AuthenticatorInterface
extends
AuthenticationEntryPointInterface
in
The interface for all "guard" authenticators.
The methods on this interface are called throughout the guard authentication process to give you the power to control most parts of the process from one location.
Tags
Table of Contents
- checkCredentials() : bool
- Returns true if the credentials are valid.
- createAuthenticatedToken() : GuardTokenInterface
- Create an authenticated token for the given user.
- getCredentials() : mixed
- Get the authentication credentials from the request and return them as any type (e.g. an associate array).
- getUser() : UserInterface|null
- Return a UserInterface object based on the credentials.
- onAuthenticationFailure() : Response|null
- Called when authentication executed, but failed (e.g. wrong username password).
- onAuthenticationSuccess() : Response|null
- Called when authentication executed and was successful!
- start() : Response
- Returns a response that directs the user to authenticate.
- supports() : bool
- Does the authenticator support the given Request?
- supportsRememberMe() : bool
- Does this method support remember me cookies?
Methods
checkCredentials()
Returns true if the credentials are valid.
public
checkCredentials(mixed $credentials, UserInterface $user) : bool
If false is returned, authentication will fail. You may also throw an AuthenticationException if you wish to cause authentication to fail.
The credentials are the return value from getCredentials()
Parameters
- $credentials : mixed
- $user : UserInterface
Tags
Return values
bool —createAuthenticatedToken()
Create an authenticated token for the given user.
public
createAuthenticatedToken(UserInterface $user, string $providerKey) : GuardTokenInterface
If you don't care about which token class is used or don't really understand what a "token" is, you can skip this method by extending the AbstractGuardAuthenticator class from your authenticator.
Parameters
- $user : UserInterface
- $providerKey : string
-
The provider (i.e. firewall) key
Tags
Return values
GuardTokenInterface —getCredentials()
Get the authentication credentials from the request and return them as any type (e.g. an associate array).
public
getCredentials(Request $request) : mixed
Whatever value you return here will be passed to getUser() and checkCredentials()
For example, for a form login, you might:
return [
'username' => $request->request->get('_username'),
'password' => $request->request->get('_password'),
];
Or for an API token that's on a header, you might use:
return ['api_key' => $request->headers->get('X-API-TOKEN')];
Parameters
- $request : Request
Tags
Return values
mixed —Any non-null value
getUser()
Return a UserInterface object based on the credentials.
public
getUser(mixed $credentials, UserProviderInterface $userProvider) : UserInterface|null
The credentials are the return value from getCredentials()
You may throw an AuthenticationException if you wish. If you return null, then a UsernameNotFoundException is thrown for you.
Parameters
- $credentials : mixed
- $userProvider : UserProviderInterface
Tags
Return values
UserInterface|null —onAuthenticationFailure()
Called when authentication executed, but failed (e.g. wrong username password).
public
onAuthenticationFailure(Request $request, AuthenticationException $exception) : Response|null
This should return the Response sent back to the user, like a RedirectResponse to the login page or a 401 response.
If you return null, the request will continue, but the user will not be authenticated. This is probably not what you want to do.
Parameters
- $request : Request
- $exception : AuthenticationException
Return values
Response|null —onAuthenticationSuccess()
Called when authentication executed and was successful!
public
onAuthenticationSuccess(Request $request, TokenInterface $token, string $providerKey) : Response|null
This should return the Response sent back to the user, like a RedirectResponse to the last page they visited.
If you return null, the current request will continue, and the user will be authenticated. This makes sense, for example, with an API.
Parameters
- $request : Request
- $token : TokenInterface
- $providerKey : string
-
The provider (i.e. firewall) key
Return values
Response|null —start()
Returns a response that directs the user to authenticate.
public
start(Request $request[, AuthenticationException $authException = null ]) : Response
This is called when an anonymous request accesses a resource that requires authentication. The job of this method is to return some response that "helps" the user start into the authentication process.
Examples:
-
For a form login, you might redirect to the login page
return new RedirectResponse('/login');
-
For an API token authentication system, you return a 401 response
return new Response('Auth header required', 401);
Parameters
- $request : Request
- $authException : AuthenticationException = null
Return values
Response —supports()
Does the authenticator support the given Request?
public
supports(Request $request) : bool
If this returns false, the authenticator will be skipped.
Parameters
- $request : Request
Return values
bool —supportsRememberMe()
Does this method support remember me cookies?
public
supportsRememberMe() : bool
Remember me cookie will be set if all of the following are met: A) This method returns true B) The remember_me key under your firewall is configured C) The "remember me" functionality is activated. This is usually done by having a _remember_me checkbox in your form, but can be configured by the "always_remember_me" and "remember_me_parameter" parameters under the "remember_me" firewall key D) The onAuthenticationSuccess method returns a Response object