@@ -77,24 +77,15 @@ the user provider uses :doc:`Doctrine </doctrine>` to retrieve them. |
77 | 77 | use App\Entity\User; |
78 | 78 | use Symfony\Config\SecurityConfig; |
79 | 79 |
|
80 | | -$container->loadFromExtension('security', [ |
81 | | -'providers' => [ |
82 | | -'users' => [ |
83 | | -'entity' => [ |
84 | | -// the class of the entity that represents users |
85 | | -'class' => User::class, |
86 | | -// the property to query by - e.g. email, username, etc |
87 | | -'property' => 'email', |
88 | | -
|
89 | | -// optional: if you're using multiple Doctrine entity |
90 | | -// managers, this option defines which one to use |
91 | | -//'manager_name' => 'customer', |
92 | | -], |
93 | | -], |
94 | | -], |
95 | | -
|
| 80 | +return static function (SecurityConfig $security): void { |
96 | 81 | // ... |
97 | | -]); |
| 82 | +
|
| 83 | +$security->provider('app_user_provider') |
| 84 | +->entity() |
| 85 | +->class(User::class) |
| 86 | +->property('email') |
| 87 | +; |
| 88 | +}; |
98 | 89 |
|
99 | 90 | .. _authenticating-someone-with-a-custom-entity-provider: |
100 | 91 |
|
@@ -185,18 +176,16 @@ To finish this, remove the ``property`` key from the user provider in |
185 | 176 |
|
186 | 177 | // config/packages/security.php |
187 | 178 | use App\Entity\User; |
| 179 | +use Symfony\Config\SecurityConfig; |
188 | 180 |
|
189 | | -$container->loadFromExtension('security', [ |
190 | | -'providers' => [ |
191 | | -'users' => [ |
192 | | -'entity' => [ |
193 | | -'class' => User::class, |
194 | | -], |
195 | | -], |
196 | | -], |
197 | | -
|
| 181 | +return static function (SecurityConfig $security): void { |
198 | 182 | // ... |
199 | | -]); |
| 183 | +
|
| 184 | +$security->provider('app_user_provider') |
| 185 | +->entity() |
| 186 | +->class(User::class) |
| 187 | +; |
| 188 | +}; |
200 | 189 |
|
201 | 190 | Now, whenever Symfony uses the user provider, the ``loadUserByIdentifier()`` |
202 | 191 | method on your ``UserRepository`` will be called. |
@@ -217,18 +206,67 @@ including their passwords. Make sure the passwords are hashed properly. See |
217 | 206 | After setting up hashing, you can configure all the user information in |
218 | 207 | ``security.yaml``: |
219 | 208 |
|
220 | | -.. code-block:: yaml |
| 209 | +.. configuration-block:: |
221 | 210 |
|
222 | | -# config/packages/security.yaml |
223 | | -security: |
224 | | -providers: |
225 | | -backend_users: |
226 | | -memory: |
227 | | -users: |
228 | | -john_admin: { password: '$2y$13$jxGxc ... IuqDju', roles: ['ROLE_ADMIN'] } |
229 | | -jane_admin: { password: '$2y$13$PFi1I ... rGwXCZ', roles: ['ROLE_ADMIN', 'ROLE_SUPER_ADMIN'] } |
| 211 | +.. code-block:: yaml |
230 | 212 |
|
231 | | -# ... |
| 213 | +# config/packages/security.yaml |
| 214 | +security: |
| 215 | +providers: |
| 216 | +backend_users: |
| 217 | +memory: |
| 218 | +users: |
| 219 | +john_admin: { password: '$2y$13$jxGxc ... IuqDju', roles: ['ROLE_ADMIN'] } |
| 220 | +jane_admin: { password: '$2y$13$PFi1I ... rGwXCZ', roles: ['ROLE_ADMIN', 'ROLE_SUPER_ADMIN'] } |
| 221 | +
|
| 222 | +# ... |
| 223 | +
|
| 224 | + .. code-block:: xml |
| 225 | +
|
| 226 | +<!-- config/packages/security.xml --> |
| 227 | +<?xml version="1.0" encoding="UTF-8" ?> |
| 228 | +<srv:container xmlns="http://symfony.com/schema/dic/security" |
| 229 | +xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
| 230 | +xmlns:srv="http://symfony.com/schema/dic/services" |
| 231 | +xsi:schemaLocation="http://symfony.com/schema/dic/services |
| 232 | +https://symfony.com/schema/dic/services/services-1.0.xsd |
