jmikola/AutoLogin jmikola/AutoLogin

  • Stars
    star
    100
  • Rank 339,634 (Top 7 %)
  • Language
    PHP
  • License
    MIT License
  • Created over 12 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
jmikola/AutoLogin
github

jmikola

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Faciliates automatic login via a single token for Symfony's Security component.

AutoLogin

This library implements a Symfony security firewall listener to authenticate users based on a single query parameter. This is useful for providing one-click login functionality in email and newsletter links.

Installation

The library is published as a package and is installable via Composer:

$ composer require jmikola/auto-login

Compatibility

This library requires Symfony 4.3 or above.

Usage

This library implements authentication provider and firewall listener classes, which may be plugged into Symfony's security component to intercept requests and automatically authenticate users based on a single request parameter.

To utilize this library in a full-stack Symfony application, you may want to use JmikolaAutoLoginBundle. An example of registering an authentication provider and firewall listener manually may be found in the Security component documentation.

Token

When a user is automatically logged in by a token parameter in the request, they will be authenticated with an AutoLoginToken instance. In the context of authorization, this token satisfies IS_AUTHENTICATED_FULLY. Ideally, it would be possible to restrict the token to IS_AUTHENTICATED_REMEMBERED, but that is not yet supported. Additional information on these authorization levels may be found in Symfony's authorization documentation.

Events

The firewall listener may dispatch events if constructed with an event dispatcher instance.

Interactive Login

Upon successful authentication by a token parameter in the request, an interactive login core event will be dispatched with the authenticated AutoLoginToken instance.

Already Authenticated

This event was contributed by Antonio Trapani in PR #9.

If a token parameter is present in the request, but the user is already authenticated, a custom event will be dispatched, which includes the token's value. After dispatching this event, the listener's default behavior is to return immediately, since there is likely no work to be done.

A practical use for this event would be to mark a user's email addresses as confirmed, assuming the auto-login link with the token was only delivered via email. As a business requirement, the confirmation service might also listen to the interactive login core event and operate when the authenticated token was an AutoLoginToken instance.

Note: Unlike the interactive login event, the token parameter in this event will not have been validated. It will be the responsibility of the listener to check whether it matches the currently authenticated user. For this reason, it may be helpful to inject this library's provider class.

Overriding Already Authenticated Users

This feature was contributed by Mathieu Gauthier-Lafaye in PR #10.

By default, the listener will only dispatch an event if the user is already authenticated; it does not override the existing authenticated user. In some cases, it may be desirable to allow an auto-login link to override an existing authenticated user. Otherwise, the user would first need to log out before using the auto-login link. Setting the listener's override_already_authenticated boolean option to true will enable this behavior.

More Repositories

1

geojson

GeoJSON implementation for PHP
PHP
282
star
2

mongoqp

A frontend for MongoDB's query profiler collection.
JavaScript
170
star
3

JmikolaAutoLoginBundle

Authenticate users in your Symfony app via a single query parameter (e.g. email and newsletter links).
PHP
83
star
4

JmikolaWildcardEventDispatcherBundle

Enhances the Symfony event dispatcher with support for wildcard patterns inspired by AMQP topic exchanges.
PHP
35
star
5

WildcardEventDispatcher

Event dispatcher with support for wildcard patterns inspired by AMQP topic exchanges.
PHP
33
star
6

react-mongodb

Asynchronous MongoDB client for React PHP
PHP
25
star
7

JmikolaJsAssetsHelperBundle

Exposes the AssetsHelper service from Symfony2's templating component to JavaScript, allowing relative or absolute asset URI's to be generated client-side.
JavaScript
19
star
8

fb-events-widget

An embeddable widget for listing Facebook events.
PHP
16
star
9

slides

Slide decks and presentations
HTML
14
star
10

JmikolaInsecureRoutesBundle

Removes HTTPS scheme requirements from routes in your Symfony2 app (for dev/test environments).
PHP
13
star
11

JmikolaImagineBundle

Extra filters/loaders to complement AvalancheImagineBundle
PHP
9
star
12

SimpleCASBundle

SimpleCAS integration for authenticating users in Symfony2
PHP
8
star
13

silex-mongodb-workshop

PHP
8
star
14

hhamon-flying

Where in the world is @hhamon?
PHP
6
star
15

mongodb-fuse

A FUSE wrapper for MongoDB (not GridFS)
6
star
16

silex-mongodb-aggregation-demo

MongoDB aggregation demo using Silex
JavaScript
5
star
17

mongo-php-fluent

Fluent query API prototype for mongo-php-driver
PHP
3
star
18

Thundergrid

A PHP GridFS Framework (MongoDB)
PHP
3
star
19

li3-mongodb-aggregation-demo

MongoDB aggregation demo using Lithium
PHP
2
star
20

jmikola.github.io

Personal website
HTML
2
star
21

top-shelf-php

Top Shelf PHP Example Application
PHP
2
star
22

github-logout

Viewing this repository may log you out of GitHub.
2
star
23

wurstcon.com

HTML
2
star
24

ZipIterator

A reimplementation of Python's zip() function in PHP
PHP
2
star
25

jmikola.github.io_tmp

PHP
1
star