symfony
diff --git a/‎security/form_login_setup.rst
Lines changed: 42 additions & 17 deletions b/‎security/form_login_setup.rst
Lines changed: 42 additions & 17 deletions
@@ -65,15 +65,24 @@ class that processes the login submit and 4) updates the main security config fi
          */
         public function login(AuthenticationUtils $authenticationUtils): Response
         {
+            // if ($this->getUser()) {
+            //     return $this->redirectToRoute('target_path');
+            // }
+
             // get the login error if there is one
             $error = $authenticationUtils->getLastAuthenticationError();
             // last username entered by the user
             $lastUsername = $authenticationUtils->getLastUsername();
 
-            return $this->render('security/login.html.twig', [
-                'last_username' => $lastUsername,
-                'error' => $error
-            ]);
+            return $this->render('security/login.html.twig', ['last_username' => $lastUsername, 'error' => $error]);
+        }
+
+        /**
+         * @Route("/logout", name="app_logout")
+         */
+        public function logout()
+        {
+            throw new \Exception('This method can be blank - it will be intercepted by the logout key on your firewall');
         }
     }
 
@@ -137,11 +146,17 @@ a traditional HTML form that submits to ``/login``:
             <div class="alert alert-danger">{{ error.messageKey|trans(error.messageData, 'security') }}</div>
         {% endif %}
 
+        {% if app.user %}
+            <div class="mb-3">
+                You are logged in as {{ app.user.username }}, <a href="{{ path('app_logout') }}">Logout</a>
+            </div>
+        {% endif %}
+
         <h1 class="h3 mb-3 font-weight-normal">Please sign in</h1>
-        <label for="inputEmail" class="sr-only">Email</label>
-        <input type="email" value="{{ last_username }}" name="email" id="inputEmail" class="form-control" placeholder="Email" required autofocus>
-        <label for="inputPassword" class="sr-only">Password</label>
-        <input type="password" name="password" id="inputPassword" class="form-control" placeholder="Password" required>
+        <label for="inputEmail">Email</label>
+        <input type="email" value="{{ last_username }}" name="email" id="inputEmail" class="form-control" required autofocus>
+        <label for="inputPassword">Password</label>
+        <input type="password" name="password" id="inputPassword" class="form-control" required>
 
         <input type="hidden" name="_csrf_token"
                value="{{ csrf_token('authenticate') }}"
@@ -171,10 +186,9 @@ a traditional HTML form that submits to ``/login``:
 
     use App\Entity\User;
     use Doctrine\ORM\EntityManagerInterface;
-
     use Symfony\Component\HttpFoundation\RedirectResponse;
     use Symfony\Component\HttpFoundation\Request;
-    use Symfony\Component\Routing\RouterInterface;
+    use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
     use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
     use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
     use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
@@ -185,21 +199,22 @@ a traditional HTML form that submits to ``/login``:
     use Symfony\Component\Security\Csrf\CsrfToken;
     use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
     use Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator;
+    use Symfony\Component\Security\Guard\PasswordAuthenticatedInterface;
     use Symfony\Component\Security\Http\Util\TargetPathTrait;
 
-    class LoginFormAuthenticator extends AbstractFormLoginAuthenticator
+    class LoginFormAuthenticator extends AbstractFormLoginAuthenticator implements PasswordAuthenticatedInterface
     {
         use TargetPathTrait;
 
         private $entityManager;
-        private $router;
+        private $urlGenerator;
         private $csrfTokenManager;
         private $passwordEncoder;
 
-        public function __construct(EntityManagerInterface $entityManager, RouterInterface $router, CsrfTokenManagerInterface $csrfTokenManager, UserPasswordEncoderInterface $passwordEncoder)
+        public function __construct(EntityManagerInterface $entityManager, UrlGeneratorInterface $urlGenerator, CsrfTokenManagerInterface $csrfTokenManager, UserPasswordEncoderInterface $passwordEncoder)
         {
             $this->entityManager = $entityManager;
-            $this->router = $router;
+            $this->urlGenerator = $urlGenerator;
             $this->csrfTokenManager = $csrfTokenManager;
             $this->passwordEncoder = $passwordEncoder;
         }
@@ -247,23 +262,31 @@ a traditional HTML form that submits to ``/login``:
             return $this->passwordEncoder->isPasswordValid($user, $credentials['password']);
         }
 
+        /**
+         * Used to upgrade (rehash) the user's password automatically over time.
+         */
+        public function getPassword($credentials): ?string
+        {
+            return $credentials['password'];
+        }
+
         public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
         {
             if ($targetPath = $this->getTargetPath($request->getSession(), $providerKey)) {
                 return new RedirectResponse($targetPath);
             }
 
-            // For example : return new RedirectResponse($this->router->generate('some_route'));
+            // For example : return new RedirectResponse($this->urlGenerator->generate('some_route'));
             throw new \Exception('TODO: provide a valid redirect inside '.__FILE__);
         }
 
         protected function getLoginUrl()
         {
-            return $this->router->generate('app_login');
+            return $this->urlGenerator->generate('app_login');
         }
     }
 
-**Step 4.** Updates the main security config file to enable the Guard authenticator:
+**Step 4.** Updates the main security config file to enable the Guard authenticator and configure logout route:
 
 .. configuration-block::
 
@@ -279,6 +302,8 @@ a traditional HTML form that submits to ``/login``:
                     guard:
                         authenticators:
                             - App\Security\LoginFormAuthenticator
+                    logout:
+                        path: app_logout
 
     .. code-block:: xml