feat(story-1.4): user login with remember_me, inline error, logout
- Login Twig template: styled to match register page; inline "Incorrect email or
password" on both fields (no email-existence disclosure); aria-invalid on error
- security.yaml: always_remember_me: true — REMEMBERME cookie set on every login
- Logout: /logout → session invalidated → 302 /login (Symfony firewall handles it)
Verified: correct creds → 302 / + REMEMBERME cookie; wrong creds → 302 /login +
inline error on re-render; logout → 302 /login; GET / after logout → 302 /login
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -26,7 +26,7 @@ security:
|
||||
remember_me:
|
||||
secret: '%kernel.secret%'
|
||||
lifetime: 2592000 # 30 days
|
||||
always_remember_me: false
|
||||
always_remember_me: true
|
||||
|
||||
role_hierarchy:
|
||||
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN]
|
||||
|
||||
@@ -5,29 +5,111 @@
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<title>Sign in — pictureFrame</title>
|
||||
<style>
|
||||
body { font-family: sans-serif; display: flex; align-items: center; justify-content: center; min-height: 100vh; margin: 0; background: #fdf6ee; }
|
||||
form { width: 100%; max-width: 360px; padding: 2rem; background: #fff; border-radius: 12px; border: 1px solid #e8d9c4; }
|
||||
h1 { margin: 0 0 1.5rem; font-size: 1.4rem; }
|
||||
label { display: block; margin-bottom: 0.25rem; font-size: 0.875rem; }
|
||||
input { width: 100%; padding: 0.75rem; border: 1px solid #ccc; border-radius: 8px; font-size: 1rem; margin-bottom: 1rem; box-sizing: border-box; }
|
||||
button { width: 100%; padding: 0.875rem; background: #c97c3a; color: #fff; border: none; border-radius: 9999px; font-size: 1rem; font-weight: 600; cursor: pointer; }
|
||||
.error { color: #c0392b; font-size: 0.875rem; margin-bottom: 1rem; }
|
||||
a { display: block; text-align: center; margin-top: 1rem; color: #c97c3a; }
|
||||
*, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
|
||||
body {
|
||||
font-family: system-ui, sans-serif;
|
||||
display: flex;
|
||||
align-items: center;
|
||||
justify-content: center;
|
||||
min-height: 100dvh;
|
||||
background: #fdf6ee;
|
||||
color: #3a2e22;
|
||||
}
|
||||
.card {
|
||||
width: 100%;
|
||||
max-width: 380px;
|
||||
margin: 1rem;
|
||||
padding: 2rem;
|
||||
background: #fff9f2;
|
||||
border-radius: 16px;
|
||||
border: 1px solid #e8d9c4;
|
||||
}
|
||||
h1 { font-size: 1.4rem; font-weight: 700; margin-bottom: 1.5rem; }
|
||||
.field { margin-bottom: 1rem; }
|
||||
label { display: block; font-size: 0.8125rem; font-weight: 600; color: #8a7060; margin-bottom: 0.375rem; }
|
||||
input[type="email"],
|
||||
input[type="password"] {
|
||||
width: 100%;
|
||||
min-height: 44px;
|
||||
padding: 0 0.875rem;
|
||||
border: 1px solid #e8d9c4;
|
||||
border-radius: 10px;
|
||||
background: #fff;
|
||||
font-size: 1rem;
|
||||
color: #3a2e22;
|
||||
transition: border-color 0.15s;
|
||||
}
|
||||
input:focus { outline: none; border-color: #c97c3a; }
|
||||
input[aria-invalid="true"] { border-color: #c0392b; }
|
||||
.field-error {
|
||||
margin-top: 0.25rem;
|
||||
font-size: 0.8125rem;
|
||||
color: #c0392b;
|
||||
min-height: 1.2em;
|
||||
}
|
||||
.btn {
|
||||
display: flex;
|
||||
align-items: center;
|
||||
justify-content: center;
|
||||
width: 100%;
|
||||
min-height: 44px;
|
||||
margin-top: 1.25rem;
|
||||
background: #c97c3a;
|
||||
color: #fff;
|
||||
border: none;
|
||||
border-radius: 9999px;
|
||||
font-size: 1rem;
|
||||
font-weight: 700;
|
||||
cursor: pointer;
|
||||
transition: opacity 0.15s;
|
||||
}
|
||||
.btn:hover { opacity: 0.9; }
|
||||
.register-link { display: block; text-align: center; margin-top: 1rem; font-size: 0.875rem; color: #8a7060; }
|
||||
.register-link a { color: #c97c3a; text-decoration: none; font-weight: 600; }
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<form method="post">
|
||||
<div class="card">
|
||||
<h1>Sign in</h1>
|
||||
{% if error %}
|
||||
<p class="error">{{ error.messageKey|trans(error.messageData, 'security') }}</p>
|
||||
{% endif %}
|
||||
<label for="inputEmail">Email</label>
|
||||
<input type="email" id="inputEmail" name="_username" value="{{ last_username }}" required autofocus>
|
||||
|
||||
<form method="post" novalidate>
|
||||
<div class="field">
|
||||
<label for="inputEmail">Email address</label>
|
||||
<input
|
||||
type="email"
|
||||
id="inputEmail"
|
||||
name="_username"
|
||||
value="{{ last_username }}"
|
||||
autocomplete="email"
|
||||
aria-describedby="login-error"
|
||||
{% if error %}aria-invalid="true"{% endif %}
|
||||
autofocus
|
||||
>
|
||||
</div>
|
||||
|
||||
<div class="field">
|
||||
<label for="inputPassword">Password</label>
|
||||
<input type="password" id="inputPassword" name="_password" required>
|
||||
<input
|
||||
type="password"
|
||||
id="inputPassword"
|
||||
name="_password"
|
||||
autocomplete="current-password"
|
||||
aria-describedby="login-error"
|
||||
{% if error %}aria-invalid="true"{% endif %}
|
||||
>
|
||||
{% if error %}
|
||||
<p id="login-error" class="field-error" role="alert">Incorrect email or password</p>
|
||||
{% else %}
|
||||
<p id="login-error" class="field-error"></p>
|
||||
{% endif %}
|
||||
</div>
|
||||
|
||||
<input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
|
||||
<button type="submit">Sign in</button>
|
||||
<a href="/register">Create account</a>
|
||||
</form>
|
||||
|
||||
<button type="submit" class="btn">Sign in</button>
|
||||
</form>
|
||||
|
||||
<p class="register-link">Don't have an account? <a href="/register">Create one</a></p>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
|
||||
Reference in New Issue
Block a user