The key benefits of the dump()
method are better implemented and maintained in Ladybug: PHP 5.3+ Extensible Dumper. It's suggested that you use that library.
This code will no longer be supported.
Creates an avenue for using ApiKey authentication for Symfony2. Requires FOSUserBundle
License: Apache License 2.0
The key benefits of the dump()
method are better implemented and maintained in Ladybug: PHP 5.3+ Extensible Dumper. It's suggested that you use that library.
This code will no longer be supported.
Looking for a library to use and noticed you use rand to generate api keys.
You should use random_bytes or similar to securely do this. Rand is not appropriate.
Hi, followed your instructions for installation and have hit a problems
I am getting error that no authenication listener is registered for firewall auth
Any ideas ?
Hi.
Quick question: What in the FOSUserBundle is this bundle dependent on? In other words, what is it with the UserEntity in the FOSUserBundle it needs? Or is the dependency elsewhere? As you might understand, what I really want to know is if it's any way to use this without using the FOSUserBundle.
How to from controller get user related with apikey for current request?
I'm getting the following exception:
ServiceNotFoundException: The service "security.authentication.manager" has a dependency on a non-existent service "security.user.provider.concrete.fos_userbundle".
When using the following security configuration:
providers:
db:
id: uecode.api_key.provider.user_provider
Is there more configuration I'm missing? Because I'm migrating from the FOSUserBundle to this, and it seems a bit... underwhelming in the documentation.
I'm using this bundle with FOSRestBundle and FOSUserBundle.
In order to produce a JSON response to a failed authentication I've found that I need to modify:
vendor/uecode/api-key-bundle/src/Uecode/Bundle/ApiKeyBundle/Security/Firewall/ApiKeyListener.php:73
//throw $failed;
$message = $failed->getMessage();
Is this a bug, or should I not need to do this to get a JSON response?
The method doAuth throw exception with messages, so it should be customable.
One way to do it is by extending the class but since doAuth is a private method, you can't.
Would you take this in consideration ?
Thanks for your awesome code,
Cyrille
Lets said I have a restful API open to the world and I don't want that, instead I want to secure the endpoint. This is part of my security.yml
file:
access_control:
- { path: ^/api/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
As you can see any can access the API so this area needs to be secured in somehow. My idea? By passing a parameter at the request header. Since my client is an iOs app then they need to take care of send that parameter when request any API endpoint. The parameter is named X-PDONE-SESSION-ID
and basically it holds a PHP session. How I can protect the API? Any ideas using this bundle or any other ideas?
Is it mandatory to require FOSUserBundle ~2.0@dev ? why not just last stable ~1.3 ?
Hi,
i'm working on a fork of this bundle to remove the FOSUserBundle dependency and just rely on Doctrine. Would you support it in this way? So i would make a Pull Request. Otherwise, I'll refactor it it my own Namespace and add some more stuff.
Hi,
I've some trouble with your bundle.
I've got this error : No Authentication Provider found for token of class "Uecode\Bundle\ApiKeyBundle\Security\Authentication\Token\ApiKeyUserToken".
My config.yml
:
#FOS User Configuration
fos_user:
db_driver: orm
firewall_name: auth
user_class: LIG\Bundle\UserBundle\Entity\UserApi
My security.yml
:
security:
providers:
db:
id: uecode.api_key.provider.user_provider
fos_userbundle:
id: fos_user.user_provider.username
in_memory:
memory:
users:
user: { password: userpass, roles: [ 'ROLE_USER' ] }
admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
auth:
pattern: ^/api/.*
api_key: true
stateless: true
Can you tell me what's wrong ?
Thx a lot for your time.
Best regards
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.