worked on security

This commit is contained in:
Nick Yeoman 2022-11-17 14:07:14 -08:00
parent 488afbca2a
commit 46a617f9f4
3 changed files with 105 additions and 6 deletions

View File

@ -76,21 +76,31 @@ echo "SASS installed you still need to run sass sass/$1.sass public/css/main.css
composer req symfony/process
composer req asset
composer req annotations
composer req symfony/apache-pack
# untested
composer require symfony/security-bundle
################################################################################
# Symfony development bundles
################################################################################
# Dev components
composer req --dev maker
composer req --dev symfony/profiler-pack
composer req debug logger
################################################################################
# Symfony security
################################################################################
composer require symfony/security-bundle
composer require form validator
composer require symfonycasts/verify-email-bundle
################################################################################
# Docker
################################################################################
# For the Apache container
composer req symfony/apache-pack
# You need the following variables in your env for docker-compose
echo '' >> .env
echo '# For Docker compose' >> .env

View File

@ -6,4 +6,13 @@ Checks the version, support, kernel and php
## version
php bin/console --version
php bin/console --version
## Manually hash a password
php bin/console security:hash-password
# Composer Cheat Sheet
## Installed Recipes
Use ```composer recipes``` to see which bundles you have installed.

View File

@ -1 +1,81 @@
https://symfony.com/doc/current/security.html
# User Authentication
## Create a user class
Permissions are linked to a user object.
```bash
php bin/console make:user
```
Now you will want to sync the databse
```bash
php bin/console make:migration
php bin/console doctrine:migrations:migrate
```
## Registration Form
You can use maker to do this (symfonycasts/verify-email-bundle must be installed, which is done through the install script)
```bash
php bin/console make:registration-form
```
## Login Form
```php bin/console make:controller Login```
You have to add
```yaml
form_login:
login_path: app_login
check_path: app_login
```
to the firewalls section of config/packages/security.yaml
### Modify the controller
```php
$error = $authenticationUtils->getLastAuthenticationError();
$lastUsername = $authenticationUtils->getLastUsername();
return $this->render('login/index.html.twig', [
'last_username' => $lastUsername,
'error' => $error,
]);
```
### Modify the template
```php
{% block content %}
{% if error %}
<div>{{ error.messageKey|trans(error.messageData, 'security') }}</div>
{% endif %}
<form action="{{ path('app_login') }}" method="post">
<label for="username">Email:</label>
<input type="text" id="username" name="_username" value="{{ last_username }}"/>
<label for="password">Password:</label>
<input type="password" id="password" name="_password"/>
{# If you want to control the URL the user is redirected to on success
<input type="hidden" name="_target_path" value="/account"/> #}
<button type="submit">login</button>
</form>
{% endblock %}
```
## Loggging Out
https://symfony.com/doc/current/security.html#logging-out
## Access Control (Authorization)
https://symfony.com/doc/current/security.html#access-control-authorization
## References
* https://symfony.com/doc/current/security.html