๐ Login Flow
PSR-15 middleware-based authentication. The login form is public; the dashboard and profile routes are protected by AuthMiddleware via Via::group()->middleware().
/examples/login is public. Dashboard and profile are protected via Via::group()->middleware(new AuthMiddleware(...)) โ one call shields both.sessionData('auth') in the server-side session store, and either redirects (302) or passes the auth record downstream as a request attribute.$c->getRequestAttribute('auth') โ the middleware-set attribute is automatically bridged from the PSR-7 request to the Via Context. No manual session checks needed.Demo credentials
| Username | Password | Role |
|---|---|---|
ada |
lovelace |
Engineer |
grace |
hopper |
Admiral |
linus |
torvalds |
Maintainer |
๐ก Try visiting /examples/login/dashboard directly โ
the AuthMiddleware will redirect you back here because you're not logged in yet.
After logging in, you'll be sent to the protected dashboard automatically.
โก Signals
username
string TAB "" Username input bound to the login form.
password
string TAB "" Password input. Cleared on failure.
error
string TAB "" Validation error message shown beneath the form.
๐ฏ Actions
login
Validates credentials. On success, writes auth to sessionData and redirects to the middleware-protected dashboard.
๐ Views
login.html.twig
Login form. Redirects to dashboard if already authenticated.
login_dashboard.html.twig
Protected dashboard. Auth data injected by AuthMiddleware via request attributes.
login_profile.html.twig
Protected profile page. Same AuthMiddleware protects it via the shared group.
๐ก๏ธ Middleware
AuthMiddleware
PSR-15 middleware that checks sessionData('auth') and redirects unauthenticated requests to the login form. Implements SseAwareMiddleware to also protect SSE connections.