sokil / user-bundle
User bundle
Requires
- php: ^5.5 || ^7.0
- sokil/command-bus-bundle: ^0.4.2
Requires (Dev)
- doctrine/doctrine-bundle: ^1.3
- phpunit/phpunit: >=3.7.38 <6.0
- satooshi/php-coveralls: 1.0.*
- sensio/framework-extra-bundle: ^2.8||~3.0,>=3.0.2
- symfony/form: ^2.8||^3.0
- symfony/framework-bundle: ^2.8 || ^3.0
- symfony/serializer: ^2.8|^3.0
- symfony/validator: ^2.8||^3.0
Suggests
- sokil/deploy-bundle: Deploy symfony2 apps
- sokil/frontend-bundle: Required to enable SPA
README
User attributes, groups and roles management.
Installation
Install bundle through composer:
composer.phar require sokil/user-bundle
Add bundle to AppKernel:
<?php class AppKernel extends Kernel { public function registerBundles() { $bundles = array( # user bundle is a collection of command handlers so we need command bus new Sokil\CommandBusBundle\CommandBusBundle(), new Sokil\UserBundle\UserBundle(), ); } }
Configuration
Bundle declares some routes, so configure them manually or add pre-configured to your ./app.config/routing.yml
:
user: resource: "@UserBundle/Resources/config/routing.yml" prefix: /
Then set access control for some of them in ./app/config/security.yml
:
security: # define encoder encoders: Sokil\UserBundle\Entity\User: sha512 # add some roles role_hierarchy: ROLE_USER_VIEWER: [ROLE_USER] ROLE_USER_MANAGER: [ROLE_USER_VIEWER] ROLE_ADMIN: - ROLE_USER_MANAGER ROLE_SUPER_ADMIN: - ROLE_ADMIN - ROLE_ALLOWED_TO_SWITCH # define provider providers: user_provider_email: id: user.user_provider.email # configure filewall firewalls: # disables authentication for assets and the profiler, adapt it according to your needs dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false # main zone main: pattern: ^/ form_login: provider: user_provider_email # csrf_provider: form.csrf_provider # Your session has timed out, or you have disabled cookies. require_previous_session: false success_handler: user.authentication_success_handler failure_handler: user.authentication_failure_handler logout: target: / success_handler: user.logout_success_handler anonymous: true remember_me: key: "%secret%" lifetime: 604800 # 1 week path: / name: token httponly: true # define access control access_control: - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
Add some bundle configuration to app/config/config.yaml
:
# User user: # add if user allowed to register himself registration: security: firewall: main roles: - ROLE_CLIENT
Create tables:
./app/console doctrine:schema:update
User roles
Role | Description |
---|---|
ROLE_USER_VIEWER | Can view user list and user profile |
ROLE_USER_MANAGER | Can edit user |
User attributes
User attribures based on EAV model. Attributes represented by entities, extended from class UserAttribute
, values represented by entity UserAttributeValue
. Attributes associayed with users' groups, so user has only attributes, related to it's groups.
Authentication
Login form
Login form has next form:
<form action="/login_check" method="post"> <input type="hidden" name="_csrf_token"> <input type="text" name="_username"> <input type="password" name="_password"> <input type="checkbox" name="_remember_me"> <button type="submit" class="btn btn-success">Log in</button> </form>
Input names on this form is default and may be configured, as described in Full Default Configuration
Ajax response of login and logout request
There are two event listeners, which overrides response of login request to handle ajax requests:
user.authentication_success_handler: class: Sokil\UserBundle\EventListener\AuthenticationSuccessHandler arguments: ['@security.http_utils', {}] user.authentication_failure_handler: class: Sokil\UserBundle\EventListener\AuthenticationFailureHandler arguments: ['@http_kernel', '@security.http_utils', {}, "@logger"]
Configure security firewall to use this listeners in ./app/config/security.yml
:
security: firewalls: main: form_login: success_handler: user.authentication_success_handler failure_handler: user.authentication_failure_handler
Also you can override logout response handler to handle json response:
user.logout_success_handler: class: Sokil\UserBundle\EventListener\LogoutSuccessHandler arguments: ['@security.http_utils', '/']
You can configure filrewa;; to use this listener in ./app/config/security.yml
:
security: firewalls: main: form_login: success_handler: user.logout_success_handler target: /
User interface
Early release may be found at https://github.com/sokil/UserBundle.js
Backbone/Marionette app with posibility to use different themes.