Skip to content

Commit 001b3ab

Browse files
javiereguiluzjaviereguiluz
committed
Merge branch '7.2' into 7.3
* 7.2: [Security] Authenticator methods description
2 parents 3f82cd9 + d284a21 commit 001b3ab

File tree

1 file changed

+15
-12
lines changed

1 file changed

+15
-12
lines changed

security/custom_authenticator.rst

Lines changed: 15 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -153,22 +153,25 @@ or there was something wrong (e.g. incorrect password). The authenticator
153153
can define what happens in these cases:
154154

155155
``onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response``
156-
If the user is authenticated, this method is called with the
157-
authenticated ``$token``. This method can return a response (e.g.
158-
redirect the user to some page).
156+
If authentication is successful, this method is called with the
157+
authenticated ``$token``.
159158

160-
If ``null`` is returned, the request continues like normal (i.e. the
161-
controller matching the login route is called). This is useful for API
162-
routes where each route is protected by an API key header.
159+
This method can return a response (e.g. redirect the user to some page).
160+
161+
If ``null`` is returned, the current request will continue (and the
162+
user will be authenticated). This is useful for API routes where each
163+
route is protected by an API key header.
163164

164165
``onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response``
165-
If an ``AuthenticationException`` is thrown during authentication, the
166-
process fails and this method is called. This method can return a
167-
response (e.g. to return a 401 Unauthorized response in API routes).
166+
If authentication failed (e. g. wrong username password), this method
167+
is called with the ``AuthenticationException`` thrown.
168+
169+
This method can return a response (e.g. send a 401 Unauthorized in API
170+
routes).
168171

169-
If ``null`` is returned, the request continues like normal. This is
170-
useful for e.g. login forms, where the login controller is run again
171-
with the login errors.
172+
If ``null`` is returned, the request continues (but the user will **not**
173+
be authenticated). This is useful for login forms, where the login
174+
controller is run again with the login errors.
172175

173176
If you're using :ref:`login throttling <security-login-throttling>`,
174177
you can check if ``$exception`` is an instance of

0 commit comments

Comments
 (0)