bricre / micro-service-common
Common components used for Bricre micro services
0.0.2
2022-01-02 15:35 UTC
Requires
- lexik/jwt-authentication-bundle: ^2.8
- nixilla/php-jwt: ^0.1
- symfony/framework-bundle: ^5|^6
- symfony/http-client: ^5|^6
- symfony/serializer-pack: ^1.0
This package is auto-updated.
Last update: 2024-10-29 06:00:10 UTC
README
Symfony bundle - micro-service-common
This is a Symfony bundle contains some commonly used components for Bricre micro services.
Installation
composer require bricre/micro-service-common
Security
LexikJWTAuthenticationBundle is used to provide JWT based security guard.
# security.yaml
security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
# used to reload user from session & other features (e.g. switch_user)
app_user_provider:
entity:
class: App\Entity\User
property: username
firewalls:
main:
anonymous: true
lazy: true
provider: app_user_provider
stateless: true
json_login:
check_path: /api/user/login
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
To use this bundle, you will have to have Kong available as APIGateway. Internally it calls Kong's admin API to create Consumer and retrieves JWT credentials.
Make sure in your .env to have SERVICE_KONG environment variable pointing to the Kong server
SERVICE_KONG=kong
Security work flow
json_login
will useapp_user_provider
to validate username and password- Once login credential accepted,
lexik_jwt_authentication.handler.authentication_success
will return a JWT token, whereBricre\MicroServiceCommonBundle\EventListener\JWTCreatedListener
would inject the current User information into the token. - User then use
Authentication: Bearer xxxxxxxx
header to make request - Since the User info has already existed in the token (JWT payload),
lexik_jwt_authentication.jwt_token_authenticator
would automatically decode the token and authenticate the user.