User context caching

HTTP caching does not work out of the box when a session comes into play. Fortunately the FOSHttpCacheBundle has a feature called User Context.

In this document we will quickly go through the steps necessary to activate the User Context feature in Sulu.

Note

For more information about this topic visit the User Context page in the FOSHttpCacheBundle documentation.

  1. Uncomment the user_context_hash route in config/routes/fos_http_cache.yaml
user_context_hash:
    path: /_fos_user_context_hash
  1. Uncomment the user_context session in config/packages/fos_http_cache.yaml
fos_http_cache:
    user_context:
        enabled: true
        role_provider: true
        hash_cache_ttl: 0
  1. Uncomment the registration of the UserContextListener in src/Kernel.php
<?php

class Kernel extends SuluKernel implements HttpCacheProvider
{
    public function getHttpCache()
    {
        if (!$this->httpCache) {
            $this->httpCache = new SuluHttpCache($this);
            // Activate the following for user based caching see also:
            // https://foshttpcachebundle.readthedocs.io/en/latest/features/user-context.html
            //
            $this->httpCache->addSubscriber(
                new \FOS\HttpCache\SymfonyCache\UserContextListener([
                    'session_name_prefix' => 'SULUSESSID',
                ])
            );
        }

        return $this->httpCache;
    }
}
  1. Uncomment the security configuration in config/packages/security.yaml

Note

The Symfony Security component is used here, which has its own, very detailed, documentation.

security:
    encoders:
        Sulu\Bundle\SecurityBundle\Entity\User: bcrypt

    providers:
        sulu:
            id: sulu_security.user_provider

    firewalls:
        website:
            pattern: ^/
            anonymous: true
            lazy: true
            form_login:
                login_path: login
                check_path: login
            logout:
                path: logout
                target: /
            remember_me:
                secret:   "%kernel.secret%"
                lifetime: 604800 # 1 week in seconds
                path:     /

sulu_security:
    checker:
        enabled: true
  1. Make sure that Symfony’s SecurityBundle is registered for all contexts (by default it is only registered for the admin context) in config/bundles.php
Symfony\Bundle\SecurityBundle\SecurityBundle::class => ['all' => true],
  1. Add the login and logout routes to config/routes_website.yaml
login:
    path: /login
    controller:   Symfony\Bundle\FrameworkBundle\Controller\TemplateController
    defaults:
        template: static/login.html.twig

logout:
    path: /logout
  1. Implement the template for the login form in templates/static/login.html.twig
<form action="{{ path('login') }}" method="post">
    <label for="username">Username:</label>
    <input type="text" id="username" name="_username" />

    <label for="password">Password:</label>
    <input type="password" id="password" name="_password" />

    <button type="submit">login</button>
</form>

Note

The previous two steps could also be replaced by the SuluCommunityBundle, which helps you with creating login and registration forms. Additionally it helps you with creating opt-in emails and other tasks.

  1. Activate Permission Check for pages (optional)

If you want to allow the content manager to restrict pages to specific roles, you need to enable permission checks in your webspace configuration:

<security permission-check="true">
    <system>example</system>
</security>

Note

Make sure to create the anonymous role for the webspace by running the bin/console sulu:security:init command after enabling permission checks in your webspace configuration.