๐ Login Flow
PSR-15 middleware-based authentication. The login form is public; the dashboard route is protected by an AuthMiddleware that checks sessionData('auth') and redirects unauthenticated users back here.
/examples/login is public. /examples/login/dashboard is protected by AuthMiddleware โ a real PSR-15 middleware attached via ->middleware().sessionData('auth') in the server-side session store, and either redirects (302) or passes the auth record downstream as a request attribute.$c->getRequestAttribute('auth') โ the middleware-set attribute is automatically bridged from the PSR-7 request to the Via Context. No manual session checks needed in the page handler.Demo credentials
| Username | Password | Role |
|---|---|---|
ada |
lovelace |
Engineer |
grace |
hopper |
Admiral |
linus |
torvalds |
Maintainer |
๐ก Try visiting /examples/login/dashboard directly โ
the AuthMiddleware will redirect you back here because you're not logged in yet.
After logging in, you'll be sent to the protected dashboard automatically.
โก Signals
username
string TAB "" Username input bound to the login form.
password
string TAB "" Password input. Cleared on failure.
error
string TAB "" Validation error message shown beneath the form.
๐ฏ Actions
login
Validates credentials. On success, writes auth to sessionData and redirects to the middleware-protected dashboard.
๐ Views
login.html.twig
Login form. Redirects to dashboard if already authenticated.
login_dashboard.html.twig
Protected dashboard. Auth data injected by AuthMiddleware via request attributes.
๐ก๏ธ Middleware
AuthMiddleware
PSR-15 middleware that checks sessionData('auth') and redirects unauthenticated requests to the login form. Implements SseAwareMiddleware to also protect SSE connections.