Skip to main content

Configuration

For authorization Dullahan uses Symfony Security bundle with ready to use stateless handlers dependent on JWT.

In this configuration we are defining user provider (Entity\User), user authenticator (Security\ApiKeyAuthenticator) and binding them together:

config/security.yaml
security:
    providers:
        user:
            entity:
                # Dullahan user entity
                class: Dullahan\User\Domain\Entity\User
                property: email
    firewalls:
        # Example of stateless authorization using Dullahan's ApiKeyAuthenticator custom authenticator
        main:
            stateless: true
            lazy: true

            # Reference to the providers from above
            provider: user

            # The minimal amount of paths that authenticator has to cover
            # (/_/user* and /_/login*)
            pattern: ^/(_\/(user|login))
            custom_authenticators:
                - Dullahan\User\Adapter\Symfony\Presentation\Http\Security\ApiKeyAuthenticator

            # Define login path - must be covered by the firewall
            json_login:
                check_path: api_user_login

            # Name of the logout path provided by Dullahan User bundle (/_/user/logout)
            logout:
                path: api_user_logout
Full example

Check out the full example available in Dullahan Project.