New in MakerBundle 1.8: Instant User & Login Form Commands
Symfony's security system has always been flexible. But over the past few years, it's also become increasingly easy to tap into that power: by creating Guard authenticators and voters for complex authorization rules.
But, we can do more. For example, Symfony security users are so flexible, they can be confusing to set up. And creating a Guard authenticator, while clear and powerful, requires some work. Can we have both flexibility and rapid development? I think so - thanks to two new commands added to MakerBundle.
Ready to start your security system? First you need a user. But, does your entity need to be saved to the database? And is your app responsible for checking passwords? MakerBundle 1.7 will guide you through these decisions and generate exactly what you need:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
$ php bin/console make:user The name of the security user class (e.g. User) [User]: > User Do you want to store user data in the database (via Doctrine)? (yes/no) [yes]: > yes Enter a property name that will be the unique "display" name for the user (e.g. email, username, uuid) [email]: > email Will this app need to hash/check user passwords? Choose No if passwords are not needed or will be checked/hashed by some other system (e.g. a single sign-on server). Does this app need to hash/check user passwords? (yes/no) [yes]: > yes created: src/Entity/User.php created: src/Repository/UserRepository.php updated: src/Entity/User.php updated: config/packages/security.yaml
That's it! Depending on your answers, the command will create a User
class/entity and update your
security.yaml file to configure a secure
password encoder (if needed) and a user provider. The generated code has clear
comments so you can continue updating everything for your needs.
Now that you have a User class, it's time to let your users log in. Want a complete form login system in one command? In MakerBundle 1.8, it's no problem. The new make:auth command can create an entire form authentication system, or an empty authenticator, based on your answers:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
$ php bin/console make:auth What style of authentication do you want? [Empty authenticator]:  Empty authenticator  Login form authenticator > 1 The class name of the authenticator to create (e.g. AppCustomAuthenticator): > LoginFormAuthenticator Choose a name for the controller class (e.g. SecurityController) [SecurityController]: created: src/Security/LoginFormAuthenticator.php updated: config/packages/security.yaml created: src/Controller/SecurityController.php created: templates/security/login.html.twig
This creates the login route, controller and template as well as a Guard authenticator that handles the login submit, includes CSRF protection and redirects intelligently on success and error. Your authenticator class will have a few minor TODOs inside (usually just 1) that you'll need to finish. But, you won't need to modify any config files.
The result? A fully functional login system in minutes that you have full control over. Customize the template to match your look and update the code in your authenticator to add anything special you need during the login process.
You can also generate a "empty" authenticator to use for whatever other authentication you need. Want support to generate other kinds of authenticators? Just open a pull request!