If any of the following are applicable to your project, then the directory structure should follow industry best practices by being named the following.
bin/
config/
src/
tests/
vendor/
Via Composer
$ composer require sf4/api-security
config/bundles.php
<?php
return [
# ...
Symfony\Bundle\SecurityBundle\SecurityBundle::class => ['all' => true]
];
config/services.yaml
services:
# ...
Sf4\ApiSecurity\Command\UserRightCreator:
class: Sf4\ApiSecurity\Command\UserRightCreator
tags:
- { name: 'console.command', command: 'api-security:create-user-rights' }
arguments:
$requestHandler: '@Sf4\Api\RequestHandler\RequestHandlerInterface'
Sf4\Api\Repository\RepositoryFactory:
class: Sf4\Api\Repository\RepositoryFactory
arguments:
$entityManager: '@Doctrine\ORM\EntityManagerInterface'
$entities:
# user: Sf4\ApiUser\Entity\User
# user_detail: Sf4\ApiUser\Entity\UserDetail
user: Sf4\ApiSecurity\Entity\User
user_detail: Sf4\ApiSecurity\Entity\UserDetail
user_role: Sf4\ApiSecurity\Entity\UserRole
user_right: Sf4\ApiSecurity\Entity\UserRight
user_role_right: Sf4\ApiSecurity\Entity\UserRoleRight
# ...
Sf4\ApiSecurity\EventSubscriber\RequestSubscriber: ~
Sf4\ApiSecurity\Security\Authenticator\TokenAuthenticator:
class: Sf4\ApiSecurity\Security\Authenticator\TokenAuthenticator
arguments:
- '@Doctrine\ORM\EntityManagerInterface'
config/packages/doctrine.yaml
doctrine:
# ...
orm:
# ...
mappings:
# ...
# Sf4\ApiUser:
# is_bundle: false
# type: annotation
# dir: '%kernel.project_dir%/vendor/sf4/api-user/src/Entity'
# prefix: 'Sf4\ApiUser\Entity'
# alias: Sf4\ApiUser
Sf4\ApiSecurity:
is_bundle: false
type: annotation
dir: '%kernel.project_dir%/vendor/sf4/api-security/src/Entity'
prefix: 'Sf4\ApiSecurity\Entity'
alias: Sf4\ApiSecurity
config/packages/security.yaml
security:
encoders:
Sf4\ApiSecurity\Entity\User:
algorithm: argon2i
providers:
app_user_provider:
entity:
class: Sf4\ApiSecurity\Entity\User
property: email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: true
stateless: true
logout: ~
guard:
authenticators:
- Sf4\ApiSecurity\Security\Authenticator\TokenAuthenticator
access_control:
- { path: ^/security, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/site, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_ADMIN }
- { path: ^/user, roles: ROLE_USER }
config/packages/translation.yaml
framework:
# ...
translator:
# ...
paths:
# ...
- '%kernel.project_dir%/vendor/sf4/api-security/src/translations'
Create super admin
bin/console api-security:create-super-admin
Create user rights
bin/console api-security:create-user-rights
$ composer test
Please see CONTRIBUTING and CODE_OF_CONDUCT for details.
If you discover any security related issues, please email siim.liimand@gmail.com instead of using the issue tracker.
The MIT License (MIT). Please see License File for more information.