Skip to main content

Sylius Customer Force Login Module 0.1.0

· 2 min read
Stephan Hochdörfer
Stephan Hochdörfer
Head of IT Business Operations

In the Sylius administrative view, users are required to log in. However, in the storefront view, visitors can navigate freely as guests. Sylius does not offer built-in support if you prefer not to allow guest visitors to access your website without a valid login.

This is where our new Customer Force Login plugin for Sylius comes into play. By default, the plugin redirects not-logged-in customers to your Sylius store's login form. Once logged in, customers can browse all taxons and products as before. Since it makes sense to allow browsing of some pages, Sylius administrators can manage a whitelist of URLs that should be accessible without a valid login.

The Force Login plugin can be installed via Composer:

composer require bitexpert/sylius-force-login-plugin

After that, enable the plugin in the config/bundles.php file like this:

<?php
return [
    // ...

    BitExpert\SyliusForceCustomerLoginPlugin\BitExpertSyliusForceCustomerLoginPlugin::class => ['all' => true],
];

Next, you need to import the plugins' configuration in config/packages/_sylius.yaml:

imports:
    # ...

    - { resource: "@BitExpertSyliusForceCustomerLoginPlugin/Resources/config/config.yml" }
    
    # ...

Import the plugin's routing configuration by adding the file config/routes/bitexpert_sylius_force_login.yaml with the following content to your project:

bitexpert_sylius_forcelogin:
  resource: "@BitExpertSyliusForceCustomerLoginPlugin/Resources/config/admin_routing.yml"
  prefix: '/%sylius_admin.path_name%'

As a last step, update your database schema by running the following commands:

php bin/console doctrine:migrations:diff
php bin/console doctrine:migrations:migrate

Once you have completed all installation steps, you can browse the Force Customer Login in Sylius Admin by accessing the Configuration > Force Login menu item. Here, you can add new whitelist rules.

Each whitelist rule consists of a URL rule (the string to match the URL the customer is accessing) as well as a strategy that defines how the URL route is matched. You can choose between a static match, a regex match, or a negated regex match.

If you find the plugin useful, let us know!