|
1 | 1 | How to Write a Custom Authenticator |
2 | 2 | =================================== |
3 | 3 |
|
4 | | -Symfony comes with:ref:`many authenticators<security-authenticators>` and |
5 | | -third party bundles also implement more complex cases like JWT and oAuth |
6 | | -2.0. However, sometimes you need to implement a custom authentication |
7 | | -mechanism that doesn't exist yet or you need to customize one. In such |
8 | | -cases, you can use the ``make:security:custom`` command to create your own |
9 | | -authenticator. |
10 | | - |
11 | | -Authenticators should implement the |
12 | | -:class:`Symfony\\Component\\Security\\Http\\Authenticator\\AuthenticatorInterface`. |
13 | | -You can also extend |
14 | | -:class:`Symfony\\Component\\Security\\Http\\Authenticator\\AbstractAuthenticator`, |
15 | | -which has a default implementation for the ``createToken()`` |
16 | | -method that fits most use-cases:: |
| 4 | +Symfony comes with:ref:`many authenticators<security-authenticators>`, and |
| 5 | +third-party bundles also implement more complex cases like JWT and OAuth 2.0. |
| 6 | +However, sometimes you need to implement a custom authentication mechanism |
| 7 | +that doesn't exist yet, or you need to customize an existing one. |
| 8 | + |
| 9 | +To save time, you can install `Symfony Maker`_ and let Symfony generate a new |
| 10 | +authenticator by running the following command: |
| 11 | + |
| 12 | +..code-block::terminal |
| 13 | +
|
| 14 | + $ php bin/console make:security:custom |
| 15 | +
|
| 16 | + What is the class name of the authenticator (e.g. CustomAuthenticator): |
| 17 | + > ApiKeyAuthenticator |
| 18 | +
|
| 19 | + updated: config/packages/security.yaml |
| 20 | + created: src/Security/ApiKeyAuthenticator.php |
| 21 | +
|
| 22 | + Success! |
| 23 | +
|
| 24 | +Open the ``src/Security/ApiKeyAuthenticator.php`` file created by this command, |
| 25 | +and you'll find something like the following:: |
17 | 26 |
|
18 | 27 | // src/Security/ApiKeyAuthenticator.php |
19 | 28 | namespace App\Security; |
@@ -78,13 +87,23 @@ method that fits most use-cases:: |
78 | 87 | } |
79 | 88 | } |
80 | 89 |
|
| 90 | +Authenticators must implement the |
| 91 | +:class:`Symfony\\Component\\Security\\Http\\Authenticator\\AuthenticatorInterface`. |
| 92 | +You can also extend |
| 93 | +:class:`Symfony\\Component\\Security\\Http\\Authenticator\\AbstractAuthenticator`, |
| 94 | +which provides a default implementation of the ``createToken()`` method suitable |
| 95 | +for most use cases. |
| 96 | + |
81 | 97 | ..tip:: |
82 | 98 |
|
83 | | - If your custom authenticator is a login form,you can extend from the |
| 99 | + If your custom authenticator is a login form,consider extending |
84 | 100 | :class:`Symfony\\Component\\Security\\Http\\Authenticator\\AbstractLoginFormAuthenticator` |
85 | | -class insteadtomake yourjob easier. |
| 101 | + tosimplify yourimplementation. |
86 | 102 |
|
87 | | -The authenticator can be enabled using the ``custom_authenticators`` setting: |
| 103 | +Custom authenticators must be explicitly enabled in the security configuration |
| 104 | +using the ``custom_authenticators`` setting of your firewall(s). If you used the |
| 105 | +``make:security:custom`` command, this configuration is already updated, but you |
| 106 | +should review it: |
88 | 107 |
|
89 | 108 | ..configuration-block:: |
90 | 109 |
|
@@ -390,4 +409,5 @@ authenticator methods (e.g. ``createToken()``):: |
390 | 409 | } |
391 | 410 | } |
392 | 411 |
|
| 412 | +.. _`Symfony Maker`:https://symfony.com/doc/current/bundles/SymfonyMakerBundle/index.html |
393 | 413 | .. _`session storage flooding`:https://symfony.com/blog/cve-2016-4423-large-username-storage-in-session |