Chapters
37 Chapters
|
3:43:31
|
Login to bookmark this video
-
Course Code
Subscribe to download the code!
Subscribe to download the code!
-
This Video
Subscribe to download the video!
Subscribe to download the video!
-
Subtitles
Subscribe to download the subtitles!
Subscribe to download the subtitles!
-
Course Script
Subscribe to download the script!
Subscribe to download the script!
Scroll down to the script below, click on any sentence (including terminal blocks) to jump to that spot in the video!
Subscribe to jump to this part in the video!
What PHP libraries does this tutorial use?
// composer.json
{
"require": {
"php": ">=8.2",
"ext-ctype": "*",
"ext-iconv": "*",
"api-platform/core": "^3.0", // v3.1.2
"doctrine/annotations": "^2.0", // 2.0.1
"doctrine/doctrine-bundle": "^2.8", // 2.8.3
"doctrine/doctrine-migrations-bundle": "^3.2", // 3.2.2
"doctrine/orm": "^2.14", // 2.14.1
"nelmio/cors-bundle": "^2.2", // 2.2.0
"nesbot/carbon": "^2.64", // 2.66.0
"phpdocumentor/reflection-docblock": "^5.3", // 5.3.0
"phpstan/phpdoc-parser": "^1.15", // 1.16.1
"symfony/asset": "6.2.*", // v6.2.5
"symfony/console": "6.2.*", // v6.2.5
"symfony/dotenv": "6.2.*", // v6.2.5
"symfony/expression-language": "6.2.*", // v6.2.5
"symfony/flex": "^2", // v2.2.4
"symfony/framework-bundle": "6.2.*", // v6.2.5
"symfony/property-access": "6.2.*", // v6.2.5
"symfony/property-info": "6.2.*", // v6.2.5
"symfony/runtime": "6.2.*", // v6.2.5
"symfony/security-bundle": "6.2.*", // v6.2.6
"symfony/serializer": "6.2.*", // v6.2.5
"symfony/twig-bundle": "6.2.*", // v6.2.5
"symfony/ux-react": "^2.6", // v2.7.1
"symfony/ux-vue": "^2.7", // v2.7.1
"symfony/validator": "6.2.*", // v6.2.5
"symfony/webpack-encore-bundle": "^1.16", // v1.16.1
"symfony/yaml": "6.2.*" // v6.2.5
},
"require-dev": {
"doctrine/doctrine-fixtures-bundle": "^3.4", // 3.4.2
"mtdowling/jmespath.php": "^2.6", // 2.6.1
"phpunit/phpunit": "^9.5", // 9.6.3
"symfony/browser-kit": "6.2.*", // v6.2.5
"symfony/css-selector": "6.2.*", // v6.2.5
"symfony/debug-bundle": "6.2.*", // v6.2.5
"symfony/maker-bundle": "^1.48", // v1.48.0
"symfony/monolog-bundle": "^3.0", // v3.8.0
"symfony/phpunit-bridge": "^6.2", // v6.2.5
"symfony/stopwatch": "6.2.*", // v6.2.5
"symfony/web-profiler-bundle": "6.2.*", // v6.2.5
"zenstruck/browser": "^1.2", // v1.2.0
"zenstruck/foundry": "^1.26" // v1.28.0
}
}
9 Comments
Hi everyone. Not sure, this is the best place for the question, but I'm a bit stuck.
I've created a simple api resource "UserApi" + the User Entity and I use the MicroMapper.
I don't get a normal IRI here, but
/api/.well-known/genid/....How can I fix this? Thanks four your help.Hi @David-S
That is a GenId string, and it is generated for you because your DTO is not a ApiPlatform resource. No... it's a recourse but not fully configured, I think the fix will be to define some
GEToperation and configureuriTemplateproperty, than you will see correct IRIWithout it this resource considered as not mapped inside ApiPlafotform!
Cheers!
Hi @weaverryan !
About the 204 response with location header and the user IRI :
I just couldn't get the "location" header back in my Vue app (I'm serving the API from
localhost:8000and using it from my vue app onlocalhost:8080).I had to expose the
Locationheader from thenelmio_corsconfig, which only exposes theLinkheader by default:Thanks for showing all the cool stuff about API Platform !
Thanks for sharing your solution @Rmy5
Hi Ryan, it's me again. I have a problem:
I want to add conditions in my QueryExtension, you know
where Project in (:allowedProjects). So far, so easy. I create the Extension, get the user from the Token, add some joins and conditions and done.But I find is quite cumbersome to always add some nested joins to "get back" to my Project-User Mapping to know which projects my user has access to, so I tried a different approach:
1) A subscriber that happens right after authorization (In my case
'kernel.request' => [['addProjects', 8]]). Here, I get the User from the Token, fetch all my Projects from different sources (he can be the owner or was granted access by another way) and add them to the user2) In my QueryExtension, I get the User from the Token and can simply
where project in (:projects)andsetParameter('projects', $user->getProjects())and doneMy Problem: The user in my Subscriber and the user in my Query ARE NOT THE SAME, event if it's only one request. I mean, it's the same email address, but a different object (used
spl_object_hash), so the User in the QueryExtension has an empty projects listIn other words: How to modify the user that is used in the QueryExtension?
Hey @Sebastian-K!
Ah, that's an interesting solution! So the problem is that, with the priority 8 on your event listener, your listener is running before the security system, most importantly before the core
ContextListener, whose job it is to take the User object from the previous request (which had been serialized into the session), grab its id, then query for a fresh User (to make sure theUserobject has the most up to date database data). So very good digging to figure out viaspl_object_hash()that these are not the same objects. Actually, I think the core system also has a priority of 8, so it's probably just bad luck that your's is getting called too late. I'm guessing you chose those on purpose, for example, to be early enough in API Platform's process.What I would do instead (and I would probably do this even if you didn't have this problem) is create some sort of
UserContextservice and give IT theaddProjects()method. Then, autowire this service where you need it. That should solve the problem as you won't be trying to change theUserobject anymore. I like this solution better anyway because (though perhaps slightly less convenient), I always feel weird setting non-persisted data onto an entity... not there there is anything SO wrong about this.Anyway, let me know if this helps!
Cheers!
Hello there!
I'm currently creating a login form just like yours and it works great, thanks. But I'm also trying to register my users through something similar, and I meet some difficulties to authenticate the new User after registration, due to the Json_login technic.
How could I do that, please?
For now, I've got this:
If I uncomment the last response (and obviously comment the previous one), it does work as long the new user doesn't refresh its page. And if I use $userAuthenticator, I have a 500 error:
What should I change to automatically Login the new User, please?
Thank you.
Hello,
Take a look here https://symfonycasts.com/screencast/symfony-security/manual-auth#binding-the-form-login-service
It should help you!
Cheers!
Great, thank you!
"Houston: no signs of life"
Start the conversation!