Within a Symfony2 application I'm building I've managed to get user account creation, login, updating profile working using bootstrap for the frontend and 'out of the box' Symfony2 for the rest. I need to add the ability for users to reset their passwords and/or have email sent with a generated password. I'll preface these questions with the fact I am new to developing in Symfony2. My questions are 1) Do I try and use FOSUserBundle in parallel with code I have already written or 2) Are there ways to implement this without FOSUserBundle. These are questions are really coming from a place of not knowing any better.
Thank you in advance.
I'm not a symfony guy but I only know that Symfony embraces the "don't reinvent the wheel" philosophy. Symfony itself is a collection of bundles. If this is your first time with a web framework I can tell that you've passed a lot of time and effort implementing something that other developers offered to you. Believe me if you want to build something powerful and standardized FOSuserbundle will undoubtedly satisfy your need.
Always sad to see a genuinely asked question downvoted.
#Brent was a Symfony novice myself and in many ways probably still am. I wouldn't say Symfony embraces "don't reinvent the wheel" but rather "speed up app development". I am sure you can take days searching Stackoverflow and find possible (probably a little bit outdated) solutions to your problem or do as #AzizFCB suggested and use a ready Symfony bundle, in fact, the most widely used and adopted Symfony bundle. Unless your app's core activity is solving people's login and forgot password problems. I would strongly advise to use FOSUserBundle, solve that problem in a few hours importantly including updates (especially security) that you don't need to manage (but if you can please contribute to) and focus your efforts on coding your apps core activity(s).
Related
I am a little confused as to how the identity framework works. For example in VS 2013 we can create an MVC application that the authentication is individual user accounts. Once we create it we can register with a username and password. But what if we wanted to have also a DOB in the registration or some other fields such as email or phone etc? Can we do this with the identity framework? What about the way the data base is structured, can we have a custom structure? Or if I want this should I be using forms authentication? Also what is the difference between the Identity framework and Forms authentication in terms of authentication?
Although your post has already been marked as answered, I’d like to add a little more info for future readers.
The first thing we need to understand with VS and Microsoft is that they’ve always tried to provide us with Templates to help us get started. There are many Pros and Cons to using Templates but the idea is that it gets you started quickly without having to manually include stuff yourself.
The idea of Templates is great but to the untrained eye, it provides Microsoft an opportunity to include stuff that THEY think you’ll need or better yet, what your application will need.
This opportunity includes promoting products such as Identity, Knockout.js etc...
In short, Microsoft is not wrong in doing that since the majority of the people do not second guess what is included in their project and because they…well…trust Microsoft.
A great analogy is when you purchase a new computer from a major retailer. When you arrive home and start your computer, you quickly notice that you have a bunch of pre-installed software running in the background (that you never asked for).
To the untrained eye, they will never realize that these are running in the background and their computer will work regardless. But for someone that is aware, he will most likely uninstall all of them and have a cleaner plate.
So Templates are similar to this...
As for the rest of your questioning, I’m sure by now you’ve found the answers.
Even though Microsoft sells ASP Identity as a single solution, Forms Authentication and Identity (Membership) are two distinct frameworks that work together, but serve different purposes:
Forms Authentication manages authentication session/cookies.
Membership/Identity is the store for user information (credentials, user demographics, etc.)
Look here for some additional information and links.
Actually I have five simple projects based on Symfony 2.0. Each project has user management using Doctrine ORM.
Among bundles, User class has very few differences. Bundle1 may add "business name" attribute, Bundle2 may add "inbound communications" relationship. But all share the same well known attributes like "salt", "password", "username", "roles" and so on. And of course some logic for searching users.
Question is what's a reasonable approach to unify the user management? I mean creating a reusable UserBundle. I'm looking for some advice about xml configuration, mapped super classes, services, entity and forms inheritance.
I've looked at FOSUserBundle, it looks a bit complicated for me. I can't fully understand its logic. I don't need templates and views because each of my five bundles handles that. And I prefer to code it by myself.
