jwt authenticator bundle for symfony 4/5

v1.0 2020-04-07 20:43 UTC

This package is auto-updated.

Last update: 2020-05-10 13:59:48 UTC


Latest Stable Version Total Downloads License

Symfony Authentication bundle provides JWT API token authentication for your symfony project with these features:

  • Generate and validate RSA encrypted JWT token
  • Authenticate Login User with the token validation using symfony security
  • Refresh tokens before expiration (later)


This bundle requires symfony v4+ to run.

Install using Composer

$ composer require ramyhakam/symfony-authentication-bundle

Using the Bundle

  1. First, make sure you've followed the main Security Guide to create your User class. Then, to keep things simple, add an apiToken property directly to your User class

  2. Now you have a new entity for your Authentication that implements Symfony\Component\Security\Core\User\UserInterface;

  3. ! This is automatically Done By Symfony Flex: Enable the bundle in your bundle.php file by adding this line

    return [ 
    Hakam\AuthenticationBundle\HakamAuthenticationBundle::class => ['all' => true],
  4. Then You need to use the Authenticator as your auth in your firewall by adding these lines in your packages/security.yml

    #example firewalls
       pattern:   /api/login
       stateless: true
       scurity: false
         pattern:   ^/api
         stateless: true
                 - token-authenticator  #using jwt authenticator here
  5. Now you can inject JWTTokenAuthenticatorService and generate user tokens based on the user data

    \\ Controller\AccountController.php
        namespace App\Controller;
        use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
        use Hakam\AuthenticationBundle\Services\JWTTokenAuthenticatorService;
       public class AccountController extends AbstractController
        * @var JWTTokenAuthenticatorService
        private $authenticatorService;
        public function __construct(JWTTokenAuthenticatorService $authenticatorService)
             $this->authenticatorService = $authenticatorService;
        public funcion generateToken()
            $authToken = $this->authenticatorService->generateUserToken($user->getApiToken());
  6. Now use can inject UserIntetface in your controller which will be replaced by the login User object after token authentication is verified.

    \\ Controller\AccountController.php
    namespace App\Controller;
    use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
    use Symfony\Component\Security\Core\User\UserInterface;
    use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
    public class AccountController extends AbstractController
         * @param UserInterface $user
         * @Security("is_granted('ROLE_User') 
        public function needsAuthUser( UserInterface $user)
              $user  // is the logged in user object with ROLE_USER


  1. Generate your private and public keys:
$ openssl genrsa -out config/jwt/private.pem 2048
$ openssl rsa -in config/jwt/private.pem -outform PEM -pubout -out config/jwt/public.pem
  1. After generating your public and private keys you should create the bundle configuration file lives in config/packages/hakam_authentication_bundle.yaml with these configuration:
     public_path_key:      '%kernel.project_dir%/config/jwt/public.pem'
     private_path_key:     '%kernel.project_dir%/config/jwt/private.pem'


Want to contribute? Great!

  • Fork your copy from the repository
  • Add your new Awesome features
  • Write MORE Tests
  • Create a new Pull request



Free Software, Hell Yeah!