| 233 | +http://symfony.com/schema/dic/security |
| 234 | +https://symfony.com/schema/dic/security/security-1.0.xsd"> |
| 235 | +
|
| 236 | +<config> |
| 237 | +<!-- ... --> |
| 238 | +
|
| 239 | +<provider name="app_user_provider2"> |
| 240 | +<memory> |
| 241 | +<user identifier="john_admin" password="$2y$13$jxGxc ... IuqDju" roles="ROLE_ADMIN"/> |
| 242 | +<user identifier="jane_admin" password="$2y$13$PFi1I ... rGwXCZ" roles="ROLE_ADMIN, ROLE_SUPER_ADMIN"/> |
| 243 | +</memory> |
| 244 | +</provider> |
| 245 | +</config> |
| 246 | +</srv:container> |
| 247 | +
|
| 248 | + .. code-block:: php |
| 249 | +
|
| 250 | +// config/packages/security.php |
| 251 | +use App\Entity\User; |
| 252 | +use Symfony\Config\SecurityConfig; |
| 253 | +
|
| 254 | +return static function (SecurityConfig $security): void { |
| 255 | +// ... |
| 256 | +
|
| 257 | +$memoryProvider = $security->provider('app_user_provider')->memory(); |
| 258 | +$memoryProvider |
| 259 | +->user('john_admin') |
| 260 | +->password('$2y$13$jxGxc ... IuqDju') |
| 261 | +->roles(['ROLE_ADMIN']) |
| 262 | +; |
| 263 | +
|
| 264 | +$memoryProvider |
| 265 | +->user('jane_admin') |
| 266 | +->password('$2y$13$PFi1I ... rGwXCZ') |
| 267 | +->roles(['ROLE_ADMIN', 'ROLE_SUPER_ADMIN']) |
| 268 | +; |
| 269 | +}; |
232 | 270 |
|
233 | 271 | .. caution:: |
234 | 272 |
|
@@ -246,27 +284,99 @@ providers are configured is important because Symfony will look for users |
246 | 284 | starting from the first provider and will keep looking for in the other |
247 | 285 | providers until the user is found: |
248 | 286 |
|
249 | | -.. code-block:: yaml |
| 287 | +.. configuration-block:: |
| 288 | + |
| 289 | +.. code-block:: yaml |
| 290 | +
|
| 291 | +# config/packages/security.yaml |
| 292 | +security: |
| 293 | +# ... |
| 294 | +providers: |
| 295 | +backend_users: |
| 296 | +ldap: |
| 297 | +# ... |
| 298 | +
|
| 299 | +legacy_users: |
| 300 | +entity: |
| 301 | +# ... |
250 | 302 |
|
251 | | -# config/packages/security.yaml |
252 | | -security: |
253 | | -# ... |
254 | | -providers: |
255 | | -backend_users: |
256 | | -ldap: |
257 | | -# ... |
| 303 | +users: |
| 304 | +entity: |
| 305 | +# ... |
258 | 306 |
|
259 | | -legacy_users: |
260 | | -entity: |
261 | | -# ... |
| 307 | +all_users: |
| 308 | +chain: |
| 309 | +providers: ['legacy_users', 'users', 'backend_users'] |
262 | 310 |
|
263 | | -users: |
264 | | -entity: |
265 | | -# ... |
| 311 | + .. code-block:: xml |
266 | 312 |
|
267 | | -all_users: |
268 | | -chain: |
269 | | -providers: ['legacy_users', 'users', 'backend_users'] |
| 313 | +<!-- config/packages/security.xml --> |
| 314 | +<?xml version="1.0" encoding="UTF-8" ?> |
| 315 | +<srv:container xmlns="http://symfony.com/schema/dic/security" |
| 316 | +xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
| 317 | +xmlns:srv="http://symfony.com/schema/dic/services" |
| 318 | +xsi:schemaLocation="http://symfony.com/schema/dic/services |
| 319 | +https://symfony.com/schema/dic/services/services-1.0.xsd |
| 320 | +http://symfony.com/schema/dic/security |
| 321 | +https://symfony.com/schema/dic/security/security-1.0.xsd"> |
| 322 | +
|
| 323 | +<config> |
| 324 | +<!-- ... --> |
| 325 | +
|
| 326 | +<provider name="backend_users"> |
| 327 | +<ldap service="..." base-dn="..."/> |
| 328 | +</provider> |
| 329 | +
|
| 330 | +<provider name="legacy_users"> |
| 331 | +<entity> |
| 332 | +<!-- ... --> |
| 333 | +</entity> |
| 334 | +</provider> |
| 335 | +
|
| 336 | +<provider name="users"> |
| 337 | +<entity> |
| 338 | +<!-- ... --> |
| 339 | +</entity> |
| 340 | +</provider> |
| 341 | +
