Introducing FOS\UserBundle https://github.com/FriendsOfSymfony/UserBundle Jeremy Mikola (@jmikola)

FOS\UserBundle ● FOS (FriendsOfSymfony) is a public namespace for community- developed bundles ● FOS\UserBundle ● Predates Security component, but now integrated ● Provides extensible user account functionality ● Actively maintained and used by folks from Liip, OpenSky, knplabs, Exercise.com et al.

Symfony2's Security Component A quick recap of what it does, and does not, do ● Does... ● Load accounts from memory fixtures or databases ● Authentication by various methods using firewalls ● Role-based access control (authorization) ● ACL's and Access Control Entry (ACE) management ● Doesn't... ● Provide tools to administer or manage accounts ● Integrate with Doctrine beyond loading accounts ● Implement forms or business logic for login, registration, etc. ● Allow different hash strategies among accounts

UserInterface And a summary of UserBundle's features ● Extends core AdvancedAccountInterface (expire, lock, disable) ● Canonical email/username fields ● Unique indexing (MongoDB), case-folding (URL slugs), charset normalization (localization) ● Hash algorithm configurable per account ● Drop-in EncoderFactory service for Security component ● Support migrated accounts from a legacy project without limiting new ones ● Roles assigned directly or inherited via Groups ● Confirmation token for email verification and “forgot password” ● Track last login, created, updated timestamps

Controllers and Commands Entirely optional, but probably very helpful ● Controller Actions (with routing, of course) ● Registration, email confirmation, reset password ● Login form (for core “form_login” auth listener) ● CRUD actions for user and group administration – Don't forget to secure these routes in your config! ● Console Commands ● Create users, change passwords ● Deactivate accounts, promote super admins

UserManager The “fos_user.user_manager” service ● Extends core UserProviderInterface ● Load accounts for configured Security firewalls ● Used to create/find/update user objects ● Before saving, hash plain passwords (if set) and canonicalize email/username fields ● Customizable thanks to dependency injection ● Canonicalization services, encoder factory, default algorithm, and the user class

The User Class Actually, your user class ● FOS provides a default implementation, along with base model classes for Doctrine ORM/ODM ● You can ● ...extend a base model class (you must map “id” and “groups”) ● ...implement UserInterface from scratch # app/config/config.yml fos_user: db_driver: orm provider_key: fos_userbundle class: model: user: Application\MainBundle\Entity\User

Plugging Into Security and Doctrine And this rounds out the minimum configuration # app/config/config.yml security: providers: fos_userbundle: id: fos_user.user_manager firewalls: main: form_login: provider: fos_userbundle doctrine: orm: mappings: FOSUserBundle: ~ # Only if you extended a base model MainBundle: ~

Additional Extension Points Complete documentation is in Resources/doc/index.rst ● Canonicalization and Email interfaces ● CanonicalizerInterface: mb_convert_case() by default ● MailerInterface: Swift Mailer by default ● Both replaceable via the Bundle's configuration ● Templating ● Override templates using standard Bundle inheritance ● Validation ● Notoriously difficult to override; all constraints are in a specific group, which can be easily disregarded

Thanks! Also check out: https://github.com/FriendsOfSymfony/FacebookBundle https://github.com/opensky/LdapBundle