No identifier/primary key specified for User entity, without connection to database

Question

Im getting error about identifier/primary key for my User entity after im trying to log in.

I searched for the answer, but nothing helped in my case.

This is my user entity, im not using any database, all data is comming with json responses from request's to external application.

<?php

declare(strict_types=1);

namespace App\Entity;

use Symfony\Component\Security\Core\User\UserInterface;
use Doctrine\ORM\Mapping as ORM;

/**
 * @ORM\Entity
 */
class User implements UserInterface
{
    /**
     * @ORM\Id
     * @ORM\GeneratedValue(strategy="NONE")
     */
    private $id;

    private $username;

    private $password;

    private $email;

    private $roles;

    public function __construct()
    {
        $this->roles = ['ROLE_USER'];
    }

    /**
     * @param $id
     */
    public function setId($id)
    {
        $this->id = $id;
    }

    /**
     * @return string $id
     */
    public function getId()
    {
        return $this->id;
    }

    /**
     * @param string $username
     */
    public function setUsername(string $username): void
    {
        $this->username = $username;
    }

    /**
     * @return string
     */
    public function getUsername(): string
    {
        return $this->username;
    }

    /**
     * @param string $password
     */
    public function setPassword(string $password): void
    {
        $this->password = $password;
    }

    /**
     * @return string|null
     */
    public function getPassword(): ?string
    {
        return $this->password;
    }

    /**
     * @param string $email
     */
    public function setEmail(string $email): void
    {
        $this->email = $email;
    }

    /**
     * @return string|null
     */
    public function getEmail(): ?string
    {
        return $this->email;
    }

    /**
     * @return string[]
     */
    public function getRoles(): array
    {
        return $this->roles;
    }

    /**
     * @param string[] $roles
     */
    public function setRoles(array $roles): void
    {
        $this->roles = $roles;
    }

    /**
     * @return null
     */
    public function getSalt()
    {
        return null;
    }

    /**
     * Removes sensitive data from the user.
     *
     * This is important if, at any given point, sensitive information like
     * the plain-text password is stored on this object.
     */
    public function eraseCredentials()
    {
        $this->password = null;
    }
}

This is my login from, im trying to use UsernamePasswordToken, to hold the session with basic informations about my user (thats why im trying to create User entity).

public function loginAction(Request $request): JsonResponse
    {
        $client = new CurlHttpClient();
        $response = $client->request(
            'GET',
            'http://dal/user/'.$request->request->get('username'),
            [
                'auth_basic' => ['our_user', 'our_password']
            ]
        );

        if ($response->getStatusCode() === 200) {
            $response = $response->toArray();
            if (password_verify($request->request->get('password'), $response['password_hash'])) {

                $user = new User();
                $user->setId($response['_id']);
                $user->setUsername($request->request->get('username'));
                $user->setEmail($request->request->get('email'));

                $token = new UsernamePasswordToken(
                    $user,
                    null,
                    'main',
                    $user->getRoles()
                );
                $this->get('security.token_storage')->setToken($token);
                $this->get('session')->set('_security_main', serialize($token));
                $event = new InteractiveLoginEvent($request, $token);
                $this->get("event_dispatcher")->dispatch("security.interactive_login", $event);
            }
        } else {
            return new JsonResponse(
                'Username or password doesn\'t match',
                JsonResponse::HTTP_UNAUTHORIZED
            );
        }

        return new JsonResponse($response);
    }

Basicly the only answer im getting from external application is do user with given username and password exists.

Also, this is my security.yaml.

security:
    providers:
        in_memory: { memory: ~ }
        users:
            entity:
                class: App\Entity\User
                property: username
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            anonymous: ~
            provider: users

            logout:
                path: /api/security/logout

Answer 1

the subkey entity: tells the security component to use doctrine to fetch a User entity from the database, which doesn't really work if you don't use the database to store users.

the security component is also made to check if a user - which is logged in - might have changed between requests. So you user most likely will also be logged out regularly. for all the details have a look at https://symfony.com/doc/current/security/user_provider.html . maybe you can come up with a custom user provider that stores the user information in some temporary directory for a while or something ...