[SOLVED] Symfony 7 ERR_TOO_MANY_REDIRECTS error on login

Symfony 7 ERR_TOO_MANY_REDIRECTS error on login

Sorry for my bad english, it is not my first language.

I'm developing an application in Symfony 7, where you can only access the app if you are logged in. I followed the Symfony documentation to generate registration and login process. I have these pages now, I can create a user, and log in with it.

Here is my security.yaml file:

security:
# https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
password_hashers:
    Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
# https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
providers:
    # used to reload user from session & other features (e.g. switch_user)
    app_user_provider:
        entity:
            class: App\Entity\User
            property: email
firewalls:
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false
    main:
        lazy: true
        provider: app_user_provider
        form_login:
            login_path: app_login
            check_path: app_login
            enable_csrf: true
            default_target_path: app_dashboard
        logout:
            path: app_logout
            # where to redirect after logout
            target: app_login

        # activate different ways to authenticate
        # https://symfony.com/doc/current/security.html#the-firewall

        # https://symfony.com/doc/current/security/impersonating_user.html
        # switch_user: true

# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
    - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/logout, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }

    - { path: ^/, roles: IS_AUTHENTICATED_FULLY }

When I try to access the page, and I logged out, it is always redirecting to the login url and I get a ERR_TOO_MANY_REDIRECTS error on the page.

I assume that the problem is with the order of the access_control section, but I belive it should be working in this order.

What could cause this issue?

Solution

SOLVED

I've use the PUBLIC_ACCESS to make the login and register page accesable without login. This in working now

    access_control:
        - { path: ^/login, roles: PUBLIC_ACCESS }
        - { path: ^/logout, roles: PUBLIC_ACCESS }
        - { path: ^/register, roles: PUBLIC_ACCESS }

        - { path: ^/, roles: IS_AUTHENTICATED_FULLY }