From 2309b0b814eb8967a8f158627896d2b85e63258b Mon Sep 17 00:00:00 2001
From: KosticDusan4D <75327101+KosticDusan4D@users.noreply.github.com>
Date: Wed, 11 May 2022 13:58:50 +0200
Subject: [PATCH] Correcting bugs for provider and JSON login

On lines 501 and 502 I propose this change, because it confused me so much which provider to use, and in the case that you are explaining there you should use earlier configured app_user_provider, not users_in_memory.

On line 1043 I had a problem that $user is always null until I deleted the "?User" from parameters. I think that PHP gets confused here with the way it is written. And to say that now with that part removed everything works fine.

Thanks in advance and I hope that I contributed even a little as this is.
---
 security.rst | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/security.rst b/security.rst
index dac009b6c66..e2cc5fde10a 100644
--- a/security.rst
+++ b/security.rst
@@ -498,7 +498,8 @@ will be able to authenticate (e.g. login form, API token, etc).
                     security: false
                 main:
                     lazy: true
-                    provider: users_in_memory
+                    # provider that you set earlier inside providers
+                    provider: app_user_provider
 
                     # activate different ways to authenticate
                     # https://symfony.com/doc/current/security.html#firewalls-authentication