Symfony 2: How do I check if a user is not logged in inside a template?
Asked Answered
S

2

108

In Symfony 2 templates (using Twig), how can I effectively check whether a user is not logged in?

I don't want to use ROLE checks. I want a straightforward way to check if a user is not logged in.

I'm aware that comparing app.user.username with anon works, but that just doesn't feel right to me.

Suilmann answered 12/3, 2012 at 1:39 Comment(0)
B
200

You can check if app.user is set.

 {% if app.user %}
    # user is logged in
 {% else %}
    # user is not logged in
 {% endif %}
Boardinghouse answered 12/3, 2012 at 2:0 Comment(5)
Note that if you want to check if the user is NOT logged in you can use: {% if not app.user %}Lithia
Use {% if is_granted('IS_AUTHENTICATED_FULLY') %} instead. See Symfony2 doc : symfony.com/doc/current/book/…. Also available for Silex : silex.sensiolabs.org/doc/providers/…Lyrate
@Lyrate {% if is_granted('IS_AUTHENTICATED_FULLY') %} will only return true if the user has authenticated in the current session. It will return false if the user authenticated via a remember me cookie. Using {% if app.user %} is correct, if one wants to return true regardless of when the user authenticated.Germ
@Ronan, that doesn't work as it results in the following error: No Authentication Provider found for token of class "Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken".Ledeen
{% if app.security.token is null or app.security.token.user == 'anon.' %} that's how I got it working for meUtilitarianism
F
103

Although the current answer answers the OP's question, I would like to add more details.

I understand the OP did not want to check roles, but I am including them so other SO users can copy and paste from this in the future. - everytime I google this, I end up here!

Symfony Doc Sources:


Check if any user logged in (regardless of role)

As answered, you can use app.user to check if any user is logged in.

{% if app.user %}
    # user is logged in (any and all users, regardless of ROLE_*)
{% elseif not app.user %}
    # user is not logged in (note the `not` in the `elseif` statement)
{% endif %}

Checking authentication status

You can use the is_granted() method to check for ROLES, (The below are all roles assigned by symfony, You may also have you own roles (more below))

{% if is_granted('IS_AUTHENTICATED_FULLY') %}
    # This user entered their credentials THIS session
{% elseif is_granted('IS_AUTHENTICATED_REMEMBERED') %}
    # User logged in via a cookie (ie: Auth again before doing sensitive things)
{% elseif is_granted('IS_AUTHENTICATED_ANONYMOUSLY') %}
    # This is a `guest` or anonymous user
{% endif %}

from the docs:

IS_AUTHENTICATED_ANONYMOUSLY - automatically assigned to a user who is in a firewall protected part of the site but who has not actually logged in. This is only possible if anonymous access has been allowed.

IS_AUTHENTICATED_REMEMBERED - automatically assigned to a user who was authenticated via a remember me cookie.

IS_AUTHENTICATED_FULLY - automatically assigned to a user that has provided their login details during the current session.


Checking Roles

You can also use is_granted() to check for roles.
Assuming we have 3 roles (ROLE_SUPER_ADMIN, ROLE_ADMIN, & ROLE_USER)

{% if is_granted('ROLE_SUPER_ADMIN') -%}
    # You're `ROLE_SUPER_ADMIN`
{% elseif is_granted('ROLE_ADMIN') -%}
    # You're `ROLE_ADMIN`
{% elseif is_granted('ROLE_USER') -%}
    # You're `ROLE_USER`
{% else %}
    # You're a `nobody` ;P
{%- endif %}

Doing the above inside a controller

View the following answer: How to check if an user is logged in Symfony2 inside a controller?

Fennelly answered 12/5, 2014 at 15:21 Comment(5)
I'm just curious... what -%} and {%- stands for ? why not %} and {% ?Scintillate
The - removes all trailing whitespace so that it's more readable in the browser source source. More info here: twig.sensiolabs.org/doc/templates.html#whitespace-controlFennelly
Forgive me for bringing this old question to live again, but I think I read somewhere that app.user will not be null for anonymous users, isn't that correct? Wouldn't that mean that check for app.user is not sufficient?Concavoconvex
@Fennelly symfony.com/doc/2.8/templating/app_variable.html second parameter described is app.user, going like that The value stored in this variable can be a UserInterface object, any other object which implements a __toString() method or even a regular string.. I don't remember where I read that app.user returns "anon." string unfortunately and under what circumstances.Concavoconvex
@user1970395 The first line in the docs read The representation of the current user or null if there is none., so it will be null. A third party bundle could return a string if it's custom UserInterface implementation has a __toString() method which is called when anonymous.Fennelly

© 2022 - 2024 — McMap. All rights reserved.