Symfony's security system has always been flexible. But over the past few years, it's also become increasingly easy to tap into that power: by creating Guard authenticators and voters for complex authorization rules.

But, we can do more. For example, Symfony security users are so flexible, they can be confusing to set up. And creating a Guard authenticator, while clear and powerful, requires some work. Can we have both flexibility and rapid development? I think so - thanks to two new commands added to MakerBundle.

make:user

Ryan Weaver
Contributed by Ryan Weaver in #250

Ready to start your security system? First you need a user. But, does your entity need to be saved to the database? And is your app responsible for checking passwords?
MakerBundle 1.7 will guide you through these decisions and generate exactly what you need:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
$ php bin/console make:user

The name of the security user class (e.g. User) [User]:
> User

Do you want to store user data in the database (via Doctrine)? (yes/no) [yes]:
> yes

Enter a property name that will be the unique "display" name for the user
(e.g. email, username, uuid) [email]:
> email

Will this app need to hash/check user passwords? Choose No if passwords
are not needed or will be checked/hashed by some other system (e.g. a single sign-on server).
Does this app need to hash/check user passwords? (yes/no) [yes]:
> yes

created: src/Entity/User.php
created: src/Repository/UserRepository.php
updated: src/Entity/User.php
updated: config/packages/security.yaml

That's it! Depending on your answers, the command will create a User class/entity and update your security.yaml file to configure a secure password encoder (if needed) and a user provider. The generated code has clear comments so you can continue updating everything for your needs.

make:auth

Nicolas Philippe
Contributed by Nicolas Philippe in #266

Now that you have a User class, it's time to let your users log in. Want a complete form login system in one command? In MakerBundle 1.8, it's no problem. The new make:auth command can create an entire form authentication system, or an empty authenticator, based on your answers:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
$ php bin/console make:auth

What style of authentication do you want? [Empty authenticator]:
[0] Empty authenticator
[1] Login form authenticator
> 1

The class name of the authenticator to create (e.g. AppCustomAuthenticator):
> LoginFormAuthenticator

Choose a name for the controller class (e.g. SecurityController) [SecurityController]:

created: src/Security/LoginFormAuthenticator.php
updated: config/packages/security.yaml
created: src/Controller/SecurityController.php
created: templates/security/login.html.twig

This creates the login route, controller and template as well as a Guard authenticator that handles the login submit, includes CSRF protection and redirects intelligently on success and error. Your authenticator class will have a few minor TODOs inside (usually just 1) that you'll need to finish. But, you won't need to modify any config files.

The result? A fully functional login system in minutes that you have full control over. Customize the template to match your look and update the code in your authenticator to add anything special you need during the login process.

You can also generate a "empty" authenticator to use for whatever other authentication you need. Want support to generate other kinds of authenticators? Just open a pull request!

Happy security!

Published in #Living on the edge