Symfony2 difference between error.message and error.messageKey
I am implementing a simple custom login form. I follow two different examples, the official one http://symfony.com/doc/current/cookbook/security/form_login_setup.html and the other https://knpuniversity.com/screencast/symfony2-ep2/logout#play which is essentially is the same with some differences. If you look at login.html.twig from the two examples, one difference is the error message in which the first reports
<div class="error">{{ error.message|trans }}</div>
and the rest of the reports
div class="error">{{ error.messageKey|trans(error.messageData, 'security') }}</div>
Please, here's my question: what's the difference between "error.message" and "error.messageKey" and what does error.messageData mean in the second example?
In the second example, according to the doc you provided:
"The error variable passed to the template is an AuthenticationException instance. It can contain more information or even sensitive information about the authentication error, so use it wisely!"
And the associated class:
http://api.symfony.com/2.7/Symfony/Component/Security/Core/Exception/AuthenticationException.html
So the variable error
posted to the template and the object gets:
$error = $authenticationUtils->getLastAuthenticationError();
In the first example, the variable error
is a class constant obtained:
$error = $session->get(SecurityContextInterface::AUTHENTICATION_ERROR);
And the associated class:
http://api.symfony.com/2.0/Symfony/Component/Security/Core/SecurityContextInterface.html
So, you can see that both variables error
have the same name! They are not instances of the same class
** EDIT **
This is a response to your comment. Both methods do the same job
1. First method
class AuthenticationUtils
{
/**
* @param bool $clearSession
*
* @return AuthenticationException|null
*/
public function getLastAuthenticationError($clearSession = true)
{
$request = $this->getRequest();
$session = $request->getSession();
$authenticationException = null;
if ($request->attributes->has(Security::AUTHENTICATION_ERROR)) {
$authenticationException = $request->attributes->get(Security::AUTHENTICATION_ERROR);
} elseif ($session !== null && $session->has(Security::AUTHENTICATION_ERROR)) {
$authenticationException = $session->get(Security::AUTHENTICATION_ERROR);
if ($clearSession) {
$session->remove(Security::AUTHENTICATION_ERROR);
}
}
return $authenticationException;
}
class AuthenticationException extends \RuntimeException implements \Serializable
{
/**
* Message key to be used by the translation component.
*
* @return string
*/
public function getMessageKey()
{
return 'An authentication exception occurred.';
}
/**
* Message data to be used by the translation component.
*
* @return array
*/
public function getMessageData()
{
return array();
}
}
So:
$ error = $ authenticationUtils-> getLastAuthenticationError ();
Further
{{error.messageKey | trans (error.messageData, 'security')}}
Will return:
'An authentication exception occurred.'
2. Second method
interface SecurityContextInterface extends TokenStorageInterface, AuthorizationCheckerInterface
{
const AUTHENTICATION_ERROR = Security::AUTHENTICATION_ERROR;
}
final class Security
{
const AUTHENTICATION_ERROR = '_security.last_error';
}
So,
$ error = $ session-> get (SecurityContextInterface :: AUTHENTICATION_ERROR);
Further
{{error.message | trans}}
Will return
last authentication error saved in session
in the first case ( error.message|trans
) error.message
just contains the translation key.
the second ( error.messageKey|trans(error.messageData, 'security')
) is a little more complicated:
-
you have the message key in
error.messageKey
-
you have data to be used to populate placeholders in the translated string (some
sprintf('test: %s', messageData)
see http://symfony.com/doc/current/book/translation.html#translations-in-templates -
you have a message domain
security
(optional way to organize messages into groups) see http://symfony.com/doc/current/components/translation/introduction.html#using-message-domains