tonehaus/docs/03-auth-and-users.md

Authentication & Users

Modal auth

• Login and registration happen in a Bootstrap modal.
• AJAX submits keep users on the same page; state updates after reload.
• Remember-me cookie keeps users logged in across sessions.

Roles

• ROLE_USER: default for registered users.
• ROLE_MODERATOR: promoted via console app:promote-moderator, or via webUI; can manage users and all reviews/albums but not site settings.
• ROLE_ADMIN: promoted via console app:promote-admin; includes moderator abilities plus site settings access.

Access flow

• Visiting /admin/dashboard, /admin/users, or /admin/settings while unauthenticated forces a redirect through /login, which re-opens the modal automatically.
• Moderators inherit all ROLE_USER permissions; admins inherit both moderator and user permissions via the role hierarchy.
• Admin-only actions (site settings, moderator toggling, deleting other admins) are additionally guarded in controllers/templates to avoid accidental misuse.

User management UI

• /admin/users (moderator+) lists every account along with album/review counts.
• Moderators can create new accounts (without affecting their own login session.. ).
• Delete buttons are disabled (with tooltip hints) for protected rows such as the current user or any admin.
• Admins see a Promote/Demote toggle: promoting grants ROLE_MODERATOR; demoting removes that role unless the target is an admin (admins always outrank moderators).
• Admins can disable public registration from /admin/settings; when disabled, the “Sign up” button in the auth modal is replaced with a tooltip explaining that registration is closed, but /admin/users remains fully functional.
• Registration can also be enforced via APP_ALLOW_REGISTRATION=0/1 in the environment; the DB setting syncs on each Symfony boot, so flips take effect after the next restart.

Password changes

• On /profile, users can change email/display name.
• To set a new password, the current password must be provided.

Logout

• /logout (link in user menu).