Redirection user by roles after login/logout in symfony2

Description of this Gist

This is the how to for redirection implementation by roles after login or logout in Symfony2


  1. Copy AfterLoginRedirection.php and AfterLogoutRedirection.php to your bundle under the "Redirection" directory
  2. Edit your services.yml file in your bundle and copy/paste the content of services.yml
  3. Edit your security.yml file...
  4. ... add success_handler: redirect.after.login in form_login: section
  5. ... add success_handler: redirect.after.logout in logout: section


For more informations, you can read my explanation on my blog (in french only)

* @copyright Copyright (c) 2009-2014 Steven TITREN -
* @package Webaki\UserBundle\Redirection
* @author Steven Titren <>
namespace Webaki\UserBundle\Redirection;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
class AfterLoginRedirection implements AuthenticationSuccessHandlerInterface
* @var \Symfony\Component\Routing\RouterInterface
private $router;
* @param RouterInterface $router
public function __construct(RouterInterface $router)
$this->router = $router;
* @param Request $request
* @param TokenInterface $token
* @return RedirectResponse
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
// Get list of roles for current user
$roles = $token->getRoles();
// Tranform this list in array
$rolesTab = array_map(function($role){
return $role->getRole();
}, $roles);
// If is a admin or super admin we redirect to the backoffice area
if (in_array('ROLE_ADMIN', $rolesTab, true) || in_array('ROLE_SUPER_ADMIN', $rolesTab, true))
$redirection = new RedirectResponse($this->router->generate('backoffice_homepage'));
// otherwise, if is a commercial user we redirect to the crm area
elseif (in_array('ROLE_COMMERCIAL', $rolesTab, true))
$redirection = new RedirectResponse($this->router->generate('crm_homepage'));
// otherwise we redirect user to the member area
$redirection = new RedirectResponse($this->router->generate('member_homepage'));
return $redirection;
* @copyright Copyright (c) 2009-2014 Steven TITREN -
* @package Webaki\UserBundle\Redirection
* @author Steven Titren <>
namespace Webaki\UserBundle\Redirection;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\Security\Http\Logout\LogoutSuccessHandlerInterface;
class AfterLogoutRedirection implements LogoutSuccessHandlerInterface
* @var \Symfony\Component\Routing\RouterInterface
private $router;
* @var \Symfony\Component\Security\Core\SecurityContextInterface
private $security;
* @param SecurityContextInterface $security
public function __construct(RouterInterface $router, SecurityContextInterface $security)
$this->router = $router;
$this->security = $security;
* @param Request $request
* @return RedirectResponse
public function onLogoutSuccess(Request $request)
// Get list of roles for current user
$roles = $this->security->getToken()->getRoles();
// Tranform this list in array
$rolesTab = array_map(function($role){
return $role->getRole();
}, $roles);
// If is a commercial user or admin or super admin we redirect to the login area. Here we used FoseUserBundle bundle
if (in_array('ROLE_COMMERCIAL', $rolesTab, true) || in_array('ROLE_ADMIN', $rolesTab, true) || in_array('ROLE_SUPER_ADMIN', $rolesTab, true))
$response = new RedirectResponse($this->router->generate('fos_user_security_login'));
// otherwise we redirect user to the homepage of website
$response = new RedirectResponse($this->router->generate('homepage'));
return $response;
FOS\UserBundle\Model\UserInterface: sha512
id: fos_user.user_provider.username_email
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
pattern: ^/
provider: fos_userbundle
csrf_provider: form.csrf_provider
login_path: /login
check_path: /login_check
success_handler: redirect.after.login
path: /logout
target: /
success_handler: redirect.after.logout
anonymous: true
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/membre, role: ROLE_USER }
- { path: ^/crm, role: ROLE_COMMERCIAL }
- { path: ^/backoffice, role: ROLE_ADMIN }
class: Webaki\UserBundle\Redirection\AfterLoginRedirection
arguments: [@router]
class: Webaki\UserBundle\Redirection\AfterLogoutRedirection
arguments: [@router, @security.context]
DONIKAN commented Dec 3, 2015

Big thanks, it work after deleting this line in service.yml
[...] logout: true

I still don't understand how if one user has many roles but each role has only one redirect link, where the user will be redirected after login? Do symfony allow many to one relationship user to the role than many to many?

1- An user have many roles. In this code the redirection is make depending the principal role of the user
for example the list roles of the user is

array(0 => 'ROLE_ADMIN', 1 => 'ROLE_USER')

The principal role here is "ROLE_ADMIN"
2-The role is an attribute of the user entity. So no relationship context here.
In case, if you want to have separate roles for each user, you can create Role entity, that should implementing Symfony\Component\Security\Core\Role\RoleInterface

MariemM commented Mar 16, 2016

Hello @jeffsacco
I have the same error please if you find the solution, please let me know ! Thank you.

thanks <3 <3

I have follow the steps but it dosen't work for me may be its not compatible with Symfony3?

Broasca commented Sep 17, 2019

Logout updated for symfony 4+



namespace App\Redirection;

use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Security\Http\Logout\LogoutSuccessHandlerInterface;
use Symfony\Component\Security\Core\Security;

class AfterLogoutRedirection implements LogoutSuccessHandlerInterface
	 * @var RouterInterface
	private $router;
	 * @var Security
	private $security;

	 * @param RouterInterface $router
	 * @param Security $security
	public function __construct(RouterInterface $router, Security $security)
		$this->router = $router;
		$this->security = $security;
	 * @param Request $request
	 * @return RedirectResponse
	public function onLogoutSuccess(Request $request)


        class: App\Redirection\AfterLogoutRedirection
        arguments: ["@router", "@security.helper"]

Symfony needs to update the docs to contain examples and information on how this works and how to do it.

