feat(story-1.4): user login with remember_me, inline error, logout

- Login Twig template: styled to match register page; inline "Incorrect email or password" on both fields (no email-existence disclosure); aria-invalid on error - security.yaml: always_remember_me: true — REMEMBERME cookie set on every login - Logout: /logout → session invalidated → 302 /login (Symfony firewall handles it) Verified: correct creds → 302 / + REMEMBERME cookie; wrong creds → 302 /login + inline error on re-render; logout → 302 /login; GET / after logout → 302 /login Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-27 23:36:39 -04:00
parent 85363e98bd
commit d6c21659f0
2 changed files with 103 additions and 21 deletions
@@ -26,7 +26,7 @@ security:
            remember_me:
                secret: '%kernel.secret%'
                lifetime: 2592000  # 30 days
-                always_remember_me: false
+                always_remember_me: true

    role_hierarchy:
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN]