通过 
搜索
搜索sf4 / api-security
为 Symfony 4 设计的简单安全包
v1.0.7
2019-04-08 18:57 UTC
Requires
- php: ~7.1
- ext-json: *
- curl/curl: ^2.2
- google/apiclient: ^2.2
- sf4/api-user: ^1.4
- symfony/security-bundle: ^4.2
Requires (Dev)
- phpunit/phpunit: >=7.0
- squizlabs/php_codesniffer: ^3.0
This package is not auto-updated.
Last update: 2024-10-01 21:20:44 UTC
README
结构
如果以下任何一项适用于您的项目,则目录结构应遵循行业最佳实践,并命名为以下。
bin/
config/
src/
tests/
vendor/
安装
通过 Composer
$ composer require sf4/api-security
用法
config/bundles.php
<?php return [ # ... Symfony\Bundle\SecurityBundle\SecurityBundle::class => ['all' => true] ];
config/services.yaml
services: # ... Sf4\ApiSecurity\Command\UserRightCreator: class: Sf4\ApiSecurity\Command\UserRightCreator tags: - { name: 'console.command', command: 'api-security:create-user-rights' } arguments: $requestHandler: '@Sf4\Api\RequestHandler\RequestHandlerInterface' Sf4\Api\Repository\RepositoryFactory: class: Sf4\Api\Repository\RepositoryFactory arguments: $entityManager: '@Doctrine\ORM\EntityManagerInterface' $entities: # user: Sf4\ApiUser\Entity\User # user_detail: Sf4\ApiUser\Entity\UserDetail user: Sf4\ApiSecurity\Entity\User user_detail: Sf4\ApiSecurity\Entity\UserDetail user_role: Sf4\ApiSecurity\Entity\UserRole user_right: Sf4\ApiSecurity\Entity\UserRight user_role_right: Sf4\ApiSecurity\Entity\UserRoleRight # ... Sf4\ApiSecurity\EventSubscriber\RequestSubscriber: ~ Sf4\ApiSecurity\Security\Authenticator\TokenAuthenticator: class: Sf4\ApiSecurity\Security\Authenticator\TokenAuthenticator arguments: - '@Doctrine\ORM\EntityManagerInterface'
config/packages/doctrine.yaml
doctrine: # ... orm: # ... mappings: # ... # Sf4\ApiUser: # is_bundle: false # type: annotation # dir: '%kernel.project_dir%/vendor/sf4/api-user/src/Entity' # prefix: 'Sf4\ApiUser\Entity' # alias: Sf4\ApiUser Sf4\ApiSecurity: is_bundle: false type: annotation dir: '%kernel.project_dir%/vendor/sf4/api-security/src/Entity' prefix: 'Sf4\ApiSecurity\Entity' alias: Sf4\ApiSecurity
config/packages/security.yaml
security: encoders: Sf4\ApiSecurity\Entity\User: algorithm: argon2i providers: app_user_provider: entity: class: Sf4\ApiSecurity\Entity\User property: email firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: anonymous: true stateless: true logout: ~ guard: authenticators: - Sf4\ApiSecurity\Security\Authenticator\TokenAuthenticator access_control: - { path: ^/security, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/site, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/admin, roles: ROLE_ADMIN } - { path: ^/user, roles: ROLE_USER }
config/packages/translation.yaml
framework:
# ...
translator:
# ...
paths:
# ...
- '%kernel.project_dir%/vendor/sf4/api-security/src/translations'
创建超级管理员
bin/console api-security:create-super-admin
创建用户权限
bin/console api-security:create-user-rights
测试
$ composer test
贡献
请参阅 CONTRIBUTING 和 CODE_OF_CONDUCT 获取详细信息。
安全
如果您发现任何与安全相关的问题,请通过电子邮件 siim.liimand@gmail.com 通知,而不是使用问题跟踪器。
致谢
许可
MIT 许可证 (MIT)。请参阅 许可文件 获取更多信息。