Symfony: Get logged user in 404 Error Page

Question

I'm trying to get the username of logged user in the 404 error page, like the symfony docs says;

{# app/Resources/TwigBundle/views/Exception/error404.html.twig #}
{% extends 'base.html.twig' %}

{% block body %}
    <h1>Page not found</h1>

    {# example security usage, see below #}
    {% if is_granted('IS_AUTHENTICATED_FULLY') %}
            IS_AUTHENTICATED_FULLY: {{ app.user.username }}
    {% endif %}

    {% if is_granted('IS_AUTHENTICATED_REMEMBERED') %}
            IS_AUTHENTICATED_REMEMBERED: {{ app.user.username }}
    {% endif %}

    {% if app.user %}
            app.user: {{ app.user.username }}
    {% endif %}

    <p>
        The requested page couldn't be located. Checkout for any URL
        misspelling or <a href="{{ path('homepage') }}">return to the homepage</a>.
    </p>
{% endblock %}

Everything works in dev, but in production the user is always not logged. Every if condition fails.

In this discussion I found this:

The cause of this problem is that routing is done before security. If a 404 error occurs, the security layer isn't loaded and thus

So... can be possible to get the logged user in twig exception page?

Update

It looks like it is a desired behavior: https://github.com/symfony/symfony/issues/8414#issuecomment-23661839

This hack can "solve" but it is really ugly...

score 5 · Accepted Answer · answered Jul 26 '16 at 11:34

5

The only solution I found so far is this:

routing.yml (this must be the last rule)

pageNotFound:
    pattern:  /{path}
    defaults: { _controller: MyContentBundle:PageNotFound:pageNotFound, path: '' }
    requirements:
        path: .*

the controller action

public function pageNotFoundAction()
    {
        throw new NotFoundHttpException();
    }

Reference

I hope to find a better solution

answered Jul 26 '16 at 11:34

Filo

2,829
1
21
36

1

worked for me, when using `path: /{path}` instead of `pattern: /{path}` with symfony 3 – Samuel Kirschner Aug 17 '17 at 08:12

Aurelijus Rozenas · Answer 2 · 2016-07-23T18:03:47.703

0

EDIT: Unfortunately this works for all error pages except 404, so this is not correct answer. Leaving this only as reference.

Original answer: This works for me:

{% if app.user %}
    {{ app.user.username }}
{% endif %}

is_granted('IS_AUTHENTICATED_FULLY') will be true only when you logged in this session:

IS_AUTHENTICATED_FULLY is actually stronger. You only have this if you’ve actually logged in during this session. If you’re logged in because of a remember me cookie, you won’t have this; https://knpuniversity.com/screencast/symfony2-ep2/twig-security-is-authenticated

edited Jul 23 '16 at 18:03

answered Jul 22 '16 at 12:51

Aurelijus Rozenas

2,176
2
28
40

Yes, you are right about "IS_AUTHENTICATED_FULLY", I posted this example but it doesn't works also with "IS_AUTHENTICATED_REMEMBERED" . Anyway... which version of symfony are you using? I have the 3.0 branch and it does't works. Are you in prod or dev? In dev it works, prod no – Filo Jul 23 '16 at 11:10
Another question: did you tried with a random url like "/dfdsusdhuasd" or generating a not found excepion in a controller? – Filo Jul 23 '16 at 14:38
1

Tested 2.8 and 3, seems that app.user is loaded for all error pages **except 404**. So I cannot say I have more experience with this, but the hack you found actually seems not that ugly. Especially if you make the exception message similar to original one as suggested. Let us know if you find a better way, or use the hack :) – Aurelijus Rozenas Jul 23 '16 at 18:05

Symfony: Get logged user in 404 Error Page

2 Answers2