|
| 342 | +<provider name="all_users"> |
| 343 | +<chain> |
| 344 | +<provider>backend_users</provider> |
| 345 | +<provider>legacy_users</provider> |
| 346 | +<provider>users</provider> |
| 347 | +</chain> |
| 348 | +</provider> |
| 349 | +</config> |
| 350 | +</srv:container> |
| 351 | +
|
| 352 | + .. code-block:: php |
| 353 | +
|
| 354 | +// config/packages/security.php |
| 355 | +use App\Entity\User; |
| 356 | +use Symfony\Config\SecurityConfig; |
| 357 | +
|
| 358 | +return static function (SecurityConfig $security): void { |
| 359 | +// ... |
| 360 | +
|
| 361 | +$backendProvider = $security->provider('backend_users') |
| 362 | +->ldap() |
| 363 | +// ... |
| 364 | +; |
| 365 | +
|
| 366 | +$legacyProvider = $security->provider('legacy_users') |
| 367 | +->entity() |
| 368 | +// ... |
| 369 | +; |
| 370 | +
|
| 371 | +$userProvider = $security->provider('users') |
| 372 | +->entity() |
| 373 | +// ... |
| 374 | +; |
| 375 | +
|
| 376 | +$allProviders = $security->provider('all_users')->chain() |
| 377 | +->providers([$backendProvider, $legacyProvider, $userProvider]) |
| 378 | +; |
| 379 | +}; |
270 | 380 |
|
271 | 381 | .. _security-custom-user-provider: |
272 | 382 |
|
@@ -362,14 +472,52 @@ Most of the work is already done! Read the comments in the code and update the |
362 | 472 | TODO sections to finish the user provider. When you're done, tell Symfony about |
363 | 473 | the user provider by adding it in ``security.yaml``: |
364 | 474 |
|
365 | | -.. code-block:: yaml |
| 475 | +.. configuration-block:: |
| 476 | + |
| 477 | +.. code-block:: yaml |
| 478 | +
|
| 479 | +# config/packages/security.yaml |
| 480 | +security: |
| 481 | +providers: |
| 482 | +# the name of your user provider can be anything |
| 483 | +your_custom_user_provider: |
| 484 | +id: App\Security\UserProvider |
| 485 | +
|
| 486 | + .. code-block:: xml |
| 487 | +
|
| 488 | +<!-- config/packages/security.xml --> |
| 489 | +<?xml version="1.0" encoding="UTF-8" ?> |
| 490 | +<srv:container xmlns="http://symfony.com/schema/dic/security" |
| 491 | +xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
| 492 | +xmlns:srv="http://symfony.com/schema/dic/services" |
| 493 | +xsi:schemaLocation="http://symfony.com/schema/dic/services |
| 494 | +https://symfony.com/schema/dic/services/services-1.0.xsd |
| 495 | +http://symfony.com/schema/dic/security |
| 496 | +https://symfony.com/schema/dic/security/security-1.0.xsd"> |
| 497 | +
|
| 498 | +<config> |
| 499 | +<!-- ... --> |
| 500 | +
|
| 501 | +<provider name="your_custom_user_provider" id="App\Security\UserProvider"> |
| 502 | +<!-- ... --> |
| 503 | +</provider> |
| 504 | +</config> |
| 505 | +</srv:container> |
| 506 | +
|
| 507 | + .. code-block:: php |
| 508 | +
|
| 509 | +// config/packages/security.php |
| 510 | +use App\Security\UserProvider; |
| 511 | +use Symfony\Config\SecurityConfig; |
| 512 | +
|
| 513 | +return static function (SecurityConfig $security): void { |
| 514 | +// ... |
366 | 515 |
|
367 | | -# config/packages/security.yaml |
368 | | -security: |
369 | | -providers: |
370 | | -# the name of your user provider can be anything |
371 | | -your_custom_user_provider: |
372 | | -id: App\Security\UserProvider |
| 516 | +$customProvider = $security->provider('your_custom_user_provider') |
| 517 | +->id(UserProvider::class) |
| 518 | +// ... |
| 519 | +; |
| 520 | +}; |
373 | 521 |
|
374 | 522 | Lastly, update the ``config/packages/security.yaml`` file to set the |
375 | 523 | ``provider`` key to ``your_custom_user_provider`` in all the firewalls which |
|
0 commit comments