Update json_login_setup.rst

[sundayglee]

After a successfully login, the json_login system failed with an error: "The controller must return a response (null given). Did you forget to add a return statement somewhere in your controller? (500 Internal Server Error)", because it had nowhere to go after a successfully authentication.
A quick fix was to redirect the user to a secure location in the login controller. This works when the login is successful and respective json responses are sent when the login fails.
Am not core symfony developer hence i don't know if this is a perfect method or there is another better way. But this worked on my end.

[xabbuh]

I am not sure about this change. Why is the controller actually executed at all? IMO this should never happen as the security layer intercepts the request.

[sundayglee]

The security layer intercept the request, perform its authentication when the user tries to login.
If the authentication was unsuccessfully, the response is handled by the security layer in which the response is the coded authentication error response.
But, in case when the authentication was a success, the security layer give back the control to the login method; if the login method has no return statement, it throws the error in my first comment.
If the login method does not have a return statement upon successfully login, security layer throws an error that a response must be returned. This tells us that, the security layer actually takes back control to the login method after successfully login in which it finds nothing, as in the current docs.
In normal login forms, there you can set the target_path in the security configuration file or through the twig template; but there is no documented method of where the response will go after successfully authentication.
So, in order to be able to redirect the response to a secure location and not throw error, my quick fix is what i did to get it working.
Thats why i said, there maybe a better method, but it is not documented anywhere and am not very much good in the ins of symfony so i didn't have any other fix except this one.
I can tell you, follow the the guide without this fix, you will get an error right after a successfully login which one may confuse it as saying the authentication was not successfully while it was .Its just that the security layer didn't know where to go after a successfully login.

[HeahDude]

Hello @sundayglee, thanks for this first contribution.

I see two problems here, first there is no "real" login action in a json authentication context, only a login check to consider, so I'd say this action is bad named.

Second, the success handler is responsible to return a response https://github.com/symfony/symfony/pull/18952/files#diff-7628031175f41007da5faf388318d48fR132, so you should not rely on the controller to do so, as for other authentication methods.