Clever Geek Handbook

Symfony2 difference between error.message and error.messageKey

I am implementing a simple custom login form. I follow two different examples, the official one http://symfony.com/doc/current/cookbook/security/form_login_setup.html and the other https://knpuniversity.com/screencast/symfony2-ep2/logout#play which is essentially is the same with some differences. If you look at login.html.twig from the two examples, one difference is the error message in which the first reports

<div class="error">{{ error.message|trans }}</div>

and the rest of the reports

div class="error">{{ error.messageKey|trans(error.messageData, 'security') }}</div>

Please, here's my question: what's the difference between "error.message" and "error.messageKey" and what does error.messageData mean in the second example?

+3


source to share


2 answers


In the second example, according to the doc you provided:

"The error variable passed to the template is an AuthenticationException instance. It can contain more information or even sensitive information about the authentication error, so use it wisely!"

And the associated class:

http://api.symfony.com/2.7/Symfony/Component/Security/Core/Exception/AuthenticationException.html

So the variable error

posted to the template and the object gets:

$error = $authenticationUtils->getLastAuthenticationError();

In the first example, the variable error

is a class constant obtained:

$error = $session->get(SecurityContextInterface::AUTHENTICATION_ERROR);

And the associated class:

http://api.symfony.com/2.0/Symfony/Component/Security/Core/SecurityContextInterface.html

So, you can see that both variables error

have the same name! They are not instances of the same class

** EDIT **

This is a response to your comment. Both methods do the same job

1. First method

class AuthenticationUtils
{
    /**
     * @param bool $clearSession
     *
     * @return AuthenticationException|null
     */
    public function getLastAuthenticationError($clearSession = true)
    {
        $request = $this->getRequest();
        $session = $request->getSession();
        $authenticationException = null;

        if ($request->attributes->has(Security::AUTHENTICATION_ERROR)) {
            $authenticationException = $request->attributes->get(Security::AUTHENTICATION_ERROR);
        } elseif ($session !== null &&   $session->has(Security::AUTHENTICATION_ERROR)) {
            $authenticationException = $session->get(Security::AUTHENTICATION_ERROR);

            if ($clearSession) {
                $session->remove(Security::AUTHENTICATION_ERROR);
            }
        }

        return $authenticationException;
    }



class AuthenticationException extends \RuntimeException implements \Serializable
  {


   /**
    * Message key to be used by the translation component.
    *
    * @return string
    */
   public function getMessageKey()
   {
       return 'An authentication exception occurred.';
   }

   /**
    * Message data to be used by the translation component.
    *
    * @return array
    */
   public function getMessageData()
   {
       return array();
   }
 }


So:

$ error = $ authenticationUtils-> getLastAuthenticationError ();

Further

{{error.messageKey | trans (error.messageData, 'security')}}

Will return:

'An authentication exception occurred.'

2. Second method

interface SecurityContextInterface extends TokenStorageInterface, AuthorizationCheckerInterface
{
   const AUTHENTICATION_ERROR = Security::AUTHENTICATION_ERROR;
}

final class Security
{
    const AUTHENTICATION_ERROR = '_security.last_error';
}

So,

$ error = $ session-> get (SecurityContextInterface :: AUTHENTICATION_ERROR);

Further

{{error.message | trans}}

Will return

last authentication error saved in session

+3


source


in the first case ( error.message|trans

) error.message

just contains the translation key.

the second ( error.messageKey|trans(error.messageData, 'security')

) is a little more complicated:



+1


source






More articles:


All Articles