Download the PHP package easycorp/easy-security-bundle without Composer
On this page you can find all versions of the php package easycorp/easy-security-bundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download easycorp/easy-security-bundle
More information about easycorp/easy-security-bundle
Files in easycorp/easy-security-bundle
Package easy-security-bundle
Short Description Useful security-related shortcuts for Symfony applications
License MIT
Homepage https://github.com/EasyCorp/easy-security-bundle
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package easy-security-bundle
THIS BUNDLE IS NO LONGER MAINTAINED. SYMFONY 3.4 ADDED A SIMILAR FEATURE SO THIS IS NO LONGER NEEDED.
EasySecurityBundle
This bundle provides useful shortcuts to hide the Symfony Security component complexity.
Installation
Step 1: Download the Bundle
This command requires you to have Composer installed globally, as explained in the Composer documentation.
Step 2: Enable the Bundle
Basic Usage
Once installed, this bundle creates a new service called security that
provides lots of shortcuts for the most common security operations. The
main advantages over the Symfony Security component/bundle are:
1) It hides internal complexity
The Security component and bundle are some of the most complex Symfony pieces. They require you to learn lots of internal details that you probably don't care about:
This bundle hides this complexity centralizing all the operations under the
security service:
2) It makes code less verbose
Sometimes, the code needed to do common tasks is ridiculously verbose. For example, to login a user programmatically, Symfony requires you to do the following:
This bundle makes login a user as simple as it can be:
3) It fixes some unintuitive behaviors
In Symfony applications, the way to check if a user is anonymous, remembered or fully authenticated doesn't work as most people expect. For example, if a user logs in with their username + password using a form login, this will happen:
Symfony grants the anonymous and remembered attributes to fully authenticated users, so it's complicated to differentiate between them. This bundle changes this unintuitive behavior and helps you know if a user is truly anonymous, remembered or authenticated. In the same example as before:
Injecting the security service
These shortcuts can be used across your application if you inject the security
service. For example, if you define your services in YAML format:
Then, update the constructor of your service to get the security service:
List of Shortcuts
Getting users
getUser(): returns the current application user.getImpersonatingUser(): when impersonating a user, it returns the original user who started the impersonation.
Checking permissions
isGranted($attributes, $object = null): checks if the attributes (usually security roles) are granted for the current application user and the optionally given object.hasRole($role, $user = null): returnstrueif the current application user (or the optionally given user) has the given role. It takes into account the full role hierarchy.
Types of users
isAnonymous($user = null): returnstrueif the current application user (or the optionally given user) is anonymous. This behaves differently than Symfony built-in methods and it returnstrueonly when the user is really anonymous.isRemembered($user = null): returnstrueif the current application user (or the optionally given user) is remembered. This behaves differently than Symfony built-in methods and it returns true only when the user is really remembered and they haven't introduced their credentials (username and password).isFullyAuthenticated($user = null): returnstrueif the current application user (or the optionally given user) is authenticated because they have introduced their credentials (username and password).isAuthenticated($user = null): returnstrueif the current application user (or the optionally given user) is authenticated in any way (because they have introduced their credentials (username and password) or they have been remembered).
Login
login(UserInterface $user, $firewallName = 'main'): it logs in the given user in themainapplication firewall (or the optionally given firewall name).getLoginError(): returns the error of the last failed login attempt, if any.getLoginUsername(): returns the username of the last failed login attempt, if any.
Passwords
encodePassword($plainPassword, $user = null): returns the given plain password encoded/hashed using the encoder of the current application user or the optionally given user.isPasswordValid($plainPassword, $user = null): returnstrueif the given plain password is valid for the current application user or the optionally given user.
All versions of easy-security-bundle with dependencies
symfony/dependency-injection Version ~2.3|~3.0
symfony/http-foundation Version ~2.3|~3.0
symfony/http-kernel Version ~2.3|~3.0
symfony/security Version ~2.6|~3.0
symfony/security-bundle Version ~2.6|~3.0