Redirection user by roles after login/logout in symfony2

1-Readme.md

Description of this Gist

This is the how to for redirection implementation by roles after login or logout in Symfony2

Step

1. Copy AfterLoginRedirection.php and AfterLogoutRedirection.php to your bundle under the "Redirection" directory
2. Edit your services.yml file in your bundle and copy/paste the content of services.yml
3. Edit your security.yml file...
4. ... add success_handler: redirect.after.login in form_login: section
5. ... add success_handler: redirect.after.logout in logout: section

More

For more informations, you can read my explanation on my blog (in french only)

AfterLoginRedirection.php

<?php
/**
 * @copyright  Copyright (c) 2009-2014 Steven TITREN - www.webaki.com
 * @package    Webaki\UserBundle\Redirection
 * @author     Steven Titren <contact@webaki.com>
 */

namespace Webaki\UserBundle\Redirection;


use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;

class AfterLoginRedirection implements AuthenticationSuccessHandlerInterface
{
    /**
     * @var \Symfony\Component\Routing\RouterInterface
     */
    private $router;

    /**
     * @param RouterInterface $router
     */
    public function __construct(RouterInterface $router)
    {
        $this->router = $router;
    }

    /**
     * @param Request $request
     * @param TokenInterface $token
     * @return RedirectResponse
     */
    public function onAuthenticationSuccess(Request $request, TokenInterface $token)
    {
        // Get list of roles for current user
        $roles = $token->getRoles();
        // Tranform this list in array
        $rolesTab = array_map(function($role){ 
          return $role->getRole(); 
        }, $roles);
        // If is a admin or super admin we redirect to the backoffice area
        if (in_array('ROLE_ADMIN', $rolesTab, true) || in_array('ROLE_SUPER_ADMIN', $rolesTab, true))
            $redirection = new RedirectResponse($this->router->generate('backoffice_homepage'));
        // otherwise, if is a commercial user we redirect to the crm area
        elseif (in_array('ROLE_COMMERCIAL', $rolesTab, true))
            $redirection = new RedirectResponse($this->router->generate('crm_homepage'));
        // otherwise we redirect user to the member area
        else
            $redirection = new RedirectResponse($this->router->generate('member_homepage'));
        
        return $redirection;
    }
} 

AfterLogoutRedirection.php

<?php
/**
 * @copyright  Copyright (c) 2009-2014 Steven TITREN - www.webaki.com
 * @package    Webaki\UserBundle\Redirection
 * @author     Steven Titren <contact@webaki.com>
 */

namespace Webaki\UserBundle\Redirection;


use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\Security\Http\Logout\LogoutSuccessHandlerInterface;

class AfterLogoutRedirection implements LogoutSuccessHandlerInterface
{
    /**
     * @var \Symfony\Component\Routing\RouterInterface
     */
    private $router;

    /**
     * @var \Symfony\Component\Security\Core\SecurityContextInterface
     */
    private $security;

    /**
     * @param SecurityContextInterface $security
     */
    public function __construct(RouterInterface $router, SecurityContextInterface $security)
    {
        $this->router = $router;
        $this->security = $security;
    }

    /**
     * @param Request $request
     * @return RedirectResponse
     */
    public function onLogoutSuccess(Request $request)
    {
        // Get list of roles for current user
        $roles = $this->security->getToken()->getRoles();
        // Tranform this list in array
        $rolesTab = array_map(function($role){ 
            return $role->getRole(); 
        }, $roles);
        // If is a commercial user or admin or super admin we redirect to the login area. Here we used FoseUserBundle bundle
        if (in_array('ROLE_COMMERCIAL', $rolesTab, true) || in_array('ROLE_ADMIN', $rolesTab, true) || in_array('ROLE_SUPER_ADMIN', $rolesTab, true))
            $response = new RedirectResponse($this->router->generate('fos_user_security_login'));
        // otherwise we redirect user to the homepage of website
        else
            $response = new RedirectResponse($this->router->generate('homepage'));

        return $response;
    }
} 

security.yml

security:
  encoders:
    FOS\UserBundle\Model\UserInterface: sha512

  role_hierarchy:
    ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

  providers:
    fos_userbundle:
      id: fos_user.user_provider.username_email

  firewalls:
    dev:
      pattern:  ^/(_(profiler|wdt)|css|images|js)/
      security: false

    main:
      pattern: ^/
      form_login:
        provider: fos_userbundle
        csrf_provider: form.csrf_provider
        login_path: /login
        check_path: /login_check
        success_handler: redirect.after.login
      logout:
        path: /logout
        target: /
        success_handler: redirect.after.logout
      anonymous:    true


  access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/membre, role: ROLE_USER }
    - { path: ^/crm, role: ROLE_COMMERCIAL }
    - { path: ^/backoffice, role: ROLE_ADMIN }

services.yml

services:
  redirect.after.login:
    class: Webaki\UserBundle\Redirection\AfterLoginRedirection
    arguments: [@router]

  redirect.after.logout:
    class: Webaki\UserBundle\Redirection\AfterLogoutRedirection
    arguments: [@router, @security.context]