2

I have an application running with Symfony5 and ApiPlatform using JWT in which I want some user not to be able to log in under some condition

So I have a listener LoginListener as follow:

public function onAuthenticationSuccess(AuthenticationSuccessEvent $event)
{
        $user = $event->getUser();
        if ($user->someCondition) {               
          throw new MyAccessDeniedException(json_encode('Ce compte n\'est plus actif.'));
        }
}

The exception class used is only that :

<?php

namespace App\Exception;

use Symfony\Component\Security\Core\Exception\AccessDeniedException;

class MyAccessDeniedException extends AccessDeniedException
{
}

I use this exception to throw a 403 pretty often in different cases, including in some other listeners.

The issue here is that, instead of returning an exception under json format, easily usable by the frontend, it returns an html page exception from symfony.

For example this is the kind of issue I'm trying to return, istead of the HTML :

"@context":"\/contexts\/Error","@type":"hydra:Error","hydra:title":"An error occurred","hydra:description":"Some error message","trace":[{"namespace":"","short_class":"","class":"",.....}

Does anyone knows why, on this particular exception the render of the exception turn out to be HTML and not JSON ? And if there is a workaround to this issue ?

Thanks !

Improve this question
2
  • 1
    Are you running in dev mode or prod? If you're in dev mode with the debug bar enabled then I think Symfony renders errors as HTMLs. In prod mode they should be returned as JSON. Commented Jun 17, 2021 at 8:07
  • Sorrry for the late response, I'm in dev, but have multiple exceptions triggered like that one, (exact same excpetions) that render properly in json compared to this one Commented Jun 22, 2021 at 11:47

3 Answers 3

Reset to default
1

As I couldn't figure out why HTML was returned, as this same exceptions triggered at other places do return the expected JSON, I tried to fire other exceptions like badRequestException() It worked for me, it does not resolve the issue but is an acceptable fix to it in my case

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

You can perform response by Listener here I wrote article how it carried out

Improve this answer

Comments

0

You might want to create an AccessDeniedHandler. See Symfony docs

You can create your response with something like :

return new JsonResponse($event->getMessage(), 403); 
// in your example, getMessage() returns your encoded error

Or if you have multiple and different AccessDeniedException, you can use an AccessDeniedListener. See Symfony docs

Improve this answer

1 Comment

Thanks for your comment and sorry for the late response, I tried return a JsonResponse() but it let the user connect and does not block him as I wanted. I found another fix, which get the work done

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.