Name: VoucherAuthenticationBundle
Owner: Elao
Description: Provide authentication through vouchers (for email link).
Created: 2016-11-14 13:48:49.0
Updated: 2016-11-25 09:37:04.0
Pushed: 2016-11-23 21:50:15.0
Homepage: null
Size: 27
Language: PHP
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
Provide authentication through vouchers (for email link).
composer require elao/voucher-authentication-bundle
app/AppKernel.php
:s AppKernel extends Kernel {
public function registerBundles() {
return [
// ...
new Elao\Bundle\VoucherAuthenticationBundle\ElaoVoucherAuthenticationBundle(),
];
}
By importing the provided route configuration in your app/config/routing.yml
:
uting.yml
_voucher_authentication:
resource: "@ElaoVoucherAuthenticationBundle/Resources/config/routing.xml"
prefix: /
Note: You can also declare your own route as long as you specify the corresponding check_path
and token_parameter
parameters in your voucher security configuration (see “Custom voucher route”).
The Voucher Authentication bundle porvider a voucher
security provider.
You can enable voucher authentication very simply in your security.yml
:
rity:
firewalls:
main:
voucher: ~
Create a new VoucherInterface
(you can use the provided DisposableAuthenticationVoucher
implementation or make your own).
Then get its token with getToken()
and, for example, send it to the user by email:
Elao\Bundle\VoucherAuthenticationBundle\Voucher\DisposableAuthenticationVoucher;
s SecurityController extends Controller {
/**
* @Route("forgot-password", name="forgot_password")
*/
public function forgotPasswordAction()
{
$voucher = new DisposableAuthenticationVoucher('jane_doe', '+1 hour');
$activationUrl = $this->generateUrl('voucher', ['token' => $voucher->getToken()]);
// Don't forget to persist the voucher, or the user won't be able to log in.
$this->get('elao_voucher_authentication.voucher_provider.default')->persist($voucher);
$this->mailer->sendResetPasswordEmail($activationUrl);
}
Generate a voucher for the given username (optionally set a time-to-live):
bin/console voucher:generate:authenticatio [username] (--ttl="+1 hour")
Will result in:
Authentication voucher for user admin with expiration on 2016-11-15 13:42:24: 6fb11ec1eecd07865d940dd0f990d66b
You can protect a route, or any part of you app, by requiring a specific voucher authentication.
For exameple, you can allow the route to reset password only to users authenticated via a Voucher with intent reset_password
.
Use the following security expression: is_granted('voucher', $intent)
where $intent is the intent you provided to your Voucher
object.
s SecurityController extends Controller
/**
* @Route("reset_password", name="reset_password")
* @Security("is_granted('voucher', 'password')")
*/
public function resetPasswordAction() {}
ull configuration
security:
firewalls:
main:
voucher:
remember_me: true
check_path: voucher
use_forward: false
require_previous_session: true
token_parameter: token
always_use_default_target_path: false
default_target_path: /
login_path: /login
target_path_parameter: _target_path
use_referer: false
failure_path: null
failure_forward: false
failure_path_parameter: _failure_path
voucher_provider: elao_voucher_authentication.voucher_provider.default
ustom voucher route
my_voucher_route:
path: /activate/{my_token}
security:
firewalls:
main:
voucher:
check_path: my_voucher_route
token_parameter: my_token