Merge pull request #3014 from bolt/bugfix/redirect-to-login

Redirect to login page if unauthenticated

config/packages/security.yaml

@@ -31,6 +31,7 @@ security:
             pattern: ^/
             user_checker: Bolt\Security\UserChecker
             switch_user: { role: CAN_SWITCH_USER }
+            entry_point: Bolt\Security\AuthenticationEntryPointRedirector
 
             custom_authenticators:
                 - Bolt\Security\LoginFormAuthenticator

phpstan.neon

@@ -41,6 +41,11 @@ parameters:
             message: '#Property Bolt\\Entity\\(.*)::\$id is never written, only read#'
             path: %currentWorkingDirectory%/src/Entity/*
 
+        # False positive: Call to an undefined method Symfony\Component\HttpFoundation\Session\SessionInterface::getFlashBag().
+        -
+            message: '#Symfony\\Component\\HttpFoundation\\Session\\SessionInterface::getFlashBag#'
+            path: %currentWorkingDirectory%/src/Security/AuthenticationEntryPointRedirector
+
 includes:
 	- vendor/phpstan/phpstan-symfony/extension.neon
 	- vendor/phpstan/phpstan-doctrine/extension.neon

src/Security/AuthenticationEntryPointRedirector.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace Bolt\Security;
+
+use Symfony\Component\HttpFoundation\RedirectResponse;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
+
+class AuthenticationEntryPointRedirector implements AuthenticationEntryPointInterface
+{
+    private $urlGenerator;
+
+    public function __construct(UrlGeneratorInterface $urlGenerator)
+    {
+        $this->urlGenerator = $urlGenerator;
+    }
+
+    public function start(Request $request, AuthenticationException $authException = null)
+    {
+        // add a custom flash message and redirect to the login page
+        $request->getSession()->getFlashBag()->add('warning', 'You have to login in order to access this page.');
+
+        return new RedirectResponse($this->urlGenerator->generate('bolt_login'));
+    }
+}

templates/security/login.html.twig

@@ -71,6 +71,10 @@
         </div>
 
     </div>
+
+    <div class="admin__notifications">
+        {{ include('@bolt/_partials/_flash_messages.html.twig') }}
+    </div>
 {% endblock %}
 
 

yaml-migrations/m_2021-12-10-security_1.yaml

@@ -10,3 +10,4 @@ add:
             main:
                 custom_authenticators:
                     - Bolt\Security\LoginFormAuthenticator
+                entry_point: Bolt\Security\AuthenticationEntryPointRedirector