2.1 KiB
2.1 KiB
Authentication
Example security configuration:
security:
hide_user_not_found: false
providers:
connection:
entity: { class: App\Entity\Connection, property: clientId }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
simple-connection:
pattern: ^/simple-connection
stateless: true
security: false
callback:
pattern: ^/callback
provider: connection
stateless: true
custom_authenticators:
- RetailCrm\ServiceBundle\Security\CallbackClientAuthenticator
front:
pattern: ^/auth
provider: connection
stateless: false
remember_me:
secret: '%kernel.secret%'
lifetime: 604800 # 1 week in seconds
signature_properties: ['clientId']
always_remember_me: true
custom_authenticators:
- RetailCrm\ServiceBundle\Security\FrontApiClientAuthenticator
main:
pattern: ^/
lazy: true
access_control:
- { path: ^/front, roles: IS_AUTHENTICATED_REMEMBERED }
- { path: ^/simple-connection, roles: PUBLIC_ACCESS }
Login controller will be called after the authenticator successfully authenticates the user. You can get the authenticated user, generate a token (or whatever you need to return) and return response:
use App\Entity\User;
use Symfony\Component\Security\Http\Attribute\CurrentUser;
class ApiLoginController extends AbstractController
{
#[Route('/auth', name: 'auth')]
public function auth(#[CurrentUser] ?User $user): Response
{
$token = ...; // somehow create an API token for $user
return $this->json([
'user' => $user->getUserIdentifier(),
'token' => $token,
]);
}
}
The #[CurrentUser] can only be used in controller arguments to retrieve the authenticated user. In services, you would use getUser().