minor #18928 [Security] [Authenticator] Improve the first example (alexandre-daubois)

javiereguiluz · javiereguiluz · commit f436ae522cca · 2023-09-27T17:34:10.000+02:00
This PR was merged into the 5.4 branch. Discussion ---------- [Security] [Authenticator] Improve the first example Fix #15886, part of #15908 Commits ------- bd58134 [Authenticator] Improve the first example
diff --git a/security/custom_authenticator.rst b/security/custom_authenticator.rst
@@ -49,7 +49,11 @@ method that fits most use-cases::
                 throw new CustomUserMessageAuthenticationException('No API token provided');
             }
 
-            return new SelfValidatingPassport(new UserBadge($apiToken));
+            // implement your own logic to get the user identifier from `$apiToken`
+            // e.g. by finding one user in database by its API key
+            $userIdentifier = /** ... */;
+
+            return new SelfValidatingPassport(new UserBadge($userIdentifier));
         }
 
         public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
