FOSUser Bundle Integration

API Platform Core is shipped with a bridge for FOSUserBundle. If the FOSUser bundle is enabled, this bridge will use its UserManager to create, update and delete user resources.

Installing the Bundle

The installation procedure of the FOSUserBundle is described in the main Symfony docs

You can: - Skip the step 3 (Create your User class) and use the class provided in the next paragraph to set up serialization groups the correct way - Skip the step 4 (Configure your application’s security.yml) if you are planning to use a JWT-based authentication using LexikJWTAuthenticationBundle

If you are using the API Platform Standard Edition, you will need to enable the form services in the symfony framework configuration options:

# app/config/config.yml
framework:
    form: { enabled: true }

Enabling the Bridge

To enable the provided bridge with FOSUserBundle, you need to add the following configuration to api-platform:

# app/config/config.yml
api_platform:
    enable_fos_user: true

Creating a User Entity with Serialization Groups

Here’s an example of declaration of a Doctrine ORM User class. You need to use serialization groups to hide some properties like plainPassword (only in read) and password. The properties shown are handled with the normalization_context, while the properties you can modify are handled with denormalization_context.

Create your User entity with serialization groups:

<?php

// src/AppBundle/Entity/User.php

namespace AppBundle\Entity;

use ApiPlatform\Core\Annotation\ApiResource;
use Doctrine\ORM\Mapping as ORM;
use FOS\UserBundle\Model\User as BaseUser;
use FOS\UserBundle\Model\UserInterface;
use Symfony\Component\Serializer\Annotation\Groups;

/**
 * @ORM\Entity
 * @ApiResource(attributes={
 *     "normalization_context"={"groups"={"user", "user-read"}},
 *     "denormalization_context"={"groups"={"user", "user-write"}}
 * })
 */
class User extends BaseUser
{
    /**
     * @ORM\Id
     * @ORM\Column(type="integer")
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    protected $id;

    /**
     * @Groups({"user"})
     */
    protected $email;

    /**
     * @ORM\Column(type="string", length=255, nullable=true)
     * @Groups({"user"})
     */
    protected $fullname;

    /**
     * @Groups({"user-write"})
     */
    protected $plainPassword;

    /**
     * @Groups({"user"})
     */
    protected $username;

    public function setFullname($fullname)
    {
        $this->fullname = $fullname;

        return $this;
    }
    public function getFullname()
    {
        return $this->fullname;
    }

    public function isUser(UserInterface $user = null)
    {
        return $user instanceof self && $user->id === $this->id;
    }
}

Previous chapter: Accept application/x-www-form-urlencoded Form Data

Next chapter: Adding a JWT authentication using LexikJWTAuthenticationBundle

 Edit on GitHub