $this->render('login/index.html.twig', [
            'last_username' => $lastUsername,
            'error'         => $error,
        ]);
```

### Modify the template
```php
{% block content %}
{% if error %}
        <div>{{ error.messageKey|trans(error.messageData, 'security') }}</div>
    {% endif %}

    <form action="{{ path('app_login') }}" method="post">
        <label for="username">Email:</label>
        <input type="text" id="username" name="_username" value="{{ last_username }}"/>

        <label for="password">Password:</label>
        <input type="password" id="password" name="_password"/>

        {# If you want to control the URL the user is redirected to on success
        <input type="hidden" name="_target_path" value="/account"/> #}

        <button type="submit">login</button>
    </form>

{% endblock %}
```

## Loggging Out

https://symfony.com/doc/current/security.html#logging-out


## Access Control (Authorization)

https://symfony.com/doc/current/security.html#access-control-authorization

## References

* https://symfony.com/doc/current/security.html