1000 search results

Code

Learn Symfony 3

 >

Upgrade to Symfony4 and Flex!

 >

Flex Extras
21 lines | src/Security/Voter/RandomAccessVoter.php
// ... lines 1 - 15
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
return random_int(0, 10) > 5;
}
// ... lines 20 - 21
See Code Block in Script
Blog
Composer 2.9 Automatic Security Blocking: Fireside Chat

…a situation where you know a package is safe (or you’re stuck waiting for a patch), you can turn off security blocking: This restores the old behavior where vulnerabilities are reported, but installation is not blocked. Ignore Specific Advisories Instead of disabling blocking globally…

By MolloKhan, Leannapelham, and bocharsky-bw

Read Full Post
Code

Learn Symfony 6

 >

Upgrading & What's New in Symfony 6!

 >

Recipe Upgrades: Part 2!
64 lines | config/packages/security.yaml
// ... lines 1 - 51
when@test:
security:
password_hashers:
# By default, password hashers are resource intensive and take time. This is
# important to generate secure password hashes. In tests however, secure hashes
# are not important, waste resources and increase test times. The following
# reduces the work factor to the lowest possible values.
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
algorithm: auto
cost: 4 # Lowest possible value for bcrypt
time_cost: 3 # Lowest possible value for argon
memory_cost: 10 # Lowest possible value for argon
See Code Block in Script
Code

Learn Symfony 5

 >

Charming Development in Symfony 5

 >

Flex, Recipes & Aliases
9 lines | config/packages/security_checker.yaml
services:
_defaults:
autowire: true
autoconfigure: true
SensioLabs\Security\SecurityChecker: null
SensioLabs\Security\Command\SecurityCheckerCommand: null
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

Uh oh: Documentation Bug!
414 lines | symfony-docs/security/form_login.rst
// ... lines 1 - 396
Redirecting to the Last Accessed Page with ``TargetPathTrait``
--------------------------------------------------------------
The last request URI is stored in a session variable named
``_security.<your providerKey>.target_path`` (e.g. ``_security.main.target_path``
if the name of your firewall is ``main``). Most of the times you don't have to
deal with this low level session variable. However, if you ever need to get or
remove this variable, it's better to use the
:class:`Symfony\\Component\\Security\\Http\\Util\\TargetPathTrait` utility::
// ...
use Symfony\Component\Security\Http\Util\TargetPathTrait;
$targetPath = $this->getTargetPath($request->getSession(), $providerKey);
// equivalent to:
// $targetPath = $request->getSession()->get('_security.'.$providerKey.'.target_path');
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

Uh oh: Documentation Bug!
414 lines | symfony-docs/security/form_login.rst
// ... lines 1 - 26
.. note::
Sometimes, redirecting to the originally requested page can cause problems,
like if a background Ajax request "appears" to be the last visited URL,
causing the user to be redirected there. For information on controlling this
behavior, see :doc:`/security`.
// ... lines 33 - 414
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

Services, Autowiring & Pushing To GitHub
226 lines | symfony/src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml
<?xml version="1.0" ?>
<container xmlns="http://symfony.com/schema/dic/services"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
// ... lines 6 - 12
<services>
// ... lines 14 - 135
<service id="security.firewall.map" class="Symfony\Bundle\SecurityBundle\Security\FirewallMap">
<argument /> <!-- Firewall context locator -->
<argument /> <!-- Request matchers -->
</service>
// ... lines 140 - 147
<service id="security.firewall.config" class="Symfony\Bundle\SecurityBundle\Security\FirewallConfig" abstract="true">
<argument /> <!-- name -->
<argument /> <!-- user_checker -->
<argument /> <!-- request_matcher -->
<argument /> <!-- security enabled -->
<argument /> <!-- stateless -->
<argument /> <!-- provider -->
<argument /> <!-- context -->
<argument /> <!-- entry_point -->
<argument /> <!-- access_denied_handler -->
<argument /> <!-- access_denied_url -->
<argument type="collection" /> <!-- listeners -->
<argument /> <!-- switch_user -->
</service>
// ... lines 162 - 223
</services>
</container>
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

Writing & Running Symfony's Tests
14 lines | symfony/src/Symfony/Bundle/SecurityBundle/Tests/Security/TargetPathHelperTest.php
// ... lines 1 - 2
namespace Symfony\Bundle\SecurityBundle\Tests\Security;
use PHPUnit\Framework\TestCase;
class TargetPathHelperTest extends TestCase
{
// ... lines 9 - 12
}
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

Writing & Running Symfony's Tests
14 lines | symfony/src/Symfony/Bundle/SecurityBundle/Tests/Security/TargetPathHelperTest.php
// ... lines 1 - 2
namespace Symfony\Bundle\SecurityBundle\Tests\Security;
use PHPUnit\Framework\TestCase;
class TargetPathHelperTest extends TestCase
{
public function testSavePath()
{
}
}
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

