E1.18 Php Symfony Security: Implementation features (Wpf, Xamarin, Angular SPA, Reactjs SPA) - chempkovsky/CS2WPF-and-CS2XAMARIN GitHub Wiki

Note 1:

Implementation features are related to Security of Symfony 5.3. Please refer to Symfony Security article first and then pay special attention to the Authenticator-based Security article. Generated code inherits AbstractAuthenticator instead of AbstractGuardAuthenticator

Note 2:

Microsoft implementation of JWT authentication (i.e. token()-method) expects the body of the post method to be not "json", but just the string like below

username=myname&password=myassword&grant_type=password

Note 3.1:

The generated code for JWT authentication follows the guidelines outlined in "How to Authenticate User in Symfony 5 by Jwt" article. We do not forget about AbstractAuthenticator to be the base class.

Note 3.2:

firebase/php-jwt is used in our Lavarel(Lumen) projects as well.

Note 4:

We do not use LexikJWTAuthenticationBundle. Please read lexik/LexikJWTAuthenticationBundle does not work with symfony 5.2

Note 5.1:

Generated code requires "make:user" to be called.

php bin/console make:user

But name for "User"-class must be predefined and very specific.

Note 5.2:

Since AspNetUser-table has no roles-column. The role-field of the class will be filled with a separate request to the (AspNetUserRoles inner join AspNetRoles)-table.