Symfony Security Simple API - Symfony-security Typing CST Test
Loading…
Symfony Security Simple API — Symfony-security Code
Demonstrates a simple Symfony REST API with authentication and role-based access control using security.yaml configuration.
// config/packages/security.yaml
security:
encoders:
App\Entity\User:
algorithm: auto
providers:
in_memory:
memory:
users:
admin:
password: 'password'
roles: ['ROLE_ADMIN']
firewalls:
main:
anonymous: true
http_basic: ~
access_control:
- { path: ^/admin, roles: ROLE_ADMIN }
// src/Controller/TodoController.php
namespace App\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\Routing\Annotation\Route;
class TodoController extends AbstractController {
/**
* @Route("/todos", name="todo_list")
*/
public function list(): JsonResponse {
$todos = ['Task 1', 'Task 2'];
return new JsonResponse($todos);
}
}Symfony-security Language Guide
Symfony Security is a robust component of the Symfony PHP framework that provides authentication, authorization, and secure user management features for web applications.
Primary Use Cases
- ▸User authentication and login/logout systems
- ▸Role-based access control (RBAC) for resources
- ▸API security with JWT or OAuth2
- ▸CSRF and session management
- ▸Integration with LDAP/SSO for enterprise environments
Notable Features
- ▸Authentication mechanisms (form login, HTTP basic, OAuth2, JWT, LDAP)
- ▸Authorization system via roles, voters, and access control rules
- ▸Firewalls to secure different parts of an application
- ▸Password hashing and user provider integration
- ▸CSRF protection for forms and requests
Origin & Creator
Developed by Fabien Potencier and the Symfony core team, maintained as part of Symfony framework since its early versions.
Industrial Note
Widely used in enterprise PHP applications requiring robust authentication, access control, and compliance with security standards.