8000 feature #3565 added information on AuthenticationFailureHandlerInterf… · symfony/symfony-docs@b02c16a · GitHub
[go: up one dir, main page]
Skip to content

Commit b02c16a

Browse files
weaverryanweaverryan
committed
feature #3565 added information on AuthenticationFailureHandlerInterface (samsamm777)
This PR was submitted for the master branch but it was merged into the 2.4 branch instead (closes #3565). Discussion ---------- added information on AuthenticationFailureHandlerInterface The Api Keys documentation made no mention of the AuthenticationFailureHandlerInterface which is required to correctly display Authentication Failure responses. Without it, authentication failures will result in a 500 response. I've made mention to the interface and given an example implementation. http://symfony.com/doc/current/cookbook/security/api_key_authentication.html#cookbook-security-api-key-config ``` Doc fix? yes New docs? no Applies to: 2.4 Fixed tickets: none found ``` Commits ------- 066bccb fixed typo db8e01a recommendations by xabbuh 3366dfc fixed authentication failed header 21e3536 fixed line wrapping e4f5c6e added information on AuthenticationFailureHandlerInterface in api keys docs
2 parents d6a17e7 + e915162 commit b02c16a

File tree

2 files changed

+29
-0
lines changed

2 files changed

+29
-0
lines changed

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
.DS_Store

cookbook/security/api_key_authentication.rst

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -210,6 +210,34 @@ exception in ``refreshUser()``.
210210
If you *do* want to store authentication data in the session so that
211211
the key doesn't need to be sent on every request, see :ref:`cookbook-security-api-key-session`.
212212

213+
Handling Authentication Failure
214+
-------------------------------
215+
216+
In order for your ``ApiKeyAuthentication`` to correctly display a 403
217+
http status when either bad credentials or authentication fails you will
218+
need to implement the :class:`Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface` on your
219+
Authenticator. This will provide a method ``onAuthenticationFailure`` which
220+
you can use to create an error ``Response``.
221+
222+
// src/Acme/HelloBundle/Security/ApiKeyAuthenticator.php
223+
namespace Acme\HelloBundle\Security;
224+
225+
use Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface;
226+
use Symfony\Component\Security\Core\Exception\AuthenticationException;
227+
use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
228+
use Symfony\Component\HttpFoundation\Response;
229+
use Symfony\Component\HttpFoundation\Request;
230+
231+
class ApiKeyAuthenticator implements SimplePreAuthenticatorInterface, AuthenticationFailureHandlerInterface
232+
{
233+
//...
234+
235+
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
236+
{
237+
return new Response("Authentication Failed.", 403);
238+
}
239+
}
240+
213241
.. _cookbook-security-api-key-config:
214242

215243
Configuration

0 commit comments

Comments
 (0)
0