[make:auth] Use LogoutRouteLoader for logout route when available

src/Maker/MakeAuthenticator.php

@@ -275,7 +275,8 @@ public function generate(InputInterface $input, ConsoleStyle $io, Generator $gen
                 $input->hasArgument('user-class') ? $input->getArgument('user-class') : null,
                 $input->hasArgument('logout-setup') ? $input->getArgument('logout-setup') : false,
                 $supportRememberMe,
-                $alwaysRememberMe
+                $alwaysRememberMe,
+                !file_exists('config/routes/security.yaml'),
             )
         );
     }
@@ -380,10 +381,6 @@ private function generateFormLoginFiles(string $controllerClass, string $userNam
 
         $this->securityControllerBuilder->addLoginMethod($manipulator);
 
-        if ($logoutSetup) {
-            $this->securityControllerBuilder->addLogoutMethod($manipulator);
-        }
-
         $this->generator->dumpFile($controllerPath, $manipulator->getSourceCode());
 
         // create login form template
@@ -401,7 +398,7 @@ private function generateFormLoginFiles(string $controllerClass, string $userNam
         );
     }
 
-    private function generateNextMessage(bool $securityYamlUpdated, string $authenticatorType, string $authenticatorClass, $userClass, bool $logoutSetup, bool $supportRememberMe, bool $alwaysRememberMe): array
+    private function generateNextMessage(bool $securityYamlUpdated, string $authenticatorType, string $authenticatorClass, $userClass, bool $logoutSetup, bool $supportRememberMe, bool $alwaysRememberMe, bool $hasSecurityRouteFile): array
     {
         $nextTexts = ['Next:'];
         $nextTexts[] = '- Customize your new authenticator.';
@@ -429,6 +426,11 @@ private function generateNextMessage(bool $securityYamlUpdated, string $authenti
             $nextTexts[] = '- Review & adapt the login template: <info>'.$this->fileManager->getPathForTemplate('security/login.html.twig').'</info>.';
         }
 
+        // If the security.logout_route_loader is not loaded from the default flex recipe
+        if (!$hasSecurityRouteFile) {
+            $nextTexts[] = '- Be sure to add the "logout" route to <info>config/routes/security.yaml</info> or upgrade the <info>symfony/security-bundle</info> recipe.';
+        }
+
         return $nextTexts;
     }
 

src/Maker/Security/MakeFormLogin.php

@@ -24,7 +24,6 @@
 use Symfony\Bundle\MakerBundle\Security\SecurityConfigUpdater;
 use Symfony\Bundle\MakerBundle\Security\SecurityControllerBuilder;
 use Symfony\Bundle\MakerBundle\Str;
-use Symfony\Bundle\MakerBundle\Util\ClassSourceManipulator;
 use Symfony\Bundle\MakerBundle\Util\UseStatementGenerator;
 use Symfony\Bundle\MakerBundle\Util\YamlSourceManipulator;
 use Symfony\Bundle\MakerBundle\Validator;
@@ -133,7 +132,7 @@ public function generate(InputInterface $input, ConsoleStyle $io, Generator $gen
         $controllerNameDetails = $generator->createClassNameDetails($this->controllerName, 'Controller\\', 'Controller');
         $templatePath = strtolower($controllerNameDetails->getRelativeNameWithoutSuffix());
 
-        $controllerPath = $generator->generateController(
+        $generator->generateController(
             $controllerNameDetails->getFullName(),
             'security/formLogin/LoginController.tpl.php',
             [
@@ -143,14 +142,6 @@ public function generate(InputInterface $input, ConsoleStyle $io, Generator $gen
             ]
         );
 
-        if ($this->willLogout) {
-            $manipulator = new ClassSourceManipulator($generator->getFileContentsForPendingOperation($controllerPath));
-
-            $this->securityControllerBuilder->addLogoutMethod($manipulator);
-
-            $generator->dumpFile($controllerPath, $manipulator->getSourceCode());
-        }
-
         $generator->generateTemplate(
             sprintf('%s/login.html.twig', $templatePath),
             'security/formLogin/login_form.tpl.php',

src/Resources/skeleton/security/formLogin/login_form.tpl.php

@@ -11,7 +11,7 @@
 <?php if ($logout_setup): ?>
         {% if app.user %}
             <div class="mb-3">
-                You are logged in as {{ app.user.userIdentifier }}, <a href="{{ path('app_logout') }}">Logout</a>
+                You are logged in as {{ app.user.userIdentifier }}, <a href="{{ logout_path() }}">Logout</a>
             </div>
         {% endif %}
 

src/Security/SecurityConfigUpdater.php

@@ -111,7 +111,7 @@ public function updateForAuthenticator(string $yamlSource, string $firewallName,
         }
 
