Open in app

Sign in

Write

Sign in

Redirecting anonymous users to the login form in Drupal 8

Charlotte Bone
Charlotte’s Digital Web
Published in
3 min readOct 7, 2019

Sometimes we need to make sure that anonymous users are redirected to the login page. In Drupal 7 we were able to use hook_init, this was called at the beginning of the page request. This has been removed in Drupal 8 due to events being introduced.

The event system is built on the Symfony event dispatcher and allows components to communicate with each other, whilst allowing them to remain modular. We can make use of the event dispatcher for many scenarios but in this example I will show you how to use it to redirect an anonymous user to the login page on any page load.

I’d recommend using Drupal Console to generate the boilerplate eventdispatcher code. Simply create a module and then use the generate:event:subscriber command. When it asks if you want to load services from your container, enter yes and add the current_user service. This will create a class in your modules src > EventSubscriber directory.

Below is the boilerplate code generated.

At the moment, this does not actually do anything. We will need to add an event subscriber, but what event do we need to subscribe to? Here are a list of available KernalEvents (taken from drupal.org 8,2,x API documentation).

  • KernelEvents::CONTROLLER — The CONTROLLER event occurs once a controller was found for handling a request.
  • KernelEvents::EXCEPTION — The EXCEPTION event occurs when an uncaught exception appears.
  • KernelEvents::FINISH_REQUEST — The FINISH_REQUEST event occurs when a response was generated for a request.
  • KernelEvents::REQUEST — The REQUEST event occurs at the very beginning of request dispatching.
  • KernelEvents::RESPONSE — The RESPONSE event occurs once a response was created for replying to a request.
  • KernelEvents::TERMINATE — The TERMINATE event occurs once a response was sent.
  • KernelEvents::VIEW — The VIEW event occurs when the return value of a controller is not a Response instance.

We need to check a user is anonymous and redirect them before page load if they are. So for this, we will be using the KernelEvents::REQUEST event.

The first step is to register this event subscriber in the getSubscribedEvents method

static function getSubscribedEvents() {
  $events[KernelEvents::REQUEST][] = ['onRequest', 30];
  return $events;
}

The number 30 is the priority. This is set at 30 so that it runs before page caching (currently priority 27), otherwise it will cause issues and only work the first time it’s ran. onRequest is the name of the method that will be called on that event, the code for this is below.

The method is pretty simple. It checks the current user, the current route name and redirects the user to the login page if they’re anonymous and not on any of the ignore routes. The ignore array is so that we don’t get an endless redirect loop when going to the login page and so that the user can still reset their password. Any routes that need to bypass this redirect can be added here.

Install the module, clear the cache and when you visit any page of your site as an anonymous user you will see that you’re redirected to the login page! This can easily be extended to redirect to certain pages for different scenarios.

Web Development
Drupal 8
Drupal
Drupal Development
Tutorial

--

--

Charlotte Bone
Charlotte’s Digital Web

Written by Charlotte Bone

79 Followers
Editor for

I am a creative, passionate, full stack developer. I love technology & I really want more females to not be afraid to pursue this career / Engineer @stacker.app

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams