New in MakerBundle 1.8: Instant User & Login Form Commands

Symfony's security system has always been flexible. But over the past few years, it's also become increasingly easy to tap into that power: by creating Guard authenticators and voters for complex authorization rules.

But, we can do more. For example, Symfony security users are so flexible, they can be confusing to set up. And creating a Guard authenticator, while clear and powerful, requires some work. Can we have both flexibility and rapid development? I think so - thanks to two new commands added to MakerBundle.

make:user

Contributed by
Ryan Weaver
in #250.

Ready to start your security system? First you need a user. But, does your entity need to be saved to the database? And is your app responsible for checking passwords? MakerBundle 1.7 will guide you through these decisions and generate exactly what you need:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
$ php bin/console make:user

The name of the security user class (e.g. User) [User]:
> User

Do you want to store user data in the database (via Doctrine)? (yes/no) [yes]:
> yes

Enter a property name that will be the unique "display" name for the user
(e.g. email, username, uuid) [email]:
> email

Will this app need to hash/check user passwords? Choose No if passwords
are not needed or will be checked/hashed by some other system (e.g. a single sign-on server).
Does this app need to hash/check user passwords? (yes/no) [yes]:
> yes

created: src/Entity/User.php
created: src/Repository/UserRepository.php
updated: src/Entity/User.php
updated: config/packages/security.yaml

That's it! Depending on your answers, the command will create a User class/entity and update your security.yaml file to configure a secure password encoder (if needed) and a user provider. The generated code has clear comments so you can continue updating everything for your needs.

make:auth

Contributed by
Nicolas Philippe
in #266.

Now that you have a User class, it's time to let your users log in. Want a complete form login system in one command? In MakerBundle 1.8, it's no problem. The new make:auth command can create an entire form authentication system, or an empty authenticator, based on your answers:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
$ php bin/console make:auth

What style of authentication do you want? [Empty authenticator]:
[0] Empty authenticator
[1] Login form authenticator
> 1

The class name of the authenticator to create (e.g. AppCustomAuthenticator):
> LoginFormAuthenticator

Choose a name for the controller class (e.g. SecurityController) [SecurityController]:

created: src/Security/LoginFormAuthenticator.php
updated: config/packages/security.yaml
created: src/Controller/SecurityController.php
created: templates/security/login.html.twig

This creates the login route, controller and template as well as a Guard authenticator that handles the login submit, includes CSRF protection and redirects intelligently on success and error. Your authenticator class will have a few minor TODOs inside (usually just 1) that you'll need to finish. But, you won't need to modify any config files.

The result? A fully functional login system in minutes that you have full control over. Customize the template to match your look and update the code in your authenticator to add anything special you need during the login process.

You can also generate a "empty" authenticator to use for whatever other authentication you need. Want support to generate other kinds of authenticators? Just open a pull request!

Happy security!

Comments

Great additions to this bundle! It will definitely help to make Symfony security more approachable. Thanks to contributors!
Very helpful additions! Thanks
This will make it easier for me to dispose of FosUserBundle. Thanks
Fantastic! Thanks!
Awesome ! Thanks !

There is a small typo on the example screen for `make:user` on the 4th question :
"by me other system" instead of "by some other system" (checked on the repo)
@Kevin very nice catch! It's fixed now. Thanks!
Awesome!
Very helpful. Thanks!
@Jose I found this gist to ride off https://gist.github.com/florentdestremau/78e3828af1832c309e72b429afa5ca06
I didn't test it though :)
This is super awesome. An incredible addition to Symfony. However, I believe it will be super helpful if the make:auth can be extended to include registration.
Thanks @PastisD is very useful
I've had to create this from scratch a few times. Very excited to see some automation!
I even wrote an article on this, and was thinking about making a PR for this, this is perfect for bootstraping applications !
Login with SymfonyConnect to post a comment