PHPackages roadiz/user-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Admin Panels](/categories/admin) 4. / 5. roadiz/user-bundle ActiveSymfony-bundle[Admin Panels](/categories/admin) roadiz/user-bundle ================== Public user management bundle for Roadiz CMS v2.7.12(1mo ago)3560MITPHPPHP >=8.3 Since Jul 22Pushed 1mo ago2 watchersCompare [ Source](https://github.com/roadiz/user-bundle)[ Packagist](https://packagist.org/packages/roadiz/user-bundle)[ RSS](/packages/roadiz-user-bundle/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (30)Versions (269)Used By (0) Roadiz User bundle ================== [](#roadiz-user-bundle) **Public user management bundle for Roadiz v2** [![Run test status](https://github.com/roadiz/user-bundle/actions/workflows/run-test.yml/badge.svg?branch=develop)](https://github.com/roadiz/user-bundle/actions/workflows/run-test.yml/badge.svg?branch=develop) Installation ============ [](#installation) Make sure Composer is installed globally, as explained in the [installation chapter](https://getcomposer.org/doc/00-intro.md)of the Composer documentation. Applications that use Symfony Flex ---------------------------------- [](#applications-that-use-symfony-flex) Open a command console, enter your project directory and execute: ``` $ composer require roadiz/user-bundle ``` Applications that don't use Symfony Flex ---------------------------------------- [](#applications-that-dont-use-symfony-flex) ### Step 1: Download the Bundle [](#step-1-download-the-bundle) Open a command console, enter your project directory and execute the following command to download the latest stable version of this bundle: ``` $ composer require roadiz/user-bundle ``` ### Step 2: Enable the Bundle [](#step-2-enable-the-bundle) Then, enable the bundle by adding it to the list of registered bundles in the `config/bundles.php` file of your project: ``` // config/bundles.php return [ // ... \RZ\Roadiz\UserBundle\RoadizUserBundle::class => ['all' => true], ]; ``` Configuration ------------- [](#configuration) - Copy *API Platform* resource configuration files to your Roadiz project `api_resource` folder: - `./config/api_resources/user.yaml` - `./config/api_resources/me.yaml` - Edit your `./config/packages/framework.yaml` file with: ``` framework: rate_limiter: user_signup: policy: 'token_bucket' limit: 5 rate: { interval: '1 minutes', amount: 3 } cache_pool: 'cache.user_signup_limiter' password_request: policy: 'token_bucket' limit: 3 rate: { interval: '1 minutes', amount: 3 } cache_pool: 'cache.password_request_limiter' password_reset: policy: 'token_bucket' limit: 3 rate: { interval: '1 minutes', amount: 3 } cache_pool: 'cache.password_reset_limiter' ``` - Edit your `./config/packages/cache.yaml` file with: ``` framework: cache: pools: cache.user_signup_limiter: ~ cache.password_request_limiter: ~ cache.password_reset_limiter: ~ ``` - Edit your `./config/packages/security.yaml` file with: ``` security: access_control: # Prepend user routes configuration before API Platform ones # Public routes must be defined before protected ones - { path: "^/api/users/login_link_check", methods: [ POST ], roles: PUBLIC_ACCESS } - { path: "^/api/users/login_link", methods: [ POST ], roles: PUBLIC_ACCESS } - { path: "^/api/users/signup", methods: [ POST ], roles: PUBLIC_ACCESS } - { path: "^/api/users/password_request", methods: [ POST ], roles: PUBLIC_ACCESS } - { path: "^/api/users/password_reset", methods: [ PUT ], roles: PUBLIC_ACCESS } # ... - { path: "^/api", roles: ROLE_BACKEND_USER, methods: [ POST, PUT, PATCH, DELETE ] } - { path: "^/api/users", methods: [ GET, PUT, PATCH, POST ], roles: ROLE_USER } ``` - Edit your `./.env` file with: ``` USER_PASSWORD_RESET_URL=https://your-public-url.test/reset USER_VALIDATION_URL=https://your-public-url.test/validate USER_PASSWORD_RESET_EXPIRES_IN=600 USER_VALIDATION_EXPIRES_IN=3600 ``` - Update your CORS configuration with additional headers `Www-Authenticate` and `x-g-recaptcha-response`: ``` # config/packages/nelmio_cors.yaml nelmio_cors: defaults: # ... allow_headers: ['Content-Type', 'Authorization', 'Www-Authenticate', 'x-g-recaptcha-response'] expose_headers: ['Link', 'Www-Authenticate'] ``` Passwordless user creation and authentication --------------------------------------------- [](#passwordless-user-creation-and-authentication) You can switch your public users to `PasswordlessUser` and set up a login link authentication process along with user creation process. First you need to configure a public login link route: ``` # config/routes.yaml public_login_link_check: path: /api/users/login_link_check methods: [POST] ``` Then you need to configure your security.yaml file to use `login_link` authentication process in your API firewall. You **must** use `all_users` provider to be able to use Roadiz User provider during the login\_link authentication process. ``` # config/packages/security.yaml # https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/8-jwt-user-provider.html#symfony-5-3-and-higher api: pattern: ^/api stateless: true # We need to use all_users provider to be able to use Roadiz User provider # during the login_link authentication process provider: all_users jwt: ~ login_link: check_route: public_login_link_check check_post_only: true success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure signature_properties: [ 'email' ] # lifetime in seconds lifetime: 600 max_uses: 3 ``` ### Public login link creation [](#public-login-link-creation) Then you'll need a public route to request a login-link. In your project create a new `App\Controller\SecurityController`and add a new route `/api/users/login_link`: ```