Block login page for logged in users

[Carrancio]

This PR blocks the login page for logged in users.

[javiereguiluz]

@Carrancio thanks for this contribution.

As you know, this app is "the reference Symfony app" and lots of people (not only newcomers) look into it to check how things are done. So it's very important that we only do what Symfony really promotes as a best practice.

Although your proposal is technical correct ... I wonder if this is something we should do and promote. I've never seen this in a Symfony app ... and we don't recommend this in Symfony Docs. But that doesn't mean that your proposal is wrong. I just want to wait and read more opinions about this. Thanks.

[mbabker]

I'd say this is a good practice to follow, even if not promoted in documentation. As an authenticated user, if I visit the login page and see a login form I would be mildly confused as to why I'm seeing it. So this is a check I implement in my apps.

FWIW Laravel ships a middleware in their skeleton application, enabled by default, that allows you to define routes and/or controllers that should be accessed by guests only (and this is applied to the default LoginController). Another practical example would be trying to reach https://github.com/login while logged in here on GitHub.

[javiereguiluz]

@Carrancio this is now merged! Thanks ... and congrats on your first Symfony Demo contribution.

Note: while merging, we refactored the code to use the Symfony\Component\Security\Core\Security class, which is the recommended in the Symfony Docs.