Chapters
47 Chapters
|
4:41:51
|
Login to bookmark this video
-
Course Code
Subscribe to download the code!
Subscribe to download the code!
-
This Video
Subscribe to download the video!
Subscribe to download the video!
-
Subtitles
Subscribe to download the subtitles!
Subscribe to download the subtitles!
-
Course Script
Subscribe to download the script!
Subscribe to download the script!
Scroll down to the script below, click on any sentence (including terminal blocks) to jump to that spot in the video!
Subscribe to jump to this part in the video!
This tutorial also works great for Symfony 6!
What PHP libraries does this tutorial use?
// composer.json
{
"require": {
"php": ">=8.2",
"ext-ctype": "*",
"ext-iconv": "*",
"babdev/pagerfanta-bundle": "^3.3", // v3.3.0
"composer/package-versions-deprecated": "^1.11", // 1.11.99.4
"doctrine/annotations": "^1.0", // 1.13.2
"doctrine/doctrine-bundle": "^2.1", // 2.6.3
"doctrine/doctrine-migrations-bundle": "^3.0", // 3.1.1
"doctrine/orm": "^2.7", // 2.10.1
"knplabs/knp-markdown-bundle": "^1.8", // 1.9.0
"knplabs/knp-time-bundle": "^1.11", // v1.16.1
"pagerfanta/doctrine-orm-adapter": "^3.3", // v3.3.0
"pagerfanta/twig": "^3.3", // v3.3.0
"phpdocumentor/reflection-docblock": "^5.2", // 5.2.2
"scheb/2fa-bundle": "^5.12", // v5.12.1
"scheb/2fa-qr-code": "^5.12", // v5.12.1
"scheb/2fa-totp": "^5.12", // v5.12.1
"sensio/framework-extra-bundle": "^6.0", // v6.2.0
"stof/doctrine-extensions-bundle": "^1.4", // v1.6.0
"symfony/asset": "5.3.*", // v5.3.4
"symfony/console": "5.3.*", // v5.3.7
"symfony/dotenv": "5.3.*", // v5.3.8
"symfony/flex": "^1.3.1", // v1.21.6
"symfony/form": "5.3.*", // v5.3.8
"symfony/framework-bundle": "5.3.*", // v5.3.8
"symfony/monolog-bundle": "^3.0", // v3.7.0
"symfony/property-access": "5.3.*", // v5.3.8
"symfony/property-info": "5.3.*", // v5.3.8
"symfony/rate-limiter": "5.3.*", // v5.3.4
"symfony/runtime": "5.3.*", // v5.3.4
"symfony/security-bundle": "5.3.*", // v5.3.8
"symfony/serializer": "5.3.*", // v5.3.8
"symfony/stopwatch": "5.3.*", // v5.3.4
"symfony/twig-bundle": "5.3.*", // v5.3.4
"symfony/ux-chartjs": "^1.3", // v1.3.0
"symfony/validator": "5.3.*", // v5.3.8
"symfony/webpack-encore-bundle": "^1.7", // v1.12.0
"symfony/yaml": "5.3.*", // v5.3.6
"symfonycasts/verify-email-bundle": "^1.5", // v1.5.0
"twig/extra-bundle": "^2.12|^3.0", // v3.3.3
"twig/string-extra": "^3.3", // v3.3.3
"twig/twig": "^2.12|^3.0" // v3.3.3
},
"require-dev": {
"doctrine/doctrine-fixtures-bundle": "^3.3", // 3.4.0
"symfony/debug-bundle": "5.3.*", // v5.3.4
"symfony/maker-bundle": "^1.15", // v1.34.0
"symfony/var-dumper": "5.3.*", // v5.3.8
"symfony/web-profiler-bundle": "5.3.*", // v5.3.8
"zenstruck/foundry": "^1.1" // v1.13.3
}
}
22 Comments
Error does not added to use Passport
symfony console make:authwith selection 0 generate Empty authenticator does not generate use Passport by default.
Hey Maxim!
Ah, you're right! It only affects empty authenticator, with login form authenticator it's already there. I just created a PR in maker-bundle to fix it: https://github.com/symfony/... - feel free to give a review ;)
Cheers!
Hi,
Is there a possibility to call another authenticator after first fail? For example - after unsuccessful authentication from first (custom) authenticator to use internal method for checking user/pass in second authenticator? I defined 2 authenticators in security.yaml, both have defined entry point (start() method and implement AuthenticationEntryPointInterface) but it seams after fail in first it simply just showing authentication error. I wanted to authenticate user locally, if LDAP auth fails. Is that possible?
security:
Hey @Artur-M
What if use multiple user providers and not authenticators? There is a Chain user provider you can see configuration here https://symfony.com/doc/current/security/user_providers.html#chain-user-provider in most cases it should be enough because authenticator should not have lot of custom logic
Cheers!
Thanks, probably it can be solution!
Hi,
after bin/console make:auth
I get following error:
The service "security.command.debug_firewall" has a dependency on a non-existent service "App\Security\LoginFormAuthenticator".I'm using Symfony 5.4.11
console output:
Hey Stefan,
I believe you don't have enabled the autoconfigure feature. Do you have these lines in your
config/services.yamlfile?My config/services.yaml:
Yes I do. So it should work - but it does not?
What should I add to configure LoginFormAuthenticator ?
I also updated to Symfony 5.4.14 - same problem.
Ok, let's review a few things.
First: double-check that the file's name matches to the class name of your
LoginFormAuthenticatorSecond: Double-check its namespace, it should be
App\SecurityIf everything is ok, could you show me your
config/packages/security.yamlfile? There might be a hintHi MolloKhan,
thanks for your time and help...
filenames - check
namespace - check
doublecheck - check
-security.yaml - sure - appended afterwards.
It's a pimcore application where I try to extend security for some pages
I want to configure firewall: 'wir_beten_fw'
path '/intern/' is working and redirecting to 'beter_login'
some stuff from config.yaml
Your config looks good to me. For some reason your authenticator is not being auto-registered. Double-check in your
config/services.yamlif you're not excluding it under the key:Also try clearing the cache manually
rm -rf var/cacheSorry, no change
no exclude
after rm - no change
Don't know why - but this was missing in config/services.yaml:
so now - LoginFormAuthenticator - is found and executed
I can follow the tut
Thanks a lot
Ohh, so it was not excluded, but it was not been auto-registered. Makes sense :)
Hi
I have a question, how to secure form against changes value in hidden fields?
Hey Tomas,
Perhaps what you need here is a custom validation constraint. Here you can learn how to create own yourself https://symfony.com/doc/current/validation/custom_constraint.html
Cheers!
Hey
not, I'm looking for something what protect my form against "html" code manipulation
In cakephp is special component, maybe in symfony is something similarar
FormProtect
regards
It seems to me that that component does something similar to what you can achieve with custom validation constraints. The only difference is that you have to attach the validations to your entity fields.
Here you can learn how to create your own validators https://symfonycasts.com/screencast/symfony-forms/custom-validator
the tutorial is based on Symfony 4, but nothing meaningful has changed since then
Hi, if symfony calls the authenticator on each request, which is the reason for lazy parameter?
Hey GianlucaF,
Hm, yes, authenticator is called on each request... but we only call that supports() method on it, which returns true *only* on login route when we're sending a POST request to it, right? But if supports() returns false - we won't continue.
Cheers!
Great series! You guys are always having what I need atm! (that's the true magic)
Hey Maciej,
Thank you for your feedback! We're really happy to hear it was useful for you :)
Cheers!
"Houston: no signs of life"
Start the conversation!