Reread Form Login article

Author: wouterj

cookbook/security/form_login_setup.rst

@@ -76,20 +76,15 @@ First, enable form login under your firewall:
 Now, when the security system initiates the authentication process, it will
 redirect the user to the login form ``/login``. Implementing this login form
 visually is your job. First, create a new ``SecurityController`` inside a
-bundle with an empty ``loginAction``::
+bundle::
 
     // src/AppBundle/Controller/SecurityController.php
     namespace AppBundle\Controller;
 
-    use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
     use Symfony\Bundle\FrameworkBundle\Controller\Controller;
 
     class SecurityController extends Controller
     {
-        public function loginAction(Request $request)
-        {
-            // todo...
-        }
     }
 
 Next, create two routes: one for each of the paths your configured earlier
@@ -100,7 +95,9 @@ under your ``form_login`` configuration (``/login`` and ``/login_check``):
     .. code-block:: php-annotations
 
         // src/AppBundle/Controller/SecurityController.php
+
         // ...
+        use Symfony\Component\HttpFoundation\Request;
         use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
 
         class SecurityController extends Controller
@@ -110,14 +107,15 @@ under your ``form_login`` configuration (``/login`` and ``/login_check``):
              */
             public function loginAction(Request $request)
             {
-                // todo ...
             }
 
             /**
              * @Route("/login_check", name="login_check")
              */
             public function loginCheckAction()
             {
+                // this controller will not be executed,
+                // as the route is handled by the Security system
             }
         }
 
@@ -129,6 +127,8 @@ under your ``form_login`` configuration (``/login`` and ``/login_check``):
             defaults: { _controller: AppBundle:Security:login }
         login_check:
             path: /login_check
+            # no controller is bound to this route
+            # as it's handled by the Security system
 
     .. code-block:: xml
 
@@ -144,6 +144,8 @@ under your ``form_login`` configuration (``/login`` and ``/login_check``):
             </route>
 
             <route id="login_check" path="/login_check" />
+            <!-- no controller is bound to this route
+                 as it's handled by the Security system -->
         </routes>
 
     ..  code-block:: php
@@ -157,27 +159,27 @@ under your ``form_login`` configuration (``/login`` and ``/login_check``):
             '_controller' => 'AppBundle:Security:login',
         )));
         $collection->add('login_check', new Route('/login_check', array()));
+        // no controller is bound to this route
+        // as it's handled by the Security system
 
         return $collection;
 
 Great! Next, add the logic to ``loginAction`` that will display the login
 form::
 
     // src/AppBundle/Controller/SecurityController.php
-    // ...
 
-    // ADD THIS use STATEMENT above your class
+    // ...
     use Symfony\Component\Security\Core\SecurityContextInterface;
 
+    // ...
     public function loginAction(Request $request)
     {
         $session = $request->getSession();
 
         // get the login error if there is one
         if ($request->attributes->has(SecurityContextInterface::AUTHENTICATION_ERROR)) {
-            $error = $request->attributes->get(
-                SecurityContextInterface::AUTHENTICATION_ERROR
-            );
+            $error = $request->attributes->get(SecurityContextInterface::AUTHENTICATION_ERROR);
         } elseif (null !== $session && $session->has(SecurityContextInterface::AUTHENTICATION_ERROR)) {
             $error = $session->get(SecurityContextInterface::AUTHENTICATION_ERROR);
             $session->remove(SecurityContextInterface::AUTHENTICATION_ERROR);