5

I work on a new Symfony 2 project. I'm learning this framework at the same time. For the user management, I use the bundle FOSUserBundle. My project works very well, I can login, register, logout and all other commands available.

The thing is that I want to make smartphone app which will use the API of my Symfony app. In the app, the user will have to sign in, or to sign up. Is it possible to use FOSUserBundle methods for API too?

I studied another bundle for making an API, it's FOSRestBundle. If there are not solution, do you think that I will have to create my own users method like :

    /api/login
    /api/register

Then, inside this method, I redirect to FOSUserBundle methods? I'm just wondering what is the best, and the cleanest way to login, and register with FOSUserBundle from smartphone, so by using API

Ondrej Slinták
  • 31,386
  • 20
  • 94
  • 126
manonthemoon
  • 2,611
  • 8
  • 26
  • 40
  • You might take a look to Silex, there is a quick documentation that explains how to build a simple RESTFul service: http://silex.sensiolabs.org/doc/cookbook/json_request_body.html Also, check out this repo: https://github.com/emedlr/restful-app – Manu Oct 24 '13 at 22:34
  • 1
    FosRestBundle is the tool/bundle to fix your problem – Wouter J Oct 24 '13 at 22:50
  • @WouterJ, FosRestBundle... So you mean that I should do the solution I put on my description ? "If there are not solution, do you think that I will have to create my own users method like .... Then, inside this method, I redirect to FOSUserBundle methods ? " Thanks for your help – manonthemoon Oct 25 '13 at 18:34

3 Answers3

5

I have this problem too. I found the best solution is this

use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;

class YourController extends Controller{
//Other Methods..

public function loginAction(Request $request){
    try{
        $token = $this->get('security.authentication.manager')->authenticate(new UsernamePasswordToken('username', 'password', 'firewall'));
        $this->get('security.context')->setToken($token);
    }
    catch(BadCredentialsException $e){
        return new Response("Bad credentials", 403);
    }
    return new Response("success");
}
}
programmer
  • 324
  • 8
  • 22
thewbb
  • 236
  • 4
  • 8
  • 1
    When given bad credentials, $this->get('security.authentication.manager')->authenticate returns a redirect response to login page in Symfony 2.7 – programmer Mar 21 '16 at 17:29
  • Perfect solution for me, I implemented API login system under FOSUserBundle with this approach. But you forgot to add this: `$event = new InteractiveLoginEvent($request, $token); $this->get("event_dispatcher")->dispatch("security.interactive_login", $event);` Refer [here](http://stackoverflow.com/a/9550356/4102223) for more info – Arkemlar Apr 08 '16 at 16:19
2

I used the FOSRestBundle.

This bundle is very powerful and simple to implement. The documentation is pretty complete.

The github link of FOSRestBundle here

Hope that it helps

manonthemoon
  • 2,611
  • 8
  • 26
  • 40
1

You need to check WSSE and how to integrate it to symfony. Also check this post. And there is a bundle that implementing WSSE authentication. WSSE one of the best solutions for your app.

hd.deman
  • 1,268
  • 12
  • 17