FOSUserBundle Integration
API Platform Core is shipped with a bridge for FOSUserBundle.
If the FOSUser bundle is enabled, this bridge will use its UserManager
to create, update and delete user resources.
Note: FOSUserBundle is not well suited for APIs. We strongly encourage you to use the Doctrine user provider shipped with Symfony or to create a custom user provider instead of using this bundle.
Watch the User Entity screencast
Installing the Bundle
The installation procedure of the FOSUserBundle is described in the main Symfony docs
You can:
- Skip step 3 (Create your User class) and use the class provided in the next paragraph to set up serialization groups the correct way
- Skip step 4 (Configure your application's security.yml)
if you are planning to use a JWT-based authentication using
LexikJWTAuthenticationBundle
If you are using the API Platform Standard Edition, you will need to enable the form services in the symfony framework configuration options:
# api/config/packages/framework.yaml
framework:
form: { enabled: true }
Enabling the Bridge
To enable the provided bridge with FOSUserBundle, you need to add the following configuration to API Platform:
# api/config/packages/api_platform.yaml
api_platform:
enable_fos_user: true
Creating a User
Entity with Serialization Groups
Here's an example of declaration of a Doctrine ORM User class.
There's also an example for a Doctrine MongoDB ODM.
You need to use serialization groups to hide some properties like plainPassword
(only in read) and password
. The properties
shown are handled with normalization_context
, while the properties
you can modify are handled with denormalization_context
.
Create your User entity with serialization groups:
<?php
// api/src/Entity/User.php
namespace App\Entity;
use ApiPlatform\Core\Annotation\ApiResource;
use Doctrine\ORM\Mapping as ORM;
use FOS\UserBundle\Model\User as BaseUser;
use FOS\UserBundle\Model\UserInterface;
use Symfony\Component\Serializer\Annotation\Groups;
/**
* @ORM\Entity
* @ORM\Table(name="fos_user")
* @ApiResource(
* normalizationContext={"groups"={"user", "user:read"}},
* denormalizationContext={"groups"={"user", "user:write"}}
* )
*/
class User extends BaseUser
{
/**
* @ORM\Id
* @ORM\Column(type="integer")
* @ORM\GeneratedValue(strategy="AUTO")
*/
protected $id;
/**
* @Groups({"user"})
*/
protected $email;
/**
* @ORM\Column(type="string", length=255, nullable=true)
* @Groups({"user"})
*/
protected $fullname;
/**
* @Groups({"user:write"})
*/
protected $plainPassword;
/**
* @Groups({"user"})
*/
protected $username;
public function setFullname(?string $fullname): void
{
$this->fullname = $fullname;
}
public function getFullname(): ?string
{
return $this->fullname;
}
public function isUser(?UserInterface $user = null): bool
{
return $user instanceof self && $user->id === $this->id;
}
}