CODEWITHSUNDEEP
symfony
doremi
doremi

Reputation: 15329

Symfony 2 Custom User Provider & Authentication

I'm working on a project where a segment of the site is secured. The credentials for the users who auth are stored in QuickBase (an online database with a custom API) and the passwords are encrypted using a custom hash.

Can someone give me a high-level take on what classes I will need to build and implement to support authenticating these users from a web service and using my own password hash mechanism?

Here is my security.yml:

security:
    firewalls:
        secured_area:
            pattern:    ^/account
            provider: quickbase_users
            form_login:
                login_path: /login
                check_path: /login_check

    access_control:
        - { path: ^/admin, roles: ROLE_ADMIN }

    providers:
        quickbase_users:
            id: quickbase_user_provider

    encoders:
        Symfony\Component\Security\Core\User\User: plaintext

Here are my routes:

login:
    pattern:   /login
    defaults:  { _controller: JMLWebsiteBundle:Security:login }
login_check:
    pattern:   /login_check

I'm currently getting this error after submitting a user/pass at /login:

Unable to find the controller for path "/login_check". Maybe you forgot to add the matching route in your routing configuration?

Upvotes: 1

Views: 4508

Answers (1)

Crozin
Crozin

Reputation: 44376

  1. Create your User class that implements Symfony\Component\Security\Core\User\UserInterface.

  2. Create a custom encoder service:

    1. Create a service that implements Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface

    2. Register that service as encoder for your User class in security.yml:

      security:
    encoders:
        MyCustomBundle\Entity\User:  # Class/interface from point #1
            id: my.encoder.service   # Service id from point #2.1

  3. Create a custom user provider:

    1. Create a service that implements Symfony\Component\Security\Core\User\UserProviderInterface

    2. Register that service as user provider in security.yml:

      security:
    [...]

    providers:
        my_custom_user_provider:
            id: my.user_provider.service # Service id from point #3.1

Check out FOSUserBundle to see an example of implementation of custom user provider.

Upvotes: 2

Related Questions