search

symfony / symfony-docs

The Symfony documentation
https://symfony.com/doc
Other
2.16k stars 5.11k forks source link

New Experimental Security System DOES NOT WORK, Documentation too vague #14116

Closed pavrip closed 4 years ago

pavrip commented 4 years ago

Just started learning Symfony this week, Its taken all week, Although I like the framework, the only thing that has been disappointing is the not so well organised documentation.

Decided to try the new "experimental" security but its causing issues.

Going as per documentation here: https://symfony.com/doc/current/security/experimental_authenticators.html#authenticators-removed-authentication-providers

`First I have added the manager: security:

5762 Adding new manager:

enable_authenticator_manager: true
encoders:
    App\Entity\MyFavorite:
        #-> I am hoping I can use argon2id
        algorithm: argon2id

# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
    # used to reload user from session & other features (e.g. switch_user)
    app_user_provider:
        entity:
            class: App\Entity\MyFavorite
            property: uniqueCode
firewalls:
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false
    main:
        lazy: true
        provider: app_user_provider

       #**** When I put the custom Authenticators it throws an exception:
       The service "security.firewall.authenticator.main" has a dependency on a non-existent service      "App\Security\ApiKeyAuthenticator".

       custom_authenticators:
            - App\Security\ApiKeyAuthenticator

       #-> anonymous: true

        pattern:
           ^\/myfavorites\/vault\/[a-zA-Z0-9\-?\??%?]{0,}

        # activate different ways to authenticate
        # https://symfony.com/doc/current/security.html#firewalls-authentication

        # https://symfony.com/doc/current/security/impersonating_user.html
        # switch_user: true

        #-> Here we are passing the logout path, blanking it for now as we are doing the make auth first
        logout:
            path: welcome

        #-> Now it says that an entry point is required, the documentation is slightly confusing, but lets see how this works:,
        #-> Without entry point an exception is thrown, despite the documentation says this is only needed when multiple authentication methods are being used
       # entry_point: my_favorites

# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
    #-> Here I am creating access control for the first time:
    # It is this line of code that controls access
    - { path: '^\/myfavorites\/vault\/[a-zA-Z0-9\-?\??%?]{0,}', roles: ROLE_MYFAVORITE}

    - 
    # - { path: ^/profile, roles: ROLE_USER }

`

I apologise for the comments, this is a dummy project so its scattered with comments, Now first when I enable the manager, it throws an exception when the anonymous option is there, and then when I disable it Symfony says: c I thought I would try the make:auth command to build all the classes, but that does not even work and the same exception is thrown in the command line,

I want to try the new version but its just complicated, It says this is experimental and is backwards compatible with some exceptions, WHERE ARE THOSE EXCEPTIONS DOCUMENTED?

php bin/console make:auth //throws:No authentication listener registered for firewall "main". exception

wouterj commented 4 years ago

First, every documentation you're reading and code you're using is written in someones free time. I see no reason to add such an aggressive tone to your issue if you're having some trouble using it. Please consider talking more respectfull and calm the next time.

If you're new to to framework, I would strongly suggest to learn the current security system first. The new system is the old concepts + some changes, so it does require learning the current concepts first. Also, there is a lot more (and lot less vague) documentation about the current system. It also seems like some other parts aren't using default config or aren't set-up correctly (e.g. missing the App\Security\ApiKeyAuthenticator).

I would recommend you to start learning the basics (see the Getting Started guides) and maybe follow some SymfonyCasts tutorials before diving deep into security. And be patient with yourself, learning Symfony can take a lot of time. I think you're maybe skipping a bit too much. E.g. "where are those exceptions documented?" is explained in the same sentence you're quoting: "The new system is backwards compatible with the current authentication system, with some exceptions that will be explained in this article: followed by a list of all exceptions".

I'm going to close this issue as there doesn't seem to be anything actionable. Please use any of the support channels found on https://symfony.com/support (OSS channels at the left) for user support and open issues on GitHub if there are concrete things to improve/too vague.