1
0
mirror of synced 2024-11-28 15:46:04 +03:00
service-bundle/Resources/doc/Security.md

74 lines
2.2 KiB
Markdown
Raw Normal View History

2021-03-31 11:00:48 +03:00
### Authentication
Example security configuration:
```yaml
security:
2022-07-19 16:27:00 +03:00
hide_user_not_found: false
2021-03-31 11:00:48 +03:00
providers:
2022-07-19 16:27:00 +03:00
connection:
entity: { class: App\Entity\Connection, property: clientId }
2021-03-31 11:00:48 +03:00
firewalls:
2022-07-19 16:27:00 +03:00
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
simple-connection:
pattern: ^/simple-connection
stateless: true
security: false
2021-03-31 11:00:48 +03:00
callback:
pattern: ^/callback
2022-07-19 16:27:00 +03:00
provider: connection
2021-03-31 11:00:48 +03:00
stateless: true
2022-07-19 16:27:00 +03:00
custom_authenticators:
- RetailCrm\ServiceBundle\Security\CallbackClientAuthenticator
front:
pattern: ^/(front|login)
provider: connection
stateless: false
remember_me:
secret: '%kernel.secret%'
lifetime: 604800 # 1 week in seconds
always_remember_me: true
custom_authenticators:
- RetailCrm\ServiceBundle\Security\FrontApiClientAuthenticator
2021-03-31 11:00:48 +03:00
main:
2022-07-19 16:27:00 +03:00
pattern: ^/
2021-03-31 11:00:48 +03:00
lazy: true
access_control:
2022-07-19 16:27:00 +03:00
- { path: ^/front, roles: IS_AUTHENTICATED_REMEMBERED }
- { path: ^/simple-connection, roles: PUBLIC_ACCESS }
2021-03-31 11:00:48 +03:00
```
To authenticate the user after creating it, you can use the following code
```php
2022-07-19 16:27:00 +03:00
use App\Entity\Connection;
use App\Services\ConnectionManager;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Http\Authentication\UserAuthenticatorInterface;
use RetailCrm\ServiceBundle\Security\FrontApiClientAuthenticator;
2021-03-31 11:00:48 +03:00
2022-07-19 16:27:00 +03:00
class AppController extends AbstractController
{
public function someAction(
Request $request,
Connection $connection,
ConnectionManager $manager,
UserAuthenticatorInterface $userAuthenticator,
FrontApiClientAuthenticator $authenticator
): Response {
$exist = $manager->search($connection); //get connection
2021-03-31 11:00:48 +03:00
2022-07-19 16:27:00 +03:00
$userAuthenticator->authenticateUser(
$connection,
$authenticator,
$request
);
}
2021-03-31 11:00:48 +03:00
}
```