1
0
mirror of synced 2024-12-01 09:06:03 +03:00
service-bundle/Resources/doc/Security.md

61 lines
1.9 KiB
Markdown
Raw Normal View History

2021-03-31 11:00:48 +03:00
### Authentication
Example security configuration:
```yaml
security:
2022-07-19 16:27:00 +03:00
hide_user_not_found: false
2021-03-31 11:00:48 +03:00
providers:
2022-07-19 16:27:00 +03:00
connection:
entity: { class: App\Entity\Connection, property: clientId }
2021-03-31 11:00:48 +03:00
firewalls:
2022-07-19 16:27:00 +03:00
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
simple-connection:
pattern: ^/simple-connection
stateless: true
security: false
front:
2022-07-21 17:39:34 +03:00
pattern: ^/front
2022-07-19 16:27:00 +03:00
provider: connection
2022-07-21 17:39:34 +03:00
stateless: true
2022-07-19 16:27:00 +03:00
custom_authenticators:
- RetailCrm\ServiceBundle\Security\FrontApiClientAuthenticator
2021-03-31 11:00:48 +03:00
main:
2022-07-19 16:27:00 +03:00
pattern: ^/
2021-03-31 11:00:48 +03:00
lazy: true
access_control:
2022-07-21 17:39:34 +03:00
- { path: ^/front, roles: IS_AUTHENTICATED_FULLY }
- { path: ^/(simple-connection), roles: PUBLIC_ACCESS }
2021-03-31 11:00:48 +03:00
```
Login controller will be called after the authenticator successfully authenticates the user. You can get the authenticated user, generate a token (or whatever you need to return) and return response:
2021-03-31 11:00:48 +03:00
```php
use App\Entity\User;
use Symfony\Component\Security\Http\Attribute\CurrentUser;
2021-03-31 11:00:48 +03:00
class ApiLoginController extends AbstractController
2022-07-19 16:27:00 +03:00
{
2022-07-21 17:39:34 +03:00
#[Route('/front', name: 'front')]
public function front(#[CurrentUser] ?User $user): Response
{
$token = ...; // somehow create an API token for $user
return $this->json([
'user' => $user->getUserIdentifier(),
'token' => $token,
]);
2022-07-19 16:27:00 +03:00
}
2021-03-31 11:00:48 +03:00
}
```
The <code>#[CurrentUser]</code> can only be used in controller arguments to retrieve the authenticated user. In services, you would use getUser().
2022-07-21 17:39:34 +03:00
See the [manual](https://symfony.com/doc/6.0/security.html) for more information.
> If you set the parameter stateless: false, then during an active session the login will be made on the basis of the data deserialized from the session storage