limit0 / modlr-auth-bundle
Implements core authentication services for projects using modlr
Requires
- php: >=5.4
- as3/modlr-bundle: dev-master
- lcobucci/jwt: ^3.2
- symfony/framework-bundle: >=2.0 <2.7 || ^3.0
- symfony/yaml: >=2.0 <2.7 || ^3.0
This package is not auto-updated.
Last update: 2024-11-09 21:01:39 UTC
README
Implements core authentication services for projects using as3io/modlr
Requirements
- You must use or replicate the supplied
core-user
model.- You can (optionally) use the supplied
core-account
model.
- You can (optionally) use the supplied
Installation
Install the package via composer:
composer require limit0/modlr-auth-bundle
Include the bundle in your AppKernel.php
:
public function registerBundles() { $bundles = [ // ... new Limit0\ModlrAuthBundle\Limit0ModlrAuthBundle(), // ...
Configuration
Routing
You will need to import this bundle's routing. To prevent any potential collision issues, be sure to load it before your API is loaded in your application:
limit0_modlr_auth: resource: "@Limit0ModlrAuthBundle/Resources/config/routing.yml" as3_modlr_bundle: resource: "@As3ModlrBundle/Resources/config/routing.yml" defaults: _format: json # ...
Security
Update security.yml
configuration (a template is available):
Add the core_user
provider:
providers: core_user: id: modlr_auth_bundle.security.user_provider.core_user # ...
Add the user encoder:
encoders: Limit0\Bundle\ModlrAuthBundle\Security\User\CoreUser: algorithm: bcrypt cost: 13 # ...
There are two authenticators supplied, a stateless API authenticator that uses JWT:
firewalls: api: context: core pattern: ^/api\/rest provider: core_user guard: authenticators: - modlr_auth_bundle.security.authenticator.api
And one that uses stateful Symfony framework tokens:
firewalls: manage: context: core anonymous: ~ provider: core_user guard: authenticators: - modlr_auth_bundle.security.authenticator.core_user remember_me: secret: "%secret%" lifetime: 63072000 name: __modlr-auth always_remember_me: true logout: path: /api/auth/user/destroy invalidate_session: false success_handler: modlr_auth_bundle.security.logout_success_handler
Once you've configured your firewalls, configure your access controlled paths.
To lock out the modlr API (replace api/rest
with your configured modlr rest api prefix):
access_control: - { path: ^/api/auth, roles: [ IS_AUTHENTICATED_ANONYMOUSLY ] } - { path: ^/api/rest, roles: [ ROLE_ADMIN\USER ] }
Or locking down the entire application can be done as well:
access_control: access_control: - { path: ^/api/auth, roles: [ IS_AUTHENTICATED_ANONYMOUSLY ] } - { path: ^/, roles: [ ROLE_ADMIN\USER ] }