Goal
Implement authenticated user login so the rest of the application can rely on a User identity.
Depends on
Scope
- A
User entity with the standard Symfony fields (email as identifier, hashed password, roles).
- Doctrine migration for the
user table.
- Symfony Security configured with a form login (
make:security:form-login as a starting point — review the result, do not accept blindly).
- Login route + minimal Twig template.
- Logout route wired up.
- Fixtures for two users
- Console commands for creating user, and change user password
Out of scope
- Password reset / email verification flows
- OAuth / SSO providers
- Roles & permissions beyond
ROLE_USER
Acceptance criteria
Notes
Keep controllers thin per project conventions — auth logic lives in a service, not the controller.
Design reference
Prototype & design direction: Login — #/login
Goal
Implement authenticated user login so the rest of the application can rely on a
Useridentity.Depends on
Scope
Userentity with the standard Symfony fields (emailas identifier, hashedpassword,roles).usertable.make:security:form-loginas a starting point — review the result, do not accept blindly).Out of scope
ROLE_USERAcceptance criteria
Userentity + migration committedsecurity.yamlconfigured with a form login firewall/loginrenders, accepts credentials, sets the session, redirects on success/logoutclears the sessionNotes
Keep controllers thin per project conventions — auth logic lives in a service, not the controller.
Design reference
Prototype & design direction: Login —
#/login