afup · Mopolo · Apr 3, 2026
@@ -24,16 +24,16 @@ security:
             security: false
 
         legacy_secured_area:
-            pattern: ^(/admin/|/event/\w+/tickets|/association/techletter|/member)
+            pattern: ^(/admin/|/event/\w+/tickets|/association/techletter|/member|/login|/logout)
             provider: database_users
             logout:
-                path:   /admin/logout
+                path:   /logout
                 target: /
             form_login:
                 username_parameter: utilisateur
                 password_parameter: mot_de_passe
-                login_path: admin_login
-                check_path: admin_login
+                login_path: app_login
+                check_path: app_login
                 default_target_path: /member/
                 enable_csrf: true
             context: share_context
@@ -51,7 +51,7 @@ security:
     access_control:
         - { path: ^/event/vote/, roles: ROLE_GITHUB }
         - { path: ^(/event/.*/(vote|cfp|speaker-infos)|/connect/github/check|/event/speaker-infos), roles: ROLE_GITHUB }
-        - { path: ^/admin/(login|register|password), roles: PUBLIC_ACCESS }
+        - { path: ^/(login|register|password-reset), roles: PUBLIC_ACCESS }
         - { path: ^/admin/techletter/members, roles: ROLE_ADMIN }
         - { path: ^/admin/techletter, roles: ROLE_VEILLE }
         - { path: ^/admin/company, roles: ROLE_COMPANY_MANAGER }

@@ -86,3 +86,6 @@ presta_sitemap:
 
 global:
     resource: "routing/global.yml"
+
+auth:
+    resource: "routing/auth.yml"
@@ -10,17 +10,6 @@ admin_void:
   path: /void
   defaults: {_controller: AppBundle\Controller\LegacyController::backOffice}
 
-admin_login:
-  path: /login
-  defaults: {_controller: AppBundle\Controller\Admin\LoginAction}
-
-admin_logout:
-  path: /logout
-
-admin_password:
-  path: /password
-  defaults: {_controller: AppBundle\Controller\Admin\LostPasswordAction}
-
 admin_members:
     resource: "admin_members.yml"
     prefix: /members

@@ -0,0 +1,31 @@
+app_login:
+    path: /login
+    defaults: {_controller: AppBundle\Controller\Auth\LoginAction}
+
+auth_old_login:
+    path: /admin/login
+    controller: Symfony\Bundle\FrameworkBundle\Controller\RedirectController
+    defaults:
+        route: 'app_login'
+        permanent: true
+
+app_logout:
+    path: /logout
+
+auth_old_logout:
+    path: /admin/logout
+    controller: Symfony\Bundle\FrameworkBundle\Controller\RedirectController
+    defaults:
+        route: 'app_logout'
+        permanent: true
+
+app_password_reset:
+    path: /password-reset
+    defaults: {_controller: AppBundle\Controller\Auth\LostPasswordAction}
+
+auth_old_password:
+    path: /admin/password
+    controller: Symfony\Bundle\FrameworkBundle\Controller\RedirectController
+    defaults:
+        route: 'app_password_reset'
+        permanent: true
@@ -54,4 +54,4 @@ RewriteRule ^ask/forum/? https://event.afup.org [R=301,L]
 RewriteRule ^ask/? / [R=301,L]
 
 ## This url are handled by symfony
-RewriteRule (event|connect|_|association|talks|meetups|blog|admin|p|home|news|techno_watch|member|rss.xml)/? /index.php [END]
+RewriteRule (event|connect|_|association|talks|meetups|blog|admin|p|home|news|techno_watch|member|login|logout|password-reset|rss.xml)/? /index.php [END]
@@ -39,7 +39,7 @@ public function resetPassword(User $user): void
         $this->userRepository->save($user);
 
         $login = $user->getUsername();
-        $url = $this->urlGenerator->generate('admin_login', [], UrlGeneratorInterface::ABSOLUTE_URL);
+        $url = $this->urlGenerator->generate('app_login', [], UrlGeneratorInterface::ABSOLUTE_URL);
         $message = new Message(
             'AFUP : Mot de passe perdu ?',
             new MailUser($this->sender),

@@ -2,18 +2,18 @@
 
 declare(strict_types=1);
 
-namespace AppBundle\Controller\Admin;
+namespace AppBundle\Controller\Auth;
 
 use AppBundle\Twig\ViewRenderer;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
 
-class LoginAction
+final readonly class LoginAction
 {
     public function __construct(
-        private readonly AuthenticationUtils $authenticationUtils,
-        private readonly ViewRenderer $view,
+        private AuthenticationUtils $authenticationUtils,
+        private ViewRenderer $view,
     ) {}
 
     public function __invoke(Request $request): Response
@@ -29,7 +29,7 @@ public function __invoke(Request $request): Response
         $noDomain = parse_url($targetUri, PHP_URL_HOST) === null;
         $targetPath = $targetUri !== $actualUrl && $noDomain ? $targetUri : null;
 
-        return $this->view->render('admin/login.html.twig', [
+        return $this->view->render('site/auth/login.html.twig', [
             'last_username' => $lastUsername,
             'error' => $error,
             'target_path' => $targetPath,

@@ -2,7 +2,7 @@
 
 declare(strict_types=1);
 
