Coder Social home page Coder Social logo

security-api-bundle's Introduction

OsLab security API bundle

A bundle for securing ReST api calls.

Build Status Scrutinizer Code Quality Code Coverage Total Downloads Latest Stable Version License

Introduction

This bundle allows you to add an authentication mechanism with a token easily to your APIs.

Once you've configured everything, you'll be able to authenticate by adding an key parameter to the query string, like http://example.com/api/users?key=1x4c40nwh96080gk70f7k5awz9k6tczqs3jr01z94849n or add through a header your token.

Installation

Step 1: Download OsLabSecurityApiBundle using Composer

Require the bundle with composer:

$ composer require oslab/security-api-bundle:"~1.0"

Or you can add it in the composer.json. Just check Packagist for the version you want to install (in the following example, we used "1.0") and add it to your composer.json:

    {
        "require": {
            "oslab/security-api-bundle": "~1.0"
        }
    }

Step 2: Enable the bundle

Finally, enable the bundle in the kernel:

    // app/AppKernel.php
    
    public function registerBundles()
    {
        $bundles = array(
            // ...
            new OsLab\SecurityApiBundle\OsLabSecurityApiBundle(),
        );
    }

Step 3: Configure your application's security.yml

    role_hierarchy:
        ROLE_API: ROLE_API

    ...

    providers:
        chain_provider:
            chain:
                providers: [api_provider]

        ...

        api_provider:
            memory_api:
                users:
                    micro_service_asset:
                        password: '1x4c40nwh96080gk70f7k5awz9k6tczqs3jr01z94849n'
                        roles: 'ROLE_API'
                    external_api_customer:
                        password: 'j6eef2w0689a6if50c365v2zq0c855ywgyt106j2b6q5h'
                        roles: 'ROLE_API'
        ...

    firewalls:
        ...

        api_secured:
            pattern: ^/api/*
            stateless: true
            simple_preauth:
                authenticator: oslab_security_api.security.authentication.authenticator
            provider: api_provider

        main:
            anonymous: ~

        ...
        
    access_control:
        ...
        - { path: ^/api/*, roles: [ROLE_API]}
        ...

Credits

License

Security API bundle is released under the MIT License, you agree to license your code under the MIT license

security-api-bundle's People

Contributors

20uf avatar fdespier avatar scrutinizer-auto-fixer avatar

Watchers

James Cloos avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.