Login via email, plus qu'à enver l'email

config/packages/security.yaml

@@ -14,8 +14,19 @@ security:
             pattern: ^/(_(profiler|wdt)|css|images|js)/
             security: false
         main:
+            pattern: ^/
             lazy: true
             provider: app_user_provider
+            login_link:
+                check_route: login_check
+                signature_properties: ['id', 'email']
+            entry_point: App\Security\CustomEntryPoint
+            logout:
+                path: app_logout
+                target: /login
+            remember_me:
+                secret: '%kernel.secret%'
+                path: /
 
             # activate different ways to authenticate
             # https://symfony.com/doc/current/security.html#the-firewall
@@ -28,6 +39,8 @@ security:
     access_control:
         # - { path: ^/admin, roles: ROLE_ADMIN }
         # - { path: ^/profile, roles: ROLE_USER }
+        - { path: ^/login, roles: PUBLIC_ACCESS }
+        - { path: ^/, roles: ROLE_USER }
 
 when@test:
     security:

config/routes/security.yaml

@@ -1,3 +1,6 @@
 _security_logout:
     resource: security.route_loader.logout
     type: service
+
+app_logout:
+    path: /logout

src/Controller/SecurityController.php

@@ -0,0 +1,46 @@
+<?php
+
+namespace App\Controller;
+
+use App\Repository\UserRepository;
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\LoginLink\LoginLinkHandlerInterface;
+
+class SecurityController extends AbstractController
+{
+    #[Route('/login_check', name: 'login_check')]
+    public function check(): never
+    {
+        throw new \LogicException('This code should never be reached');
+    }
+
+    #[Route('/login', name: 'login')]
+    public function requestLoginLink(LoginLinkHandlerInterface $loginLinkHandler, UserRepository $userRepository, Request $request): Response
+    {
+        // check if form is submitted
+        if ($request->isMethod('POST')) {
+            // load the user in some way (e.g. using the form input)
+            $email = $request->getPayload()->get('email');
+            $user = $userRepository->findOneBy(['email' => $email]);
+
+            if ($user) {
+                
+                            // create a login link for $user this returns an instance
+                            // of LoginLinkDetails
+                            $loginLinkDetails = $loginLinkHandler->createLoginLink($user);
+                            $loginLink = $loginLinkDetails->getUrl();
+                
+                            dump($loginLink);
+
+                            return $this->render('security/login_link_sent.html.twig');
+
+            }
+        }
+
+        // if it's not submitted, render the form to request the "login link"
+        return $this->render('security/request_login_link.html.twig');
+    }
+}

src/Security/CustomEntryPoint.php

@@ -0,0 +1,16 @@
+<?php
+
+namespace App\Security;
+
+use Symfony\Component\HttpFoundation\RedirectResponse;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
+
+class CustomEntryPoint implements AuthenticationEntryPointInterface
+{
+    public function start(Request $request, ?AuthenticationException $authException = null): RedirectResponse
+    {
+        return new RedirectResponse('/login');
+    }
+}

templates/security/login_link_sent.html.twig

@@ -0,0 +1 @@
+<h1>Veuillez suivre le lien reçu par mail</h1>

templates/security/request_login_link.html.twig

@@ -0,0 +1,8 @@
+{% extends 'base.html.twig' %}
+
+{% block body %}
+<form action="{{ path('login') }}" method="POST">
+    <input type="email" name="email">
+    <button type="submit">Envoyer le lien par mail</button>
+</form>
+{% endblock %}