PHPackages                             slashid/symfony - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. slashid/symfony

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

slashid/symfony
===============

SlashID integration bundle for Symfony.

1.0.0(2y ago)16JavaScriptPHP ^8.1

Since May 3Pushed 2y agoCompare

[ Source](https://github.com/slashid/symfony)[ Packagist](https://packagist.org/packages/slashid/symfony)[ RSS](/packages/slashid-symfony/feed)WikiDiscussions main Synced yesterday

READMEChangelogDependencies (15)Versions (2)Used By (0)

Symfony SlashID Integration Bundle
==================================

[](#symfony-slashid-integration-bundle)

Installation
------------

[](#installation)

1. Install the Symfony SlashID packaged with composer:

```
composer require slashid/symfony

```

2. Edit your environment file, `.env`, adding the following variables to the end of the file:
    - `SLASHID_ENVIRONMENT`, either `sandbox` or `production`
    - `SLASHID_ORGANIZATION_ID`, your organization's ID. You'll find it in your SlashID console ( for production,  for sandbox), in the "Settings" tab, on the top of the page.
    - `SLASHID_API_KEY`, your organization's API Key. You'll also find it in your SlashID console, in the "Settings" tab, at the very bottom of the page.

```
# .env

SLASHID_ENVIRONMENT=sandbox
SLASHID_ORGANIZATION_ID=412edb57-ae26-f2aa-9999-770021ed52d1
SLASHID_API_KEY=z0dlY-nluiq8mcvm8YTolSkJV6e9
```

3. Run the Symfony command to publish the bundle assets:

```
php bin/console assets:install
```

4. Edit `config/routes.yaml` and add this to the end of it:

```
# config/routes.yaml

_slashid_symfony_bundle:
    resource: '@slashid/config/routes.yaml'
```

5. Edit `config/packages/security.yaml` to add the following references to SlashID:

```
# config/packages/security.yaml

security:
    providers:
        slashid:
          id: slashid.user_provider

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            lazy: true
            provider: slashid
            custom_authenticators:
                - slashid.authenticator
            logout:
                path: /logout
```

You're ready! Now access `/login` in your website and enjoy your new login with SlashID :)

### Stateless Login

[](#stateless-login)

If your Symfony installation acts as an API backend (for a React application, for instance), you will probably want to configure stateless login. To do that, just add `stateless: true` to the firewall configuration, for instance:

```
# config/packages/security.yaml

security:
    # ................
    firewalls:
        api:
            pattern: ^/api
            provider: slashid
            custom_authenticators:
                - slashid.authenticator
            stateless: true
        main:
            lazy: true
            provider: slashid
            custom_authenticators:
                - slashid.authenticator
```

In the example above, any requests to `/api/****` will be logged in by sending the SlashID token in a `Authorization: Bearer ` header. All other routes will be logged in with a cookie.

⚠️ **Attention!** If you do not add `stateless: true`, requests with a `Authorization: Bearer ` header WILL create a cookie login.

Configuration
-------------

[](#configuration)

If you want to customize the SlashID integration by creating a `config/packages/slashid.yaml` file inside your Symfony installation, for instance:

```
# config/packages/slashid.yaml

slashid:
    login_form:
        configuration:
            analytics-enabled: false
            theme-props:
                theme: dark
            factors:
                - { "method": "webauthn" }
                - { "method": "email_link" }
                - { "method": "password" }
        css_override:
            --sid-color-primary: "#f00"
            --sid-color-primary-hover: "#900"

    route_after_login: 'dashboard'
```

These are the configuration options:

ConfigurationDefault valueDescription`slashid.login_form.analytics``true`Whether or not to to include Analytics in the login form.`slashid.login_form.configuration``[]`See [Login form configuration](#login-form-configuration)`slashid.login_form.css_override``null`See [Login form theme](#login-form-theme)`slashid.login_form.override_bundled_javascript``false`Set true to override the Bundled JavaScript form, see [Overriding the login form](#overriding-the-login-form).`slashid.login_form.override_javascript_glue``false`Set true to override the JavaScript glue code, see [Overriding the login form](#overriding-the-login-form).`slashid.route_after_login``null`The route to redirect the user after login. If not set, the user will be redirected to `/`.`slashid.migration_script_folder``%kernel.project_dir%/migrations/slashid`The folder where to create the migration script. See [User Migration](#user-migration).### Login form configuration

[](#login-form-configuration)

The login form is a bundled version of [SlashID's React SDK](https://developer.slashid.dev/docs/access/react-sdk). As such all options in the components are usable here, just note that you have to convert `camelCase` to `kebab-case` (see examples below).

For instance, to use the dark theme, do this:

```
# config/packages/slashid.yaml

slashid:
    login_form:
        configuration:
            theme-props:
                theme: dark
```

If you want to enable password login and disable email link login, do this:

```
# config/packages/slashid.yaml

slashid:
    login_form:
        configuration:
            factors:
                - { "method": "webauthn" }
                - { "method": "password" }
```

You can also override [any of the CSS variables provided by the React SDK](https://developer.slashid.dev/docs/access/react-sdk/reference/components/react-sdk-reference-form#css-custom-properties-variables). For instance, to make the login button red with a darker red hover, you can do the following:

```
# config/packages/slashid.yaml

slashid:
    login_form:
        css_override:
            --sid-color-primary: "#f00"
            --sid-color-primary-hover: "#900"
```

Groups
------

[](#groups)

### Group-based access in routes

[](#group-based-access-in-routes)

The groups in SlashID are exposed as Symfony roles. So, for instance, if you have a group named "Editor", the user will have the role `ROLE_EDITOR`.

You can protected routes by SlashID groups editing `security.yaml` like this:

```
# config/packages/security.yaml

security:
    # ..........

    access_control:
        - { path: "^/editor", roles: ROLE_EDITOR }
        - { path: ^/admin, roles: ROLE_ADMIN }
```

⚠️ **Attention!** All group names will be capitalized, so groups named "Editor", "editor" and "EDITOR" will all be transcribed as `ROLE_EDITOR`.

### Group-checking in custom code

[](#group-checking-in-custom-code)

If you want to check the groups of a user in your custom code, you can use any of the group-related methods of the `\SlashId\Symfony\SlashIdUser` class, e.g.:

```
// src/Controller/MyCustomController.php

namespace App\Controller;
