4

I implemented the advanced user interface of Symfony in my project. It works to register and login users.

Now I have additional conditions I want to check when the user logs in. Like if the user has confirmed his or her email already and/or other conditions. Those conditions are fields in the database/properties of the user entity so it's easy to check them.

Imagine I want to add a isEmailConfirmed() function to the user class which is called like the isEnabled() function from the advanced user interface. If it returns true the user is able to login. If it returns false I want to restrict access and show a message that addresses the problem.

--> Is it correct, to add such a function to the checkPreAuth() function in Symfony\Component\Security\Core\User\UserChecker? I am thinking of hooking in here with a function like checkCustomConditions()?

Improve this question

1 Answer 1

Reset to default
7

In the authentication process, when trying to authenticate a user, first the provider takes the credentials and retrieves the user from the storage (db, active directory). Then the Symfony\Component\Security\Core\User\UserChecker::preAuth() method is called before actually creating a token for the user. Here exceptions are thrown specifically for each of the cases you mention above. You can catch them in your loginAction and interpret them.

I guess the least intrusive way to add your own preAuth logic would be to try an overwrite the definition of the provider (if you are using a default one) to use your own UserChecker.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

This helped a lot: When searching for the methods directly I found a post on SO that describes how to overwrite the service user_checker and how to implement my own: stackoverflow.com/questions/11100628/…

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.