FOSUserBundle Integration
API Platform Core is shipped with a bridge for FOSUserBundle.
If the FOSUser bundle is enabled, this bridge will use its UserManager to create, update and delete user resources.
Note: FOSUserBundle is not well suited for APIs. We strongly encourage you to use the Doctrine user provider shipped with Symfony or to create a custom user provider instead of using this bundle.
Installing the Bundle
The installation procedure of the FOSUserBundle is described in the main Symfony docs
You can:
- Skip the step 3 (Create your User class) and use the class provided in the next paragraph to set up serialization groups the correct way
- Skip the step 4 (Configure your application's security.yml)
if you are planning to use a JWT-based authentication using
LexikJWTAuthenticationBundle
If you are using the API Platform Standard Edition, you will need to enable the form services in the symfony framework configuration options:
# api/config/packages/api_platform.yaml
framework:
form: { enabled: true }
Enabling the Bridge
To enable the provided bridge with FOSUserBundle, you need to add the following configuration to api-platform:
# api/config/packages/api_platform.yaml
api_platform:
enable_fos_user: true
Creating a User Entity with Serialization Groups
Here's an example of declaration of a Doctrine ORM User class.
You need to use serialization groups to hide some properties like plainPassword (only in read) and password. The properties
shown are handled with the normalization_context, while the properties
you can modify are handled with denormalization_context.
Create your User entity with serialization groups:
<?php
// api/src/Entity/User.php
namespace App\Entity;
use ApiPlatform\Core\Annotation\ApiResource;
use Doctrine\ORM\Mapping as ORM;
use FOS\UserBundle\Model\User as BaseUser;
use FOS\UserBundle\Model\UserInterface;
use Symfony\Component\Serializer\Annotation\Groups;
/**
* @ORM\Entity
* @ApiResource(attributes={
* "normalization_context"={"groups"={"user", "user-read"}},
* "denormalization_context"={"groups"={"user", "user-write"}}
* })
*/
class User extends BaseUser
{
/**
* @ORM\Id
* @ORM\Column(type="integer")
* @ORM\GeneratedValue(strategy="AUTO")
*/
protected $id;
/**
* @Groups({"user"})
*/
protected $email;
/**
* @ORM\Column(type="string", length=255, nullable=true)
* @Groups({"user"})
*/
protected $fullname;
/**
* @Groups({"user-write"})
*/
protected $plainPassword;
/**
* @Groups({"user"})
*/
protected $username;
public function setFullname(?string $fullname): void
{
$this->fullname = $fullname;
}
public function getFullname(): ?string
{
return $this->fullname;
}
public function isUser(?UserInterface $user = null): bool
{
return $user instanceof self && $user->id === $this->id;
}
}
The API Component
- Introduction
- Configuration
- Overriding Default Order
- The Serialization Process
- Overall Process
- Available Serializers
- The Serialization Context, Groups and Relations
- Using Serialization Groups
- Using Different Serialization Groups per Operation
- Changing the Serialization Context Dynamically
- Changing the Serialization Context on a Per Item Basis
- Name Conversion
- Decorating a Serializer and Add Extra Data
- Entity Identifier Case
- Embedding the JSON-LD Context
- The Event System
- Using External JSON-LD Vocabularies
- Extending JSON-LD context
- Security
- Accept application/x-www-form-urlencoded Form Data
- NelmioApiDocBundle integration
- Handling Data Transfer Objects (DTOs)
The Schema Generator Component
The Admin Component
The Client Generator Component