HttpBasicAuthenticator
in package
implements
AuthenticatorInterface, AuthenticationEntryPointInterface
Tags
Table of Contents
Interfaces
- AuthenticatorInterface
- The interface for all authenticators.
- AuthenticationEntryPointInterface
- Implement this interface for any classes that will be called to "start" the authentication process (see method for more details).
Properties
- $logger : mixed
- $realmName : string
- $userProvider : mixed
Methods
- __construct() : mixed
- authenticate() : Passport
- Create a passport for the current request.
- createToken() : TokenInterface
- Create an authenticated token for the given user.
- onAuthenticationFailure() : Response|null
- Called when authentication executed, but failed (e.g. wrong username password).
- onAuthenticationSuccess() : Response|null
- Called when authentication executed and was successful!
- start() : Response
- Returns a response that directs the user to authenticate.
- supports() : bool|null
- Does the authenticator support the given Request?
Properties
$logger
private
mixed
$logger
$realmName
private
string
$realmName
$userProvider
private
mixed
$userProvider
Methods
__construct()
public
__construct(string $realmName, UserProviderInterface $userProvider[, LoggerInterface $logger = null ]) : mixed
Parameters
- $realmName : string
- $userProvider : UserProviderInterface
- $logger : LoggerInterface = null
authenticate()
Create a passport for the current request.
public
authenticate(Request $request) : Passport
The passport contains the user, credentials and any additional information that has to be checked by the Symfony Security system. For example, a login form authenticator will probably return a passport containing the user, the presented password and the CSRF token value.
You may throw any AuthenticationException in this method in case of error (e.g. a UserNotFoundException when the user cannot be found).
Parameters
- $request : Request
Return values
PassportcreateToken()
Create an authenticated token for the given user.
public
createToken(Passport $passport, string $firewallName) : TokenInterface
If you don't care about which token class is used or don't really understand what a "token" is, you can skip this method by extending the AbstractAuthenticator class from your authenticator.
Parameters
- $passport : Passport
-
The passport returned from authenticate()
- $firewallName : string
Return values
TokenInterfaceonAuthenticationFailure()
Called when authentication executed, but failed (e.g. wrong username password).
public
onAuthenticationFailure(Request $request, AuthenticationException $exception) : Response|null
This should return the Response sent back to the user, like a RedirectResponse to the login page or a 403 response.
If you return null, the request will continue, but the user will not be authenticated. This is probably not what you want to do.
Parameters
- $request : Request
- $exception : AuthenticationException
Return values
Response|nullonAuthenticationSuccess()
Called when authentication executed and was successful!
public
onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName) : Response|null
This should return the Response sent back to the user, like a RedirectResponse to the last page they visited.
If you return null, the current request will continue, and the user will be authenticated. This makes sense, for example, with an API.
Parameters
- $request : Request
- $token : TokenInterface
- $firewallName : string
Return values
Response|nullstart()
Returns a response that directs the user to authenticate.
public
start(Request $request[, AuthenticationException $authException = null ]) : Response
This is called when an anonymous request accesses a resource that requires authentication. The job of this method is to return some response that "helps" the user start into the authentication process.
Examples:
-
For a form login, you might redirect to the login page
return new RedirectResponse('/login');
-
For an API token authentication system, you return a 401 response
return new Response('Auth header required', 401);
Parameters
- $request : Request
- $authException : AuthenticationException = null
Return values
Responsesupports()
Does the authenticator support the given Request?
public
supports(Request $request) : bool|null
If this returns true, authenticate() will be called. If false, the authenticator will be skipped.
Returning null means authenticate() can be called lazily when accessing the token storage.
Parameters
- $request : Request