How to Implement a Simple Registration Form
Warning: You are browsing the documentation for Symfony 2.x, which is no longer maintained.
Read the updated version of this page for Symfony 7.2 (the current stable version).
Creating a registration form is pretty easy - it really means just creating
a form that will update some User
model object (a Doctrine entity in this
example) and then save it.
Tip
The popular FOSUserBundle provides a registration form, reset password form and other user management functionality.
If you don't already have a User
entity and a working login system,
first start with How to Load Security Users from the Database (the Entity Provider).
Your User
entity will probably at least have the following fields:
username
- This will be used for logging in, unless you instead want your user to login via email (in that case, this field is unnecessary).
email
- A nice piece of information to collect. You can also allow users to login via email.
password
- The encoded password.
plainPassword
-
This field is not persisted: (notice no
@ORM\Column
above it). It temporarily stores the plain password from the registration form. This field can be validated and is then used to populate thepassword
field.
With some validation added, your class may look something like this:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117
// src/AppBundle/Entity/User.php
namespace AppBundle\Entity;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Validator\Constraints as Assert;
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* @ORM\Entity
* @UniqueEntity(fields="email", message="Email already taken")
* @UniqueEntity(fields="username", message="Username already taken")
*/
class User implements UserInterface
{
/**
* @ORM\Id
* @ORM\Column(type="integer")
* @ORM\GeneratedValue(strategy="AUTO")
*/
private $id;
/**
* @ORM\Column(type="string", length=255, unique=true)
* @Assert\NotBlank
* @Assert\Email
*/
private $email;
/**
* @ORM\Column(type="string", length=255, unique=true)
* @Assert\NotBlank
*/
private $username;
/**
* @Assert\NotBlank
* @Assert\Length(max=4096)
*/
private $plainPassword;
/**
* The below length depends on the "algorithm" you use for encoding
* the password, but this works well with bcrypt.
*
* @ORM\Column(type="string", length=64)
*/
private $password;
/**
* @ORM\Column(type="array")
*/
private $roles;
public function __construct()
{
$this->roles = array('ROLE_USER');
}
// other properties and methods
public function getEmail()
{
return $this->email;
}
public function setEmail($email)
{
$this->email = $email;
}
public function getUsername()
{
return $this->username;
}
public function setUsername($username)
{
$this->username = $username;
}
public function getPlainPassword()
{
return $this->plainPassword;
}
public function setPlainPassword($password)
{
$this->plainPassword = $password;
}
public function getPassword()
{
return $this->password;
}
public function setPassword($password)
{
$this->password = $password;
}
public function getSalt()
{
// The bcrypt algorithm doesn't require a separate salt.
// You *may* need a real salt if you choose a different encoder.
return null;
}
public function getRoles()
{
return $this->roles;
}
public function eraseCredentials()
{
}
}
The UserInterface requires
a few other methods and your security.yml
file needs to be configured
properly to work with the User
entity. For a more complete example, see
the Entity Provider article.
Create a Form for the Entity
Next, create the form for the User
entity:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
// src/AppBundle/Form/UserType.php
namespace AppBundle\Form;
use AppBundle\Entity\User;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolver;
use Symfony\Component\Form\Extension\Core\Type\EmailType;
use Symfony\Component\Form\Extension\Core\Type\TextType;
use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
use Symfony\Component\Form\Extension\Core\Type\PasswordType;
class UserType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder
->add('email', EmailType::class)
->add('username', TextType::class)
->add('plainPassword', RepeatedType::class, array(
'type' => PasswordType::class,
'first_options' => array('label' => 'Password'),
'second_options' => array('label' => 'Repeat Password'),
))
;
}
public function configureOptions(OptionsResolver $resolver)
{
$resolver->setDefaults(array(
'data_class' => User::class,
));
}
}
There are just three fields: email
, username
and plainPassword
(repeated to confirm the entered password).
Tip
To explore more things about the Form component, read the Forms guide.
Handling the Form Submission
Next, you need a controller to handle the form rendering and submission. If the form is submitted, the controller performs the validation and saves the data into the database:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46
// src/AppBundle/Controller/RegistrationController.php
namespace AppBundle\Controller;
use AppBundle\Form\UserType;
use AppBundle\Entity\User;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
class RegistrationController extends Controller
{
/**
* @Route("/register", name="user_registration")
*/
public function registerAction(Request $request)
{
// 1) build the form
$user = new User();
$form = $this->createForm(UserType::class, $user);
// 2) handle the submit (will only happen on POST)
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
// 3) Encode the password (you could also do this via Doctrine listener)
$password = $this->get('security.password_encoder')
->encodePassword($user, $user->getPlainPassword());
$user->setPassword($password);
// 4) save the User!
$entityManager = $this->getDoctrine()->getManager();
$entityManager->persist($user);
$entityManager->flush();
// ... do any other work - like sending them an email, etc
// maybe set a "flash" success message for the user
return $this->redirectToRoute('replace_with_some_route');
}
return $this->render(
'registration/register.html.twig',
array('form' => $form->createView())
);
}
}
To define the algorithm used to encode the password in step 3 configure the encoder in the security configuration:
1 2 3 4
# app/config/security.yml
security:
encoders:
AppBundle\Entity\User: bcrypt
In this case the recommended bcrypt algorithm is used. If needed, check out the user password encoding article.
Note
If you decide to NOT use annotation routing (shown above), then you'll need to create a route to this controller:
1 2 3 4
# app/config/routing.yml
user_registration:
path: /register
defaults: { _controller: AppBundle:Registration:register }
Next, create the template:
1 2 3 4 5 6 7 8 9 10
{# app/Resources/views/registration/register.html.twig #}
{{ form_start(form) }}
{{ form_row(form.username) }}
{{ form_row(form.email) }}
{{ form_row(form.plainPassword.first) }}
{{ form_row(form.plainPassword.second) }}
<button type="submit">Register!</button>
{{ form_end(form) }}
See How to Customize Form Rendering for more details.
Update your Database Schema
If you've updated the User
entity during this tutorial, you have to update
your database schema using this command:
1
$ php app/console doctrine:schema:update --force
That's it! Head to /register
to try things out!
Having a Registration form with only Email (no Username)
If you want your users to login via email and you don't need a username, then you
can remove it from your User
entity entirely. Instead, make getUsername()
return the email
property:
1 2 3 4 5 6 7 8 9 10 11 12 13 14
// src/AppBundle/Entity/User.php
// ...
class User implements UserInterface
{
// ...
public function getUsername()
{
return $this->email;
}
// ...
}
Next, just update the providers
section of your security.yml
file
so that Symfony knows how to load your users via the email
property on
login. See How to Load Security Users from the Database (the Entity Provider).
Adding a "accept terms" Checkbox
Sometimes, you want a "Do you accept the terms and conditions" checkbox on your
registration form. The only trick is that you want to add this field to your form
without adding an unnecessary new termsAccepted
property to your User
entity
that you'll never need.
To do this, add a termsAccepted
field to your form, but set its
mapped option to false
:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
// src/AppBundle/Form/UserType.php
// ...
use Symfony\Component\Validator\Constraints\IsTrue;
use Symfony\Component\Form\Extension\Core\Type\CheckboxType;
use Symfony\Component\Form\Extension\Core\Type\EmailType;
class UserType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder
->add('email', EmailType::class);
// ...
->add('termsAccepted', CheckboxType::class, array(
'mapped' => false,
'constraints' => new IsTrue(),
))
);
}
}
The constraints option is also used, which allows
us to add validation, even though there is no termsAccepted
property on User
.