aldee07/api-auth-bundle

此包最新版本(1.0.11)没有可用的许可证信息。

Symfony2 Rest Helper

此包的官方仓库似乎已消失,因此该包已被冻结。

1.0.11 2015-07-03 09:30 UTC

This package is not auto-updated.

Last update: 2021-03-23 15:25:42 UTC


README

注意:此项目仍在开发中!

aldee-apiAuth-bundle

A Symfony2 Web Service Helper and Authentication Handler Bundle

一、安装

通过Composer安装此包

composer require aldee07/api-auth-bundle

注册包

// app/AppKernel.php
new JMS\SerializerBundle\JMSSerializerBundle(),   
new Aldee\ApiAuthBundle\ApiAuthBundle(),   

二、配置

为了使用方便,我定义了可配置的设置作为参数。当然,您可以覆盖此包默认定义的配置。以下是可配置参数条目的列表。

# app/config/config.yml -- but its up to you where as long as it is loaded in config and is under parameters context
parameters:
    aldeeapiauthbundle_config.user_provider: AppBundle\Security\UserProvider
    aldeeapiauthbundle_config.identifier: "apikey"
    aldeeapiauthbundle_config.asHeader: true

参数定义

  • aldeeapiauthbundle_config.user_provider - 必须。 要加载的用户提供者类。您必须自己创建此用户提供者类。此类应实现 Aldee\ApiAuthBundle\Security\ApiUserProviderInterface。

  • aldeeapiauthbundle_config.identifier - 可选。 @see Aldee\ApiAuthBundle\Security\KeyAuthenticator::__construct( )

  • aldeeapiauthbundle_config.asHeader - 可选。 @see Aldee\ApiAuthBundle\Security\KeyAuthenticator::__construct( )

  • aldeeapiauthbundle_config.allowCrossDomain - 可选。 是否允许跨域。默认为true

安全配置

security:
    providers:
        aldeeapiauthbundle_user_provider:
            id: aldeeapiauthbundle_user_provider        
        #...

    firewalls:
        api:
            pattern: ^/api
            stateless: true # must be true
            simple_preauth:
                authenticator: aldeeapiauthbundle_key_authenticator
            provider: aldeeapiauthbundle_user_provider
        #...

用户提供者配置

现在一切准备就绪,最后要做的就是创建您的自定义用户提供者类,通过创建一个用户提供者(见“参数定义”)来实现包装接口 Aldee\ApiAuthBundle\Security\ApiUserProviderInterface

namespace AppBundle\Security;

use AppBundle\Entity\MyUserEntity;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
use Aldee\ApiAuthBundle\Security\ApiUserProviderInterface;

class UserProvider implements ApiUserProviderInterface
{
    /**
     * @inheritdoc
     */
    public function getUsernameForApiKey($apiKey)
    {
        // your db fetching here and return username
        //...
    }
    
    /**
     * @inheritdoc
     */
    public function loadUserByUsername($username) 
    {
        $myUser = new MyUserEntity();
        
        // your db fetching here that hydrates to $myUser
        //...
        
        return $myUser;        
    }
    
    /**
     * @inheritdoc
     */
    public function refreshUser(UserInterface $user) 
    {
        throw new UnsupportedUserException();
    }
    
    /**
     * @inheritdoc
     */
    public function supportsClass($class)
    {
        return 'Symfony\Component\Security\Core\User\User' === $class;
    }
}

三、使用

class DefaultController extends Controller
{    
    /**
     * @Route("/api/example.json", name="example")
     */
    public function indexAction()
    {
        $response = $this->get('aldeeapiauthbundle_response');
        
        // The data result to be sent back to the client
        $data = [1, 2, 3, 'hello', 'world', 'foo' => ['bar', 'baz']];
        
        // Your custom api result status code
        $statusCode = 1501;
        
        // Http status code to be sent in the header
        $httpCode = 200; 
        
        // The response format to use (xml|json|yml)
        $format = 'json';
        
        // Your custom api result message
        $message = 'Success!';

        $response->prepare($data, $statusCode, $message);
        
        return $response->dispatch($httpCode, $format);
    }
}