Issue with role checking in Symfony authentication success handler

Question

public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
{
    if ($targetPath = $this->getTargetPath($request->getSession(), $firewallName)) {
        return new RedirectResponse($targetPath);
    }

    // Get the authenticated user
    $user = $token->getUser();

    // Check the user's role
    if ($user->getRoles() === 'ROLE_ADMIN') { 
        // Redirect to the app_admin page
        return new RedirectResponse($this->urlGenerator->generate('app_admin'));
    } elseif ($user->getRoles() === 'ROLE_INSTRUCTEUR') { 
        // Redirect to the app_instructeur page
        return new RedirectResponse($this->urlGenerator->generate('app_instructeur'));
    } else {
        // Redirect to the app_user page
        return new RedirectResponse($this->urlGenerator->generate('app_user'));
    }
}

I'm working on a Symfony 5.4 application, and I have a custom authentication success handler where I'm checking the user's roles to determine the appropriate redirection. However, I seem to be encountering an issue with the role checking logic.

Note to self (ignore this): 1: InstructeurController maken 2: Ifstatement onAuthenticationSuccess updaten (Loginauthenticator) 3: access_control updaten (admin, instructeur en !!leerling!!) 4: UserController route updaten naar /leerling — NinjaCoder69, May 09 '23 at 22:17
Regel 20 $user = new User(); Regel 31 $user ->setRoles(["ROLE_LEERLING"]); — NinjaCoder69, May 09 '23 at 22:17
*: Routes updaten navbar + Unieke paginas en routes (/leerling/home) !Footer algemene voorwaarden alleen bij bezoeker! !Comments weghalen! — NinjaCoder69, May 09 '23 at 22:18
I don't get it. You deleted a previous question and then reposted part of it? Added a few `stream of consciousness comments` and then accepted something from the previous question? Plenty of folks try to bump their questions even though it is not necessary but this one just seems bizarre. — Cerad, May 10 '23 at 11:58

score 0 · Accepted Answer · answered May 09 '23 at 22:17

You used strict equality (===) to compare the user's roles with the strings 'ROLE_ADMIN' and 'ROLE_INSTRUCTEUR'. However, the getRoles() method typically returns an array of roles, not a single string.

To fix this mistake, you should use the in_array function:

public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
{
    if ($targetPath = $this->getTargetPath($request->getSession(), $firewallName)) {
        return new RedirectResponse($targetPath);
    }

    // Get the authenticated user
    $user = $token->getUser();

    // Check the user's role
    if (in_array('ROLE_ADMIN', $user->getRoles())) {
        // Redirect to the app_admin page
        return new RedirectResponse($this->urlGenerator->generate('app_admin'));
    } elseif (in_array('ROLE_INSTRUCTEUR', $user->getRoles())) {
        // Redirect to the app_instructeur page
        return new RedirectResponse($this->urlGenerator->generate('app_instructeur'));
    } else {
        // Redirect to the app_user page
        return new RedirectResponse($this->urlGenerator->generate('app_user'));
    }
}

Issue with role checking in Symfony authentication success handler

1 Answers1