Frontend Login and Forward

I would like to implement a “backend” login inside a frontend:

        <form method="post" action="/admin/login/login" autocomplete="off">

            
            <div class="form-fields">
                <input type="text" name="username" placeholder="Benutzername" required autofocus/>
                <input type="password" name="password" placeholder="Kennwort" required/>
            </div>

            <div class="body">
                <button type="submit">Anmelden</button>
            </div>
        </form>

The form above is copied from the pimcore backend login page.

So far, so good. Is it possible to add a “redirection” parameter?

The goal is:
Login an existing “backend user” using a frontend view.
After the login a redirection to the frontend homepage (NOT to the pimcore backend admin panel)

So maybe a form field is already available in pimcore?

            <div class="form-fields">
                <input type="text" name="username" placeholder="Benutzername" required autofocus/>
                <input type="password" name="password" placeholder="Kennwort" required/>
                **<input type="hidden" name="redir" value="/home...">**
            </div>

Thanks for any hint
Markus

Hi,
have a look at the security definition in Pimcore Core Bundle

It should be possible to add a custom firewall that reuses the pimcore_admin user provider and for example a form login like we do it in our demos like here.

BR
Christian

Hi Christian,

thank you! I thought i got stuck …

I have this firewall
/src/AppBundle/Resources/config/pimcore/security.yml

security:
    providers:
        pimcore_admin:
            id: Pimcore\Bundle\AdminBundle\Security\User\UserProvider

    firewalls:
        koh_fw:
            anonymous: ~
            pattern: ^/login
            # the provider defined above
            provider: pimcore_admin
            form_login:
                login_path: koh_login
                check_path: koh_login
                use_forward: false
                always_use_default_target_path: false
                default_target_path: /
                success_handler: AppBundle\EventListener\AuthenticationLoginListener

I have a static route “koh_login” with pattern “/login”. I call this controller and
the loginAction

The controller is:

<?php

namespace AppBundle\Controller;

use AppBundle\Form\LoginFormType;
use AppBundle\Model\DataObject\User;
use Pimcore\Controller\Configuration\TemplatePhp;
use Pimcore\Controller\FrontendController;
use Symfony\Component\Routing\Annotation\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;

class SecureController extends FrontendController
{
    public function loginAction(
        Request $request,
        AuthenticationUtils $authenticationUtils
    ) {
        // get the login error if there is one
        $error = $authenticationUtils->getLastAuthenticationError();

        // last username entered by the user
        $lastUsername = $authenticationUtils->getLastUsername();

        $formData = [
            '_username'    => $lastUsername,
            '_target_path' => '/'
        ];

        $form = $this->createForm(LoginFormType::class, $formData, [
            'action' => $this->generateUrl('koh_login'),
        ]);

        return [
            'hideLeftNav'     => true,
            'showBreadcrumbs' => false,
            'form'            => $form->createView(),
            'error'           => $error
        ];
    }
}

I can open the login form with mydomain.de/login
When i enter and send my pimcore user credentials i will be redirected back to the login page. Nothing happens.

I am really no specialist in the symphony framework - i think the mistake is
inside the firewall rule?

The most easy way to have a redirect after login is described here

I tried this snippet

				<div class="form-fields">
				    **<input type="hidden" name="_target_path" value="/mypage/"/>**
						<input type="text" name="username" placeholder="Benutzer" required/>
						<input type="password" name="password" placeholder="Kennwert" required/>
				</div>

				<div class="body">
						<button type="submit">Login</button>
				</div>
		</form>

but the parameter _target_path is not working. After the login i am inside the pimcore backend…

Thanks for your help!

Finally the solution was a success handler in the security.yml

    form_login:
        login_path: koh_login
        check_path: koh_login
        use_forward: false
        always_use_default_target_path: false
        success_handler: AppBundle\Controller\AuthenticationLoginListener

I create a session variable if the login was successful with onAuthenticationSuccess

public function onAuthenticationSuccess(Request $request, TokenInterface $token)
{
    $user = $token->getUser();

    $session = \Pimcore\Tool\Session::get();
    $session->set('pusr', $user->getUsername());

    return parent::onAuthenticationSuccess($request, $token);
}

Inside the frontend views i check if pusr is available

   $sessionUserName = Pimcore\Tool\Session::getReadonly()->get("pusr");
   $myUser = Pimcore\Model\User::getByName($sessionUserName);

Finally if have “myUser” and i have access to the role and all permissions

Maybe helpful for somebody.

Thank you Christian for your support