E1.18 Php Symfony Security: Implementation features (Wpf, Xamarin, Angular SPA, Reactjs SPA) - chempkovsky/CS2WPF-and-CS2XAMARIN GitHub Wiki
Note 1:
Implementation features are related to Security of Symfony 5.3. Please refer to Symfony Security article first and then pay special attention to the Authenticator-based Security article. Generated code inherits AbstractAuthenticator instead of AbstractGuardAuthenticator
Note 2:
Microsoft implementation of JWT authentication (i.e. token()-method) expects the body of the post method to be not "json", but just the string like below
username=myname&password=myassword&grant_type=password
Note 3.1:
The generated code for JWT authentication follows the guidelines outlined in "How to Authenticate User in Symfony 5 by Jwt" article. We do not forget about AbstractAuthenticator to be the base class.
Note 3.2:
firebase/php-jwt is used in our Lavarel(Lumen) projects as well.
Note 4:
We do not use LexikJWTAuthenticationBundle. Please read lexik/LexikJWTAuthenticationBundle does not work with symfony 5.2
Note 5.1:
Generated code requires "make:user" to be called.
php bin/console make:user
But name for "User"-class must be predefined and very specific.
Note 5.2:
Since AspNetUser-table has no roles-column. The role-field of the class will be filled with a separate request to the (AspNetUserRoles inner join AspNetRoles)-table.