1000 search results

Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

Adding a Custom Voter
42 lines | src/Security/Voter/ArticleVoter.php
// ... lines 1 - 8
class ArticleVoter extends Voter
{
protected function supports($attribute, $subject)
{
// replace with your own logic
// https://symfony.com/doc/current/security/voters.html
return in_array($attribute, ['EDIT', 'VIEW'])
&& $subject instanceof App\Entity\BlogPost;
}
// ... lines 18 - 40
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

Adding a Custom Voter
43 lines | src/Security/Voter/ArticleVoter.php
// ... lines 1 - 4
use App\Entity\Article;
// ... lines 6 - 9
class ArticleVoter extends Voter
{
protected function supports($attribute, $subject)
{
// replace with your own logic
// https://symfony.com/doc/current/security/voters.html
return in_array($attribute, ['MANAGE'])
&& $subject instanceof Article;
}
// ... lines 19 - 41
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

Adding a Custom Voter
42 lines | src/Security/Voter/ArticleVoter.php
// ... lines 1 - 8
class ArticleVoter extends Voter
{
// ... lines 11 - 18
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
$user = $token->getUser();
// if the user is anonymous, do not grant access
if (!$user instanceof UserInterface) {
return false;
}
// ... (check conditions and return true to grant permission) ...
switch ($attribute) {
case 'EDIT':
// logic to determine if the user can EDIT
// return true or false
break;
case 'VIEW':
// logic to determine if the user can VIEW
// return true or false
break;
}
return false;
}
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

Adding a Custom Voter
42 lines | src/Security/Voter/ArticleVoter.php
// ... lines 1 - 4
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
// ... lines 6 - 8
class ArticleVoter extends Voter
{
// ... lines 11 - 18
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
$user = $token->getUser();
// ... lines 22 - 39
}
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

Adding a Custom Voter
42 lines | src/Security/Voter/ArticleVoter.php
// ... lines 1 - 4
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
// ... line 6
use Symfony\Component\Security\Core\User\UserInterface;
class ArticleVoter extends Voter
{
// ... lines 11 - 18
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
$user = $token->getUser();
// if the user is anonymous, do not grant access
if (!$user instanceof UserInterface) {
return false;
}
// ... lines 26 - 39
}
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

Adding a Custom Voter
43 lines | src/Security/Voter/ArticleVoter.php
// ... lines 1 - 9
class ArticleVoter extends Voter
{
// ... lines 12 - 19
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
/** @var Article $subject */
// ... lines 23 - 40
}
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

Adding a Custom Voter
43 lines | src/Security/Voter/ArticleVoter.php
// ... lines 1 - 9
class ArticleVoter extends Voter
{
protected function supports($attribute, $subject)
{
// replace with your own logic
// https://symfony.com/doc/current/security/voters.html
return in_array($attribute, ['MANAGE'])
&& $subject instanceof Article;
}
// ... lines 19 - 41
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

Adding a Custom Voter
43 lines | src/Security/Voter/ArticleVoter.php
// ... lines 1 - 9
class ArticleVoter extends Voter
{
// ... lines 12 - 19
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
/** @var Article $subject */
$user = $token->getUser();
// if the user is anonymous, do not grant access
if (!$user instanceof UserInterface) {
return false;
}
// ... (check conditions and return true to grant permission) ...
switch ($attribute) {
case 'MANAGE':
// ... lines 32 - 36
break;
}
// ... lines 39 - 40
}
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

Adding a Custom Voter
43 lines | src/Security/Voter/ArticleVoter.php
// ... lines 1 - 9
class ArticleVoter extends Voter
{
// ... lines 12 - 19
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
// ... lines 22 - 28
// ... (check conditions and return true to grant permission) ...
switch ($attribute) {
case 'MANAGE':
// this is the author!
if ($subject->getAuthor() == $user) {
return true;
}
break;
}
return false;
}
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

Adding a Custom Voter
55 lines | src/Security/Voter/ArticleVoter.php
// ... lines 1 - 7
use Symfony\Component\Security\Core\Security;
// ... lines 9 - 10
class ArticleVoter extends Voter
{
private $security;
public function __construct(Security $security)
{
$this->security = $security;
}
// ... lines 19 - 53
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