         if (!isset($firewall['logout']) && $logoutSetup) {
-            $firewall['logout'] = ['path' => 'app_logout'];
+            $firewall['logout'] = ['path' => '/logout'];
             $firewall['logout'][] = $this->manipulator->createCommentLine(
                 ' where to redirect after logout'
             );
@@ -172,7 +172,7 @@ public function updateForLogout(string $yamlSource, string $firewallName): strin
      */
     private function configureLogout(array $securityData, string $firewallName): void
     {
-        $securityData['security']['firewalls'][$firewallName]['logout'] = ['path' => 'app_logout'];
+        $securityData['security']['firewalls'][$firewallName]['logout'] = ['path' => '/logout'];
         $securityData['security']['firewalls'][$firewallName]['logout'][] = $this->manipulator->createCommentLine(
             ' where to redirect after logout'
         );

tests/Maker/MakeAuthenticatorTest.php

@@ -271,7 +271,7 @@ public function getTestDetails(): \Generator
 
                 $securityConfig = $runner->readYaml('config/packages/security.yaml');
                 $this->assertEquals(
-                    'app_logout',
+                    '/logout',
                     $securityConfig['security']['firewalls']['main']['logout']['path']
                 );
             }),

tests/Maker/Security/MakeFormLoginTest.php

@@ -48,7 +48,7 @@ public function getTestDetails(): \Generator
                 $this->assertSame('app_login', $securityConfig['security']['firewalls']['main']['form_login']['login_path']);
                 $this->assertSame('app_login', $securityConfig['security']['firewalls']['main']['form_login']['check_path']);
                 $this->assertTrue($securityConfig['security']['firewalls']['main']['form_login']['enable_csrf']);
-                $this->assertSame('app_logout', $securityConfig['security']['firewalls']['main']['logout']['path']);
+                $this->assertSame('/logout', $securityConfig['security']['firewalls']['main']['logout']['path']);
 
                 $this->runLoginTest($runner);
             }),
@@ -66,7 +66,7 @@ public function getTestDetails(): \Generator
                 $this->assertStringContainsString('Success', $output);
                 $fixturePath = \dirname(__DIR__, 2).'/fixtures/security/make-form-login/expected';
 
-                $this->assertFileEquals($fixturePath.'/SecurityControllerWithoutLogout.php', $runner->getPath('src/Controller/SecurityController.php'));
+                $this->assertFileEquals($fixturePath.'/SecurityController.php', $runner->getPath('src/Controller/SecurityController.php'));
                 $this->assertFileEquals($fixturePath.'/login_no_logout.html.twig', $runner->getPath('templates/security/login.html.twig'));
 
                 $securityConfig = $runner->readYaml('config/packages/security.yaml');
@@ -96,7 +96,7 @@ public function getTestDetails(): \Generator
 
                 $this->assertSame('app_login', $securityConfig['security']['firewalls']['main']['form_login']['login_path']);
                 $this->assertSame('app_login', $securityConfig['security']['firewalls']['main']['form_login']['check_path']);
-                $this->assertSame('app_logout', $securityConfig['security']['firewalls']['main']['logout']['path']);
+                $this->assertSame('/logout', $securityConfig['security']['firewalls']['main']['logout']['path']);
             }),
         ];
     }

tests/Security/yaml_fixtures/expected_authenticator/simple_security_with_firewalls_and_logout.yaml

@@ -16,6 +16,6 @@ security:
             # the entry_point start() method determines what happens when an anonymous user accesses a protected page
             entry_point: App\Security\AppCustomAuthenticator
             logout:
-                path: app_logout
+                path: /logout
                 # where to redirect after logout
                 # target: app_any_route

tests/Security/yaml_fixtures/expected_logout/logout.yaml

@@ -12,6 +12,6 @@ security:
         main:
             lazy: true
             logout:
-                path: app_logout
+                path: /logout
                 # where to redirect after logout
                 # target: app_any_route

tests/fixtures/security/make-form-login/expected/LoginController.php

@@ -23,10 +23,4 @@ public function login(AuthenticationUtils $authenticationUtils): Response
             'error' => $error,
         ]);
     }
-
-    #[Route(path: '/logout', name: 'app_logout')]
-    public function logout(): void
-    {
-        throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
-    }
 }

tests/fixtures/security/make-form-login/expected/SecurityController.php

@@ -23,10 +23,4 @@ public function login(AuthenticationUtils $authenticationUtils): Response
             'error' => $error,
         ]);
     }
-
-    #[Route(path: '/logout', name: 'app_logout')]
-    public function logout(): void
-    {
-        throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
-    }
 }

tests/fixtures/security/make-form-login/expected/login.html.twig

@@ -10,7 +10,7 @@
 
         {% if app.user %}
             <div class="mb-3">
-                You are logged in as {{ app.user.userIdentifier }}, <a href="{{ path('app_logout') }}">Logout</a>
+                You are logged in as {{ app.user.userIdentifier }}, <a href="{{ logout_path() }}">Logout</a>
             </div>
         {% endif %}