Custom login_check controller
3,638 views
Skip to first unread message
Robert Rypuła
Sep 29, 2011, 3:12:26 AM9/29/11
to FriendsOfSymfony Developer
Hello,
I'm new symfony 2.0 developer and I have trouble with customization
of login_check code. I've overloaded all FOSUser controllers -
registration,
password resseting etc but I can't find way to overload login form
controller.
I know that authentication is handled by Symfony security system.
I've found method 'authenticate' in Symfony\Component\Security\Core\
\Authentication\Provider\UserAuthenticationProvider class
where all data from form are checked but it is vendor class - I don't
want to
put code there.
All this is need for one thing:
When user submit login form I must check login & password in remote
API
(its existing application on another machine). When user is in that
API and
don't exists as FOSUser I must register him manually like by the
register form.
The point is that I don't know how to create my own login form
controller and do not
destroy FOSUser provider with rest of functionality - logout etc
l read all doc about FOSUser, info on google and I can't find nothing
usefull.
FOSUser is great job and I want to use it in my project but I stucked
and dont'
know that to do. If You can help me it whould be great!
Thank in advance
Robert Rypula
I'm new symfony 2.0 developer and I have trouble with customization
of login_check code. I've overloaded all FOSUser controllers -
registration,
password resseting etc but I can't find way to overload login form
controller.
I know that authentication is handled by Symfony security system.
I've found method 'authenticate' in Symfony\Component\Security\Core\
\Authentication\Provider\UserAuthenticationProvider class
where all data from form are checked but it is vendor class - I don't
want to
put code there.
All this is need for one thing:
When user submit login form I must check login & password in remote
API
(its existing application on another machine). When user is in that
API and
don't exists as FOSUser I must register him manually like by the
register form.
The point is that I don't know how to create my own login form
controller and do not
destroy FOSUser provider with rest of functionality - logout etc
l read all doc about FOSUser, info on google and I can't find nothing
usefull.
FOSUser is great job and I want to use it in my project but I stucked
and dont'
know that to do. If You can help me it whould be great!
Thank in advance
Robert Rypula
ryan weaver
Sep 29, 2011, 12:25:41 PM9/29/11
to friendsofs...@googlegroups.com
Hi Robert!
What you need to do is somewhat advanced. It doesn't involve the overriding of the user bundle's controller, but rather the introduction of a custom authentication listener. You see, the user bundle's controller doesn't actually handle the authentication (it just renders the form). Instead, there are layers in Symfony - called authentication listeners - that watch for incoming requests, and actually handle the authentication process. Your custom authentication listener would go out to your API, verify the user, and if the user were legit, would use the FOSUserBundle's user manager to fetch the user from the database (or create a new user).
So, you'd no longer use FOSUserBundle's authentication listener, but instead, your own. Docs in custom authentication listeners can be found here: http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html
Good luck!
Ryan Weaver
US Office Head & Trainer - KnpLabs - Nashville, TN
http://www.knplabs.com
http://www.thatsquality.com
Twitter: @weaverryan
Reply all
Reply to author
Forward
0 new messages