Adding a Custom Voter
55 lines | src/Security/Voter/ArticleVoter.php
// ... lines 1 - 10
class ArticleVoter extends Voter
{
// ... lines 13 - 27
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
// ... lines 30 - 36
// ... (check conditions and return true to grant permission) ...
switch ($attribute) {
case 'MANAGE':
// this is the author!
if ($subject->getAuthor() == $user) {
return true;
}
if ($this->security->isGranted('ROLE_ADMIN_ARTICLE')) {
return true;
}
return false;
}
return false;
}
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

API Token Authenticator
59 lines | src/Security/ApiTokenAuthenticator.php
// ... lines 1 - 11
class ApiTokenAuthenticator extends AbstractGuardAuthenticator
{
public function supports(Request $request)
{
// look for header "Authorization: Bearer <token>"
return $request->headers->has('Authorization')
&& 0 === strpos($request->headers->get('Authorization'), 'Bearer ');
}
// ... lines 20 - 57
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

API Token Authenticator
59 lines | src/Security/ApiTokenAuthenticator.php
// ... lines 1 - 11
class ApiTokenAuthenticator extends AbstractGuardAuthenticator
{
// ... lines 14 - 20
public function getCredentials(Request $request)
{
$authorizationHeader = $request->headers->get('Authorization');
// ... lines 24 - 26
}
// ... lines 28 - 57
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

API Token Authenticator
59 lines | src/Security/ApiTokenAuthenticator.php
// ... lines 1 - 11
class ApiTokenAuthenticator extends AbstractGuardAuthenticator
{
// ... lines 14 - 20
public function getCredentials(Request $request)
{
$authorizationHeader = $request->headers->get('Authorization');
// skip beyond "Bearer "
return substr($authorizationHeader, 7);
}
// ... lines 28 - 57
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

API Token Authenticator
59 lines | src/Security/ApiTokenAuthenticator.php
// ... lines 1 - 11
class ApiTokenAuthenticator extends AbstractGuardAuthenticator
{
// ... lines 14 - 28
public function getUser($credentials, UserProviderInterface $userProvider)
{
dump($credentials);die;
}
// ... lines 33 - 57
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

API Token Authenticator
89 lines | src/Security/LoginFormAuthenticator.php
// ... lines 1 - 19
class LoginFormAuthenticator extends AbstractFormLoginAuthenticator
{
// ... lines 22 - 43
public function getCredentials(Request $request)
{
$credentials = [
'email' => $request->request->get('email'),
'password' => $request->request->get('password'),
'csrf_token' => $request->request->get('_csrf_token'),
];
// ... lines 51 - 56
return $credentials;
}
// ... lines 59 - 87
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

API Token Authenticator
75 lines | src/Security/ApiTokenAuthenticator.php
// ... lines 1 - 4
use App\Repository\ApiTokenRepository;
// ... lines 6 - 12
class ApiTokenAuthenticator extends AbstractGuardAuthenticator
{
private $apiTokenRepo;
public function __construct(ApiTokenRepository $apiTokenRepo)
{
$this->apiTokenRepo = $apiTokenRepo;
}
// ... lines 21 - 73
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

API Token Authenticator
75 lines | src/Security/ApiTokenAuthenticator.php
// ... lines 1 - 12
class ApiTokenAuthenticator extends AbstractGuardAuthenticator
{
// ... lines 15 - 36
public function getUser($credentials, UserProviderInterface $userProvider)
{
$token = $this->apiTokenRepo->findOneBy([
'token' => $credentials
]);
// ... lines 42 - 47
}
// ... lines 49 - 73
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

API Token Authenticator
75 lines | src/Security/ApiTokenAuthenticator.php
// ... lines 1 - 12
class ApiTokenAuthenticator extends AbstractGuardAuthenticator
{
// ... lines 15 - 36
public function getUser($credentials, UserProviderInterface $userProvider)
{
$token = $this->apiTokenRepo->findOneBy([
'token' => $credentials
]);
if (!$token) {
return;
}
return $token->getUser();
}
// ... lines 49 - 73
}
See Code Block in Script
Code

Learn Symfony 4

 >

Symfony Security: Beautiful Authentication, Powerful Authorization

 >

API Token Authenticator
75 lines | src/Security/ApiTokenAuthenticator.php
// ... lines 1 - 12
class ApiTokenAuthenticator extends AbstractGuardAuthenticator
{
// ... lines 15 - 49
public function checkCredentials($credentials, UserInterface $user)
{
dd('checking credentials');
}
// ... lines 54 - 73
}
See Code Block in Script
34 35 36 37 38