-namespace AppBundle\Controller\Admin;
+namespace AppBundle\Controller\Auth;
 
 use AppBundle\Association\UserMembership\UserService;
 use AppBundle\Twig\ViewRenderer;
@@ -32,7 +32,7 @@ public function __invoke(Request $request): Response
             $this->addFlash('notice', 'Votre demande a été prise en compte. Si un compte correspond à cet email vous recevez un nouveau mot de passe rapidement.');
         }
 
-        return $this->view->render('admin/lost_password.html.twig', [
+        return $this->view->render('site/auth/lost_password.html.twig', [
             'form' => $form->createView(),
             'title' => 'Mot de passe perdu',
             'page' => 'motdepasse_perdu',

@@ -100,7 +100,7 @@
                             <a class="ui button" href="{{ path('home') }}">Retour site</a>
                         </div>
                         <div class="item">
-                            <a class="ui button" href="{{ path('admin_logout') }}">Se déconnecter</a>
+                            <a class="ui button" href="{{ path('app_logout') }}">Se déconnecter</a>
                         </div>
                     </div>
                 </div>

@@ -84,7 +84,7 @@
                     <p><strong>{{ "Attention votre cotisation ne sera plus valable le jour de l'évènement. Vous pouvez commander des billets au tarif AFUP mais vous devrez renouveler votre cotisation pour pouvoir accéder à l'évènement."|trans }}</strong></p>
                 {% endif %}
             {% else %}
-                <p>Pour acheter des places au tarif AFUP, vous devez vous <a href="{{ url('admin_login') }}">connecter</a>.</p>
+                <p>Pour acheter des places au tarif AFUP, vous devez vous <a href="{{ url('app_login') }}">connecter</a>.</p>
             {% endif %}
         </div>
         {% endif %}
@@ -374,4 +374,4 @@
         });
     </script>
     {# Debut block conversion linkedIn Insights #}
-{% endblock %}
+{% endblock %}
@@ -25,7 +25,7 @@
                         <input class="button button--call-to-action" type="submit" name="soumettre" value="Se connecter"/>
                     </div>
                     <div>
-                        <p><a href="{{ url('admin_password') }}">Mot de passe perdu</a></p>
+                        <p><a href="{{ url('app_password_reset') }}">Mot de passe perdu</a></p>
                         <p><a href="{{ url('become_member') }}">Adhésion à l'AFUP</a></p>
                     </div>
                 </div>

@@ -25,7 +25,7 @@
                 </div>
                 <div>
                     <p>
-                        <a href="{{ url('admin_login') }}">Retour au formulaire de connexion</a>
+                        <a href="{{ url('app_login') }}">Retour au formulaire de connexion</a>
                     </p>
                 </div>
             </div>

@@ -27,7 +27,7 @@
                     {% if app.user.canAccessAdmin %}
                         <a href="{{ path('admin_home') }}" class="header-button header-button__connect">Administration</a>
                     {% endif %}
-                    <a href="{{ path('admin_logout') }}" class="header-button header-button__connect">Se déconnecter</a>
+                    <a href="{{ path('app_logout') }}" class="header-button header-button__connect">Se déconnecter</a>
                 {%  else  %}
                     <a href="{{ path('member_index') }}" class="header-button header-button__connect">Se connecter</a>
                     <a href="{{ path('become_member') }}" class="header-button header-button__become-member">Adhérer</a>

@@ -20,7 +20,7 @@
 
                 <div class="impersonation-links">
                     <div>
-                        <a href="{{ path('admin_logout') }}">Déconnexion</a>
+                        <a href="{{ path('app_logout') }}">Déconnexion</a>
                     </div>
                     <div>
                         <a href="{{ path('member_index', { _switch_user: '_exit' }) }}">Retourner au compte d'origine</a>

@@ -22,7 +22,7 @@
                     <ul>
                         <li><a href="{{ path('member_membership') }}">Adhérer en tant que particulier</a></li>
                         <li><a href="{{ path('company_membership') }}">Adhérer en tant qu'entreprise</a></li>
-                        <li><a href="{{ path('admin_login') }}">Se connecter</a></li>
+                        <li><a href="{{ path('app_login') }}">Se connecter</a></li>
                     </ul>
 
                     <h2><a href="{{ path('talks_list') }}">Historique des conférences</a></h2>

@@ -25,7 +25,7 @@ public function iAmLoggedInAsAdmin(): void
     #[Given('I am logged-in with the user :username and the password :password')]
     public function iAmLoggedInWithTheUserAndThePassword(string $username, string $password): void
     {
-        $this->minkContext->visitPath('/admin/login');
+        $this->minkContext->visitPath('/login');
         $this->minkContext->fillField('utilisateur', $username);
         $this->minkContext->fillField('mot_de_passe', $password);
         $this->minkContext->pressButton('Se connecter');

@@ -5,4 +5,4 @@ Feature: Password Reset
 Scenario: L'utilisateur reçoit une URL de connexion complète dans l'e-mail de réinitialisation du mot de passe.
     When I request a password reset for "edmond.dupont@mycorp.fr"
     Then I should receive an email
-    And the email should contain a full URL starting with "https://apachephptest:80/admin/login"
+    And the email should contain a full URL starting with "https://apachephptest:80/login"
-Original file line number
+Diff line change
@@ Expand Up / @@ -86,3 +86,6 @@ presta_sitemap: @@
     global:
         resource: "routing/global.yml"
+    auth:
+        resource: "routing/auth.yml"