This bundle, simple yet convenient, lets you easily add to your application features such as:

• user authentication
• password resetting
• user account locking
• user account expiration
• force a user to reset his password at first connection

Notes:

• this bundle assumes you're using Doctrine to persist and retrieve your users. It provides a Doctrine UserProvider.
• if you need two factor authentication (2FA), this bundle plays nicely with TwoFactorBundle
• this bundle is inspired by FOSUserBundle

Open a command console, enter your project directory and execute:

$ composer require damienharper/user-bundle

Open a command console, enter your project directory and execute the following command to download the latest stable version of this bundle:

$ composer require damienharper/user-bundle

This command requires you to have Composer installed globally, as explained in the installation chapter of the Composer documentation.

Then, enable the bundle by adding it to the list of registered bundles in the app/AppKernel.php file of your project:

<?php
// app/AppKernel.php

// ...
class AppKernel extends Kernel
{
    public function registerBundles()
    {
        $bundles = array(
            // ...
            new DH\UserBundle\DHUserBundle(),
        );

        // ...
    }

    // ...
}

Note: following configuration instructions target a Symfony 4 application.

Create a file named dh_user.yaml in the config/packages directory with the following content.

# config/packages/dh_user.yaml
dh_user:
    user_class: App\Entity\User         # FQDN name of your user class
    password_reset:
        email_from: [email protected]  # Sender of the password reset requests
        token_ttl: 7200                 # TTL of a password reset request

Notes:

• By default, the bundle assumes your User class name is App\Entity\User

Edit the config/routes.yaml file and add the following import rules.

# config/routes.yaml
dh_userbundle:
    resource: "@DHUserBundle/Controller/"
    type: annotation

Then, you'll have basic pages for logging in, requesting a password reset, resetting a password.

Edit the config/packages/security.yaml file and add the appropriate blocks/rules as shown below, in this minimal configuration example.

# config/packages/security.yaml
security:
    encoders:
        App\Entity\User:
            algorithm: bcrypt

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    providers:
        user_provider:
            id: dh_userbundle.user_provider

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main:
            pattern:  ^/
            provider: user_provider
            user_checker: dh_userbundle.user_checker
            anonymous:    true

            form_login:
                login_path: dh_userbundle_login
                check_path: dh_userbundle_login

            logout: true


    # Easy way to control access for large sections of your site
    # Note: Only the *first* access control that matches will be used
    access_control:
        - { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/password-reset, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/lost-password, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin/, role: ROLE_ADMIN }

The User class has to be an entity (the Doctrine way) which means a simple class containing properties mapped to columns of a table in the database.

Your User class has to implement a few interfaces to make it work with the bundle:

• DH\UserBundle\Security\UserInterface which lists the methods expected to be callable by the bundle
• \Serializable regarding serialization/deserialization of User instances

In addition, a few properties are required by the bundle and as a convenience, the bundle provides you two traits you can use in your User class to minimize your work:

• DH\UserBundle\Model\ExtendedUserTrait contains all the properties and methods required by the bundle.
• DH\UserBundle\Model\UserTrait only contains the minimal, it's up to you to implement the remaining required properties and methods (you can then use the ExtendedUserTrait as an example)

Example of a User class using ExtendedUserTrait

<?php

namespace App\Entity;

use DH\UserBundle\Model\ExtendedUserTrait;
use DH\UserBundle\Security\UserInterface;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
use Symfony\Component\Validator\Constraints as Assert;


/**
 * @ORM\Entity(repositoryClass="App\Repository\UserRepository")
 * @ORM\Table(name="user")
 * @UniqueEntity(fields="email", message="Email already registered.")
 * @UniqueEntity(fields="username", message="Username already registered.")
 */
class User implements UserInterface, \Serializable
{
    use ExtendedUserTrait;

    /**
     * @ORM\Id
     * @ORM\GeneratedValue
     * @ORM\Column(type="integer")
     */
    private $id;

    /**
     * @ORM\Column(type="string")
     * @Assert\NotBlank()
     */
    private $fullName;

    public function getId(): int
    {
        return $this->id;
    }

    public function setFullName(string $fullName): void
    {
        $this->fullName = $fullName;
    }

    public function getFullName(): ?string
    {
        return $this->fullName;
    }
}

UserBundle is free to use and is licensed under the MIT license