Api authentication bundle for Symfony2
{
"require": {
"sergic/api-authentication-bundle": "0.1.*@dev"
}
}
Now tell composer to download the bundle by running the command:
$ php composer.phar update sergic/api-authentication-bundle
// application/ApplicationKernel.php
public function registerBundles()
{
return array(
// ...
new INB\Bundle\ApiAuthenticationBundle\INBApiAuthenticationBundle(),
// ...
);
}
with token parameter
// src/Acme/AcmeBundle/Entity/User.php
/**
* User Api token
*
* @var string
*/
protected $token;
public function __construct()
{
$this->token = null;
}
/**
* {@inheritdoc}
*/
public function getToken()
{
return $this->token;
}
/**
* {@inheritdoc}
*/
public function setToken($token)
{
$this->token = $token;
return $this;
}
/**
* {@inheritdoc}
*/
public function generateApiToken()
{
$this->token = md5(md5(time() + rand(11111, 99999)));
return $this;
}
// src/Acme/AcmeBundle/Repositroy/UserRepository.php
use Ft\Bundle\CoreBundle\Doctrine\ORM\EntityRepository;
class UserRepository extends EntityRepository
{
/**
* Constructor.
*
* @param EncoderFactoryInterface $encoderFactory
* @param EntityManager $em The EntityManager to use.
* @param ClassMetadata $class The class descriptor.
*/
public function __construct($em, ClassMetadata $class, EncoderFactoryInterface $encoderFactory = null)
{
parent::__construct($em, $class);
$this->encoderFactory = $encoderFactory;
}
}
# src/Acme/AcmeBundle/Resources/config/services.yml
parameters:
acme.user.class: Acme\AcmeBundle\Entity\User
acme.repository.user.class: Acme\AcmeBundle\Repositroy\UserRepository
services:
user_metadata:
class: Doctrine\ORM\Mapping\ClassMetadata
factory-method: getClassMetadata
arguments: [%acme.user.class%]
acme.repository.user:
class: %acme.repository.user.class%
arguments: [@doctrine.orm.entity_manager, @user_metadata, @security.encoder_factory]
# app/config/security.yml
security:
providers:
api_provider:
id: inb_api_auth.provider
firewalls:
api:
provider: api_provider
pattern: ^(/[^\/]+)/api|^/api
access_denied_url: ^(/[^\/]+)/api|^/api/unauthorized
api: { lifetime: '30D' }
stateless: true
anonymous: true
encoders:
Acme\AcmeBundle\Entity\User: sha512
access_control:
- { path: ^(/[^\/]+)/api/*|^/api/*, roles: [ROLE_USER] }