Wow! I can add this to #30501 <3, WDYT?

@HeahDude while writing the PR description, I was telling myself that the full namespaces where not user friendly! Your PR looks like the missing part, it would be awesome if you add support for this new controller!

Two quick questions:

• Can't you solve this today with a Template controller that renders templates/security/login_success.json.twig and contains {"status": "success"} ?
• Apart from this JSON login use case, can you imagine any other common use case?

Thanks.

@javiereguiluz

Can't you solve this today with a Template controller

It creates a dependency to Twig (not wanted in case of an API), and requires the user to create one extra file.

Apart from this JSON login use case, can you imagine any other common use case?

I think that's a common use case:

• Health check URL for Kubernetes / Nagios / whatever returning a 200 OK and a predefined string
• Secret URL returning a token proving you're the owner of a domain (Google Analytics validation for instance)

If this is accepted ... I suggest to rename SimpleController as ContentController ... because this is a controller that returns the given content as its response. Also ... the shortcut would be called content, so it'd be consistent.

What about RawContentController?

another one: StaticController :)

👍 for StaticController

For what it worth, I don't really like it because I like when everything is declared in one place.
With this, there will be some "controllers" in the routing.yml and others in App\Controller\*

That why I even do this for "security controller":

/**
 * @Route("/logout", name="logout")
 */
public function logout()
{
    throw new \BadMethodCallException('The security layer should handle this route.');
}

@lyrixx your example doesn't work for json_login.

@dunglas This particular example is not really related with your use case. It's just an explanation on why I don't like it.

About your exemple, did you know you can (should?) use route name in the security bundle? instead of check_path: /login you can use check_path: login

I'm not convinced about the DX improvement, it doesn't bring much imo, but a new way to do something we can already do easily and quickly, with some PHP code that every newcomer in Symfony can understand.

@lyrixx yes but I've just copied the docs :) Maybe should we update it.

Hi, i've just a question on it.

Does it is a kind of upgrade of FrameworkBundle:Template:template/Symfony\Bundle\FrameworkBundle\Controller\TemplateController::templateAction?

If it is, IMO this controller (FrameworkBundle:Template:template/Symfony\Bundle\FrameworkBundle\Controller\TemplateController::templateAction) might be renamed to StaticController because they are pretty similar or make it an implementation of the new StaticController.

What do you think about that ?

Not convinced this is that useful.

Sorry for the misclick :)
About the described use case, the right way to set a success response on a json_login listener remains to create an AuthenticationSuccessHandlerInterface implementation and set it as success_handler. Although it looks "simpler", I think it would be confusing to document this feature as such, and could lead to people handling more security stuff in controllers which I recommend to avoid as it means going "outside" of the security system, potentially skipping some important security events or (worse) creating security holes more easily.

Let's close.