On my website, I have 3 sections : Admin, Members and Public. The Admin section is only reachable through "gestion.%domain%", and must have an Admin User. This section works great.
For the Members section, it is reachable through "membre.%domain%", and must have a Member User. This also works great.
The problem comes to the Public section. Every part of this section is accessible either anonymously or logged in with a Member User. When logged in, the top menu will change a bit to show more option (kinda like any shopping website).
So I've configured my security settings as follow :
security:
providers:
membre_provider:
id: App\Security\Provider\MembreProvider
manager_provider:
id: App\Security\Provider\ManagerProvider
encoders:
App\Entity\Utilisateur: sha512
role_hierarchy:
ROLE_MEMBRE: [ROLE_NON_MEMBRE]
ROLE_SUPER_ADMIN: [ROLE_ADMIN]
ROLE_ADMIN: [ROLE_EDITEUR]
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
admin:
host: 'gestion.%domain%'
pattern: .*
anonymous: ~
form_login:
login_path: admin_login
check_path: admin_login
access_denied_url: admin_access_denied
provider: manager_provider
logout:
path: admin_logout
target: admin_login
main:
pattern: .*
anonymous: true
form_login:
login_path: membre_login
check_path: membre_login
access_denied_url: membre_login
provider: membre_provider
user_checker: App\Security\MembreUserChecker
logout:
path: membre_logout
target: index
remember_me:
secret: '%kernel.secret%'
name: 'remember_me_main'
lifetime: 604800 # 1 week in seconds
path: /
always_remember_me: true
access_control:
- { path: ^/connexion, roles: IS_AUTHENTICATED_ANONYMOUSLY, host: 'membre.%domain%' }
- { path: ^/demande_reinitialisation, roles: IS_AUTHENTICATED_ANONYMOUSLY, host: 'membre.%domain%' }
- { path: ^/reinitialisation, roles: IS_AUTHENTICATED_ANONYMOUSLY, host: 'membre.%domain%' }
- { path: ^/, roles: ROLE_NON_MEMBRE, host: 'membre.%domain%'}
- { path: ^/connexion, roles: IS_AUTHENTICATED_ANONYMOUSLY, host: 'gestion.%domain%' }
- { path: ^/, roles: ROLE_EDITEUR, host: 'gestion.%domain%'}
- { path: ^/, roles: IS_AUTHENTICATED_ANONYMOUSLY}
As you can see, I have the admin context and the main context. The main context is shared between the "Members" section and the "Public" section. And it does work as intended when testing it (in the "Security" tab of the profiler, both shows as "main" context)
The problem is when I try to get the logged in user infos in the public section, I always get the anonymous token (it even shows the anonymous token in the profiler), but when I'm in the "Members" section, I can get the logged in user correctly.
I'm completely lost there...