PHPackages code202/security-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. code202/security-bundle ActiveLibrary[Authentication & Authorization](/categories/authentication) code202/security-bundle ======================= Provides user management for Symfony Project. 1.3.15(2y ago)080MITPHPPHP >8.1.0 Since Feb 17Pushed 1y ago1 watchersCompare [ Source](https://github.com/code-202/security-bundle)[ Packagist](https://packagist.org/packages/code202/security-bundle)[ RSS](/packages/code202-security-bundle/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (10)Dependencies (16)Versions (42)Used By (0) security-bundle =============== [](#security-bundle) Provides user management for Symfony Project. Configuration ------------- [](#configuration) ### Security [](#security) Minimum configuration in `config/security.yaml` file for your securited firewall : ``` main: pattern: ^/api/login code202-login: check_path: /api/login ``` You also can disable or configure an authentication way like this : ``` main: pattern: ^/api/login code202-login: check_path: /api/login success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure username_password_json: check_path: /username username_parameter: username password_parameter: pass remember_me_parameter: remember username_password_form: check_path: /username token_by_email_json: check_path: /email token_by_email_form: false ``` ### User provider [](#user-provider) To fully use the bundle, don't forget to use our dedicated user provider ``` security: providers: code202_user: id: Code202\Security\User\Provider firewalls: main: provider: code202_user ``` ### Routing [](#routing) Add to folowing route in your `routes.yaml` : ``` security: resource: '@Code202SecurityBundle/Resources/config/routing.yml' name_prefix: api.security prefix: api/security ``` Prefix has to correspond to your firewall pattern ! ### Uuid [](#uuid) You have to choose how to generate and validate UUID. ``` # config/code202_security.yaml code202_security: uuid: generator: 'your service name here' validator: 'your service name here' ``` Your service name have to respectivly implements Code202\\Security\\Uuid\\UuidGeneratorInterface and Code202\\Security\\Uuid\\UuidValidatorInterface You also can use these values `ramsey/uuid` or `symfony/polyfill-uuid` (default) if you use the corresponding packages. ### Session TTL [](#session-ttl) You can provide differents values of Time To Live for the differents authentications ways, the default value is 3600 seconds. ``` # config/code202_security.yaml code202_security: sessionTTL: username_password: 7200 token_by_email: 1800 ``` ### Token By Email [](#token-by-email) You can configure the 'token\_by\_email' authentication behavior : ``` # config/code202_security.yaml code202_security: token_by_email: refresher: token_generator: 'your_generator_service_name' #The service have to implement Code202Security\Service\Common\TokenGeneratorInterface # Default value : 'number_base' to use our generator minimal_refresh_interval: 'time_interval' # Default '1 minute' lifetime_interval: 'time_interval' #Default '5minutes' ``` ### Token Generator [](#token-generator) If you choose to use the default token generaotr, you can configure it with : ``` # config/code202_security.yaml code202_security: token_generator: number_base: size: 6 # The size of the generated token ``` ### Roles Strategies [](#roles-strategies) The roles strategies explains which roles can be grant and revoke with which conditions. For example : ``` # config/code202_security.yaml code202_security: role_strategies: - roles: - 'ROLE_1' - 'ROLE_5' to_grant: 'is_granted("ROLE_SUPER_ADMIN")' - roles: - 'ROLE_1' to_grant: 'is_granted("ROLE_ADMIN")' to_revoke: 'is_granted("ROLE_SUPER_ADMIN")' - roles: - 'ROLE_2' to_grant: 'is_granted("ROLE_1")' ``` By default, if `to_revoke` option in note define, the `to_grant` option is apply for revoke conditions. Bridges ------- [](#bridges) ### Nelmio/ApiDocBundle [](#nelmioapidocbundle) This bundle already use OpenApi attributes. The best way to use it is to import our configuration in your `nelmio_api_doc.yaml` file ``` imports: - { resource: '@Code202SecurityBundle/Resources/config/nelmio_api_doc.yaml' } nelmio_api_doc: documentation: info: title: My Project description: Test application version: 1.0.0 areas: # to filter documented areas path_patterns: - ^/api(?!/(doc|security)) # Accepts routes under /api except /api/doc ``` In cases where you change key, password or remember\_me parameters on authenticators, you can override this configuration like this : ``` documentation: info: title: My Project description: Test application version: 1.0.0 components: schemas: LoginUsernameRequest: properties: login: type: string pass: type: string rememberMe: type: boolean areas: # to filter documented areas path_patterns: - ^/api(?!/(doc|security)) # Accepts routes under /api except /api/doc ``` You can add these route in your configuration to show login routes in your API documentation: ``` security-login: resource: '@Code202SecurityBundle/Resources/config/routing-login.yml' name_prefix: api.security ``` Dev notes --------- [](#dev-notes) ### Use docker container [](#use-docker-container) Export .home-developer path to $DEV ``` export DEV ~/srv ``` Launch container ``` make console ``` #### To clean code [](#to-clean-code) ``` tools/php-cs-fixer/vendor/bin/php-cs-fixer fix src ``` You can use `--dry` option ### Health Score 31 — LowBetter than 68% of packages Maintenance31 Infrequent updates — may be unmaintained Popularity9 Limited adoption so far Community7 Small or concentrated contributor base Maturity66 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~9 days Recently: every ~0 days Total 41 Last Release 817d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/404ccde3b04536a7f83c8fda7f1e7b245ba029b855035654ce40b93a6c13df46?d=identicon)[jngermon](/maintainers/jngermon) --- Top Contributors [![jngermon](https://avatars.githubusercontent.com/u/12733304?v=4)](https://github.com/jngermon "jngermon (58 commits)") ### Embed Badge ![Health badge](/badges/code202-security-bundle/health.svg) ``` [![Health](https://phpackages.com/badges/code202-security-bundle/health.svg)](https://phpackages.com/packages/code202-security-bundle) ``` ### Alternatives [sylius/sylius E-Commerce platform for PHP, based on Symfony framework. 8.4k5.6M651](/packages/sylius-sylius)[prestashop/prestashop PrestaShop is an Open Source e-commerce platform, committed to providing the best shopping cart experience for both merchants and customers. 9.0k15.4k](/packages/prestashop-prestashop)[ec-cube/ec-cube EC-CUBE EC open platform. 78527.0k1](/packages/ec-cube-ec-cube)[sulu/sulu Core framework that implements the functionality of the Sulu content management system 1.3k1.3M152](/packages/sulu-sulu)[contao/core-bundle Contao Open Source CMS 1231.6M2.4k](/packages/contao-core-bundle)[open-dxp/opendxp Content & Product Management Framework (CMS/PIM) 7310.3k29](/packages/open-dxp-opendxp) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)