WEBVTT NOTE Created by CaptionSync from Automatic Sync Technologies www.automaticsync.com 00:00:01.216 --> 00:00:07.116 align:middle We now understand that FOSUserBundle just gives us a nice User class 00:00:07.116 --> 00:00:10.656 align:middle and some routes & controllers for registration, reset password, 00:00:10.976 --> 00:00:13.176 align:middle edit profile and a few other things. 00:00:13.716 --> 00:00:17.006 align:middle The bundle does not provide any authentication. 00:00:18.506 --> 00:00:20.896 align:middle Open app/config/security.yml. 00:00:22.596 --> 00:00:27.496 align:middle The form_login authentication mechanism we're using is core 00:00:27.496 --> 00:00:30.186 align:middle to Symfony itself, not this bundle. 00:00:30.336 --> 00:00:32.666 align:middle So, one of the questions we get a lot is: 00:00:33.006 --> 00:00:37.086 align:middle how can I use Guard authentication with FOSUserBundle? 00:00:37.336 --> 00:00:40.456 align:middle It turns out, it's simple! 00:00:41.286 --> 00:00:45.796 align:middle Guard authentication and FOSUserBundle solve different problems, 00:00:46.056 --> 00:00:47.596 align:middle and they work together beautifully. 00:00:48.156 --> 00:00:49.626 align:middle Teamwork makes the dream work! 00:00:50.446 --> 00:00:54.436 align:middle But, why would you want to use Guard authentication with FOSUserBundle? 00:00:55.256 --> 00:01:00.346 align:middle Well, as easy as form_login is, it's a pain to customize. 00:01:01.146 --> 00:01:04.646 align:middle Guard is more work up front, but gives you a lot more control. 00:01:05.426 --> 00:01:10.426 align:middle You can also use Guard to add some sort of API authentication on top of form_login. 00:01:11.606 --> 00:01:15.306 align:middle Let's replace form_login with a more flexible Guard authenticator. 00:01:15.976 --> 00:01:19.366 align:middle At the root of our project, you should have tutorial/ directory 00:01:19.676 --> 00:01:24.686 align:middle with a file called LoginFormAuthenticator.php. 00:01:24.856 --> 00:01:30.056 align:middle In src/AppBundle, create a new directory called Security and paste that file here. 00:01:34.406 --> 00:01:40.216 align:middle This LoginFormAuthenticator is almost an exact copy of the authenticator we created 00:01:40.426 --> 00:01:42.356 align:middle in our Symfony Security tutorial. 00:01:43.216 --> 00:01:49.366 align:middle I've just added CSRF token checking - since our HTML login form has a CSRF token in it - 00:01:49.956 --> 00:01:51.806 align:middle and made a few other minor tweaks. 00:01:52.306 --> 00:01:58.486 align:middle For example at the bottom, I updated the login route name to use the one from FOSUserBundle. 00:01:58.556 --> 00:02:06.376 align:middle The authenticator is very straightforward: It looks for the submitted _username 00:02:06.456 --> 00:02:09.346 align:middle and _password fields from the login form. 00:02:10.136 --> 00:02:15.476 align:middle It doesn't care if you built that login form yourself, or if it comes from FOSUserBundle. 00:02:16.436 --> 00:02:22.266 align:middle Then, it queries for your User object by email only and checks to see if the password is valid. 00:02:23.826 --> 00:02:27.296 align:middle Obviously you can write your authenticator to do anything. 00:02:27.926 --> 00:02:33.966 align:middle To get this to work, like all authenticators, we need to register it as a service. 00:02:34.016 --> 00:02:37.986 align:middle I'll add app.security.login_form_authenticator, 00:02:38.116 --> 00:02:44.466 align:middle set the class to LoginFormAuthenticator and use autowire: true. 00:02:47.376 --> 00:02:48.636 align:middle Copy that service ID. 00:02:49.276 --> 00:02:52.406 align:middle Then open app/config/security.yml. 00:02:54.486 --> 00:02:58.746 align:middle Ok, let's comment-out form_login entirely. 00:03:00.276 --> 00:03:05.646 align:middle And instead, add guard, authenticators, then paste the service ID. 00:03:07.176 --> 00:03:08.576 align:middle That's it! 00:03:08.766 --> 00:03:15.126 align:middle FOSUserBundle doesn't care who or what is processing the login form submit. 00:03:15.346 --> 00:03:17.086 align:middle Let's try it! 00:03:17.626 --> 00:03:25.626 align:middle Click log out, click login and login with admin@aquanote.com. 00:03:26.426 --> 00:03:29.346 align:middle Yea, this does still say "Username", but we know 00:03:29.346 --> 00:03:32.636 align:middle that our authenticator actually logs us in via email. 00:03:32.946 --> 00:03:34.546 align:middle So, we'll want to tweak that language. 00:03:35.476 --> 00:03:37.486 align:middle Use the password admin and... 00:03:37.726 --> 00:03:40.076 align:middle boom! Congrats! 00:03:40.336 --> 00:03:44.216 align:middle You just used a Guard authenticator with FOSUserBundle. 00:03:44.676 --> 00:03:45.866 align:middle Wasn't that nice? 00:03:46.486 --> 00:03:51.246 align:middle You should feel empowered to use FOSUserBundle because you want things 00:03:51.276 --> 00:03:54.546 align:middle like a registration page or reset password system. 00:03:55.336 --> 00:03:59.466 align:middle But, you can still take control of your actual login mechanism 00:03:59.776 --> 00:04:01.546 align:middle and do whatever the heck you want. 00:04:02.996 --> 00:04:06.806 align:middle The last part of this bundle that you'll need to customize are the emails: 00:04:07.386 --> 00:04:10.626 align:middle the reset password email and the registration confirmation email, 00:04:11.016 --> 00:04:12.356 align:middle if you want to send that one. 00:04:13.106 --> 00:04:17.156 align:middle The docs are good on this topic, and it's mostly a matter of overriding templates... 00:04:17.156 --> 00:04:18.506 align:middle which we already mastered. 00:04:18.676 --> 00:04:24.226 align:middle All right guys, go use FOSUserBundle to quickly bootstrap your site! 00:04:24.836 --> 00:04:27.336 align:middle As long as you understand what it does... 00:04:27.676 --> 00:04:31.006 align:middle and does not give you, it's awesome. 00:04:31.506 --> 00:04:33.686 align:middle Seeya next time!