config/packages/security.yaml

@@ -4,7 +4,12 @@ security:
         Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
     # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
     providers:
-        users_in_memory: { memory: null }
+        users_in_memory:
+             memory:
+                 users:
+                    user: { password: '123', roles: ['ROLE_ADMIN'] }
+                    admin: { password: '123', roles: ['ROLE_SUPER_ADMIN'] }
+
     firewalls:
         dev:
             pattern: ^/(_(profiler|wdt)|css|images|js)/
@@ -12,6 +17,9 @@ security:
         main:
             lazy: true
             provider: users_in_memory
+            custom_authenticator: App\Security\AdminPanelAuthenticator
+            form_login:
+                login_path: /admin/login
 
             # activate different ways to authenticate
             # https://symfony.com/doc/current/security.html#the-firewall
@@ -22,7 +30,8 @@ security:
     # Easy way to control access for large sections of your site
     # Note: Only the *first* access control that matches will be used
     access_control:
-        # - { path: ^/admin, roles: ROLE_ADMIN }
+         - { path: ^/admin/login, roles: PUBLIC_ACCESS }
+         - { path: ^/admin, roles: ROLE_ADMIN }
         # - { path: ^/profile, roles: ROLE_USER }
 
 when@test:

src/Controller/Admin/SecurityController.php

@@ -0,0 +1,18 @@
+<?php
+declare(strict_types=1);
+
+namespace App\Controller\Admin;
+
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Attribute\Route;
+
+class SecurityController extends AbstractController
+{
+    #[Route(path: '/admin/login', name: 'admin_login', methods: Request::METHOD_GET)]
+    public function login(): Response
+    {
+        return $this->render('admin/login.html.twig');
+    }
+}

src/Security/AdminPanelAuthenticator.php

@@ -0,0 +1,45 @@
+<?php
+
+namespace App\Security;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
+use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
+
+class AdminPanelAuthenticator extends AbstractAuthenticator
+{
+    public function supports(Request $request): ?bool
+    {
+        return str_starts_with($request->getRequestUri(), '/admin');
+    }
+
+    public function authenticate(Request $request): Passport
+    {
+        throw new CustomUserMessageAuthenticationException();
+    }
+
+    public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
+    {
+        return null;
+    }
+
+    public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
+    {
+        return null;
+    }
+
+    //    public function start(Request $request, ?AuthenticationException $authException = null): Response
+    //    {
+    //        /*
+    //         * If you would like this class to control what happens when an anonymous user accesses a
+    //         * protected page (e.g. redirect to /login), uncomment this method and make this class
+    //         * implement Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface.
+    //         *
+    //         * For more details, see https://symfony.com/doc/current/security/experimental_authenticators.html#configuring-the-authentication-entry-point
+    //         */
+    //    }
+}

templates/admin/login.html.twig

@@ -0,0 +1,18 @@
+{% extends 'base.html.twig' %}
+
+{% block body %}
+        <div>
+            <h2>Login</h2>
+            <form >
+                <div>
+                    <label>Username</label>
+                    <input type="text" placeholder="Enter your username">
+                </div>
+                <div >
+                    <label>Password</label>
+                    <input type="password" placeholder="Enter your password">
+                </div>
+                <button>Login</button>
+            </form>
+        </div>
+{% endblock %}