API Platform Crash Course Part 15: Custom Authentication with Symfony Authenticators

preview_player
Показать описание
ℹ This is a crash course on the API Platform which is intended to get you writing your own API's as quickly as possible. In part 15, we'll create a custom Symfony authenticator which will check the validity of a supplied token before allowing or denying the request to go any further.

💻Source code here:

👇Follow me on Social Media:

💕Show support:

💻If you are just consuming your own API and you want traditional session authentication then check out this Symfonycasts tutorial:
Рекомендации по теме
Комментарии
Автор

Just working on the follow up to this and realised there's a big security vulnerability. Please change your supports method to look like this instead:

public function supports(Request $request): ?bool
{
return str_starts_with($request->getPathInfo(), '/api/');
}

This will be covered in the next recording (and the reason for the change if not obvious) anyway.

GaryClarkeTech
Автор

Great video!
I get this exception when I make a request with a valid apitoken:
{"message":"Authentication request could not be processed due to a system problem."}

any suggestion?

fernastereo
Автор

seem like there is a vulerability with API Platform for 5.x symfony version (composer raises vulnerability)

urprise
Автор

Hello, how can I log in users on first registration with custom authenticator?

petarvitanov
Автор

how can i build the user/me to find who is logged in and send the id so i can use it in the front and thank uu it's supper helpfull im working on project with api-platform and there's no good ressource i hope u go further with this playlist

farjallahhaythem
Автор

Hey @Gary, is there any workaround for this
"php bin/console make:auth"


[ERROR] MakerBundle only supports the new authenticator based security system. See

thecodingchronicles
Автор

I'm using an ApiTokenAuthenticator class that extends AbstractAuthenticator, and I need to use the user ID associated with each token in each POST.

public function setAddedBy(int $added_by): self
{
$added_by= **CURRENT_USER_ID**;
$this->added_by = $added_by;
return $this;
}
}
Can you help me with this?

descabella
Автор

Hi Gary. I could use some help. Is there a way to get any support from you or the Blockdaemon team? Any way I could send you a private email?

brittneyboone
visit shbcf.ru