Writing & Running Symfony's Tests
39 lines | symfony/src/Symfony/Bundle/SecurityBundle/Tests/Security/TargetPathHelperTest.php
// ... lines 1 - 4
use PHPUnit\Framework\TestCase;
use Symfony\Bundle\SecurityBundle\Security\FirewallConfig;
use Symfony\Bundle\SecurityBundle\Security\FirewallMap;
use Symfony\Bundle\SecurityBundle\Security\TargetPathHelper;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\HttpFoundation\Session\SessionInterface;
class TargetPathHelperTest extends TestCase
{
public function testSavePath()
{
$session = $this->createMock(SessionInterface::class);
$firewallMap = $this->createMock(FirewallMap::class);
$requestStack = $this->createMock(RequestStack::class);
$request = new Request();
$requestStack->expects($this->once())
->method('getMasterRequest')
->willReturn($request);
$firewallConfig = new FirewallConfig('firewall_name', '');
$firewallMap->expects($this->once())
->method('getFirewallConfig')
->with($request)
->willReturn($firewallConfig);
$session->expects($this->once())
->method('set')
->with('_security.firewall_name.target_path', '/foo');
$targetPathHelper = new TargetPathHelper($session, $firewallMap, $requestStack);
$targetPathHelper->savePath('/foo');
}
}
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

Writing & Running Symfony's Tests
39 lines | symfony/src/Symfony/Bundle/SecurityBundle/Tests/Security/TargetPathHelperTest.php
// ... lines 1 - 4
use PHPUnit\Framework\TestCase;
use Symfony\Bundle\SecurityBundle\Security\FirewallConfig;
use Symfony\Bundle\SecurityBundle\Security\FirewallMap;
use Symfony\Bundle\SecurityBundle\Security\TargetPathHelper;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\HttpFoundation\Session\SessionInterface;
// ... lines 12 - 39
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

All about the Docs: CI & Format
414 lines | symfony-docs/security/form_login.rst
// ... lines 1 - 6
Using a :doc:`form login </security/form_login_setup>` for authentication is a
// ... lines 8 - 10
:doc:`form login configuration reference </reference/configuration/security>` to
// ... lines 12 - 414
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

All about the Docs: CI & Format
426 lines | symfony-docs/security/form_login.rst
// ... lines 1 - 392
The last request URI is stored in a session variable named
``_security.<your providerKey>.target_path`` (e.g. ``_security.main.target_path``
if the name of your firewall is ``main``). Most of the times you don't have to
deal with this low level session variable. However, if you ever need to get or
remove this variable, it's better to use the
:class:`Symfony\\Component\\Security\\Http\\Util\\TargetPathTrait` utility::
// ...
use Symfony\Component\Security\Http\Util\TargetPathTrait;
$targetPath = $this->getTargetPath($request->getSession(), $providerKey);
// equivalent to:
// $targetPath = $request->getSession()->get('_security.'.$providerKey.'.target_path');
You can also use the ``TargetPathHelper`` service in the same way::
// ... lines 409 - 426
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

All about the Docs: CI & Format
426 lines | symfony-docs/security/form_login.rst
// ... lines 1 - 407
You can also use the ``TargetPathHelper`` service in the same way::
// ... for example: from inside a controller
// ... line 411
// ...
public function register(Request $request, TargetPathHelper $targetPathHelper)
{
// the user clicked to register: save the previous URL
if ($request->isMethod('GET') && !$targetPathHelper->getPath()) {
// redirect to the Referer, or the homepage if none
$target = $request->headers->get('Referer', $this->generateUrl('homepage');
$targetPathHelper->savePath($target);
}
// later, after a successful registration POST submit
return $this->redirect($targetPathHelper->getPath());
}
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

All about the Docs: CI & Format
426 lines | symfony-docs/security/form_login.rst
// ... lines 1 - 407
You can also use the ``TargetPathHelper`` service in the same way::
// ... for example: from inside a controller
// ... lines 411 - 426
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

All about the Docs: CI & Format
426 lines | symfony-docs/security/form_login.rst
// ... lines 1 - 407
You can also use the ``TargetPathHelper`` service in the same way::
// ... for example: from inside a controller
use Symfony\Bundle\SecurityBundle\Security\TargetPathHelper;
// ...
// ... lines 413 - 426
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

All about the Docs: CI & Format
429 lines | symfony-docs/security/form_login.rst
// ... lines 1 - 407
.. versionadded:: 4.2
// ... lines 409 - 410
You can also use the ``TargetPathHelper`` service in the same way::
// ... lines 412 - 429
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

All about the Docs: CI & Format
429 lines | symfony-docs/security/form_login.rst
// ... lines 1 - 407
.. versionadded:: 4.2
The ``TargetPathHelper`` class was introduced in Symfony 4.2.
// ... lines 411 - 429
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

Services, Autowiring & Pushing To GitHub
226 lines | symfony/src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml
<?xml version="1.0" ?>
<container xmlns="http://symfony.com/schema/dic/services"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
// ... lines 6 - 12
<services>
// ... lines 14 - 162
<service id="security.target_path_helper" class="Symfony\Bundle\SecurityBundle\Security\TargetPathHelper">
// ... lines 164 - 166
</service>
// ... lines 168 - 223
</services>
</container>
See Code Block in Script
Code

Learn Symfony 5

 >

Contributing back to Symfony!

 >

Services, Autowiring & Pushing To GitHub
226 lines | symfony/src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml
<?xml version="1.0" ?>
<container xmlns="http://symfony.com/schema/dic/services"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
// ... lines 6 - 12
<services>
// ... lines 14 - 162
<service id="security.target_path_helper" class="Symfony\Bundle\SecurityBundle\Security\TargetPathHelper">
<argument type="service" id="session" />
<argument type="service" id="security.firewall.map" />
<argument type="service" id="request_stack" />
</service>
// ... lines 168 - 223
</services>
</container>
See Code Block in Script
37 38 39 40 41