Download the PHP package start-kit-symfony/start-bundle without Composer

Setup Guide and Project Overview

• Example Website Using Symfony 4
• Example Code Using Symfony 4
• Example Code Using Symfony 3

Setup Guide Symfony 4

1) Install the bundle, don't do the recipe at this time.

2) Add the api routes to the bundle in the config -> routes.yaml

3) Add NelmioApiDocBundle to bundles.php in -> config folder

4) Add a nelmio_api_doc.yaml to the config folder and paste this in there.

5) Add the service alias to services.yaml file. This is a temporary hack.

6) Add A controller class called ApiDocController and add method called apiDoc

7) Create a jwt directory in your var folder

8) Create your private key with and write down the pass phrase you used.

9) Create your public key, you will need the pass phrase here and in the composer install step

10) In your App -> Entity folder create a User class that extends the BaseUser.

11) When u create your s3 Bucket you will need to a folder for each environment you have. In that folder you will need to add another folder called profile_pics which is where the personal pictures are stored. Say you have dev and prod. You can over ride this or not use s3 if you want to.

prod -> profile_pics
dev -> profile_pics

12) Fill out all the information for setting up service parameters in your .env file.

14) Create a folder in your App called "Entity" and in that folder create an Entity Class called User.

15) Register Firewalls and Security Providers config -> packages -> security.yaml for symfony 4.

Setup Guide Symfony 3

1) Install the bundle

2) Add to Bundle class to the app kernel.

3) cd into the directory where your project is

4) Create a jwt directory in your var folder

5) Create your private key with and write down the pass phrase you used.

6) Create your public key, you will need the pass phrase here and in the composer install step

7) In your AppBundle -> Entity folder create a User class that extends the BaseUser.

8) When u create your s3 Bucket you will need to a folder for each environment you have. In that folder you will need to add another folder called profile_pics which is where the personal pictures are stored. Say you have dev and prod. You can over ride this or not use s3 if you want to.

prod -> profile_pics
dev -> profile_pics

9) Create a folder in your App called "Entity" and in that folder create an Entity Class called User.

10) Configure the Bundle, in the app -> config -> config.yml file.

11) Register Firewalls and Security Providers. This will be in the app -> config -> security.yml.

Project Overview

Services and Interfaces

Every service has an interface that is registered as a service. This bundle only uses interfaces in the constructor of the classes. This means that all you have to do to over ride a service is find the interface it is implementing and register the interface as a service in the app bundle.

Here is an example. Say you wanted to use tokens stored in the database instead of jwt / jws tokens. All you would have to do is create a service that implemented the AuthTokenServiceInterface and register it in the app bundle.

Service Registration

You can find the actual class implementation here.

Here is where services are registered for the bundle. services.yml

No JMS Serializer, Symfony Serializer, FOS Rest Bundles

Here are some reasons we decided not to use theses.

1) Using a serializer is slower then just outputting an array 2) Using arrays and putting them in JsonResponse is way easier to test and unit test. 3) FOS Rest Bundle is confusing to configure and most projects will use json and not xml so you can bias your apis based on that. 4) You can always add theses if you want, I think the authors have done an amazing job with these bundles. ;)

Stateless Authentication

I feel that php sessions are confusing and vary too much from version to version of php. It's easier to understand authentication if every request has a token / string that represents who the user is. I believe this also helps separate concerns in the sense that client is responsible for storing the auth token and server is responsible for validating it.

Ajax Login

I think it's better to do ajax login and just have the request contain a cookie that the client stores for authentication. This means that you don't have to work about getting the last username and refreshing the page. It's also makes the guard logic simpler because every login response will have an auth cookie and authenticated response.

Response Envelopes

I think that every response should be wrap around envelope that describes what it how to parse it. The response fields this project uses are meta, and data. Meta will have a type that will clients to build parsers based on those types.

Email Only Login

I feel that email are the best approach to login and not username. Mainly because they are unique for sites to be able to be merged if one site buys another.

Table of Contents

• Services
• Response / Serialization
• Forms
• Security
• User Entity & Traits

How To / Examples

• How to use Auth Tokens Stored In the database
• How to add Linked In Login (OAuth Provider)
• How to add EasyAdmin Bundle For User Management
• How to log the user in after they have registered
• How to send an email after the user registers

How to run tests

Be sure that sqlite is install our your system. That is what we use for the test database.

1) git clone https://github.com/phptuts/StarterBundleForSymfony.git

2) cd into the directory you cloned the repo in.

3) Run this in the command in the command line.