I've looked at FOSUserBundle, it looks a bit complicated for me. I can't fully understand its logic. I don't need templates and views because each of my five bundles handles that. And I prefer to code it by myself.
You're answering your question yourself, embedding the pros and cons.
Pros:
Reusable code makes development faster
Cons:
Reusable code is often more generic and lead to more complicated things to solve problems.
If you're working in a team which often develop projects involving an User Management, then it is totally valuable to make your own.
Most of the released bundles were initially developed for personal use.
If you know you're not gonna work with anything else than Doctrine2 you can bypass the part abstracting the thing to make it work with MongoDb for example.
If you do so, keep in mind that it will be shared amongst other developers while being used by co-workers which use the same technology as you do.
If you're alone, make it fit your needs.
I'm new too Symfony 2 and need so help. I'm following this tutorial: http://symfony.com/doc/current/cookbook/security/entity_provider.html
It helps with creating a login system and I've managed to get that working mostly. However i the tutorial it only explain verifying using and email address or username. It has no mention of checking if the password is actually ok or how tell Doctrine which encryption algorithm to use or have to involve the salt.
If there is another article I should read that someone could point me too or if someone could explain to me how to do these thing I'd much appreciate it :)
a decent implementation of the user-mgmt is the https://github.com/FriendsOfSymfony/FOSUserBundle and its documentation
Used in many projects, been learning a lot when digging inside the bundle myself
Couple of month ago I got a legacy project written on Sf2. I fixed some bugs, and added some new functionality, but still i feel that it was made a little bit clumsy. Well, maybe not just a little :) So, I have a number of questions, how things really should be done in Sf2.
The first thing which is bothering me, is that the Application is separated on Frontend and Backend bundles. The're standing on the same model, and for example entity Book can be seen from FrontendBundle and edited from BackendBundle. In some way this is producing a confusion of abstractions. So my question is - is it right, or wrong, and if wrong how it should be done in appropriate way?
Bundles are components in symfony2 that provides a functionality to your app. The frontend and backend approach has changed in symfony2, the bundles are used instead.
For example, you can create a BookBundle, and put all the functionality regarding to books in that bundle, adding, updating etc. And by configuring the routes, you can redirect all the requests about the book to that bundle.
The main point is, the frontend and the backend about the books resides in same bundle, and only in that bundle(with controllers and entities and repositories and views etc.).
This is the intended usage in symfony2.
When my user registers in Drupal and his account is created, I'd like to be able to create an account in a 3rd-party system (e.g. some moodle site).
Is that possible with an existing module? If not, what would be the preferred way to add this functionality?
You'll need to create a new custom module and implement the hook_user().
Specifically, you'll need to support the 'insert' operation, but of course you could add support for many others (such as delete or update) so you can manage users from your Drupal installation as well.
BTW: no existing module will couple exactly with your system, unless you're referring to a 3rd party application - in which case it'd help if you could tell us which one you're using :)
I second Sebs suggestion of using hook_user() for this, either after the fact on the 'insert' action, or upfront on 'validate', or on both, depending on how you need to deal with an eventual failure of Drupal itself or the 3rd-party-system.
Also, given your other question in this context, it looks like you might be interested in the following posts/discussions concerning external authentication in general:
Distributed Authentication changes (A short note/description of changes compared to Drupal-5)
Refactor distributed auth out of user.module (lengthy but informative discussion leading to the current state of things)
External Authentication in Druapl 6 (Some user experiences with the current state)
You might also want to take a look at the OpenID integration in Drupal core as a somewhat 'authoritative' source of examples.
You might also check out the Moodle module for Drupal. I used it a couple years ago and it was kind of a headache, but I'd guess that it's come a long way since then.
Interestingly, they recommend using OpenID to manage users between the sites. That may be easier than implementing your own hook_user instance if you aren't very comfortable writing Drupal modules. Just a thought.