FOSUserBundle Integration
API Platform Core is shipped with a bridge for FOSUserBundle.
If the FOSUser bundle is enabled, this bridge will use its UserManager to create, update and delete user resources.
Note: FOSUserBundle is not well suited for APIs. We strongly encourage you to use the Doctrine user provider shipped with Symfony or to create a custom user provider instead of using this bundle.
Installing the Bundle
The installation procedure of the FOSUserBundle is described in the main Symfony docs
You can:
- Skip step 3 (Create your User class) and use the class provided in the next paragraph to set up serialization groups the correct way
- Skip step 4 (Configure your application's security.yml)
if you are planning to use a JWT-based authentication using
LexikJWTAuthenticationBundle
If you are using the API Platform Standard Edition, you will need to enable the form services in the symfony framework configuration options:
# api/config/packages/framework.yaml
framework:
form: { enabled: true }Enabling the Bridge
To enable the provided bridge with FOSUserBundle, you need to add the following configuration to API Platform:
# api/config/packages/api_platform.yaml
api_platform:
enable_fos_user: trueCreating a User Entity with Serialization Groups
Here's an example of declaration of a Doctrine ORM User class.
There's also an example for a Doctrine MongoDB ODM.
You need to use serialization groups to hide some properties like plainPassword (only in read) and password. The properties
shown are handled with normalization_context, while the properties
you can modify are handled with denormalization_context.
Create your User entity with serialization groups:
<?php
// api/src/Entity/User.php
namespace App\Entity;
use ApiPlatform\Core\Annotation\ApiResource;
use Doctrine\ORM\Mapping as ORM;
use FOS\UserBundle\Model\User as BaseUser;
use FOS\UserBundle\Model\UserInterface;
use Symfony\Component\Serializer\Annotation\Groups;
/**
* @ORM\Entity
* @ORM\Table(name="fos_user")
* @ApiResource(
* normalizationContext={"groups"={"user", "user:read"}},
* denormalizationContext={"groups"={"user", "user:write"}}
* )
*/
class User extends BaseUser
{
/**
* @ORM\Id
* @ORM\Column(type="integer")
* @ORM\GeneratedValue(strategy="AUTO")
*/
protected $id;
/**
* @Groups({"user"})
*/
protected $email;
/**
* @ORM\Column(type="string", length=255, nullable=true)
* @Groups({"user"})
*/
protected $fullname;
/**
* @Groups({"user:write"})
*/
protected $plainPassword;
/**
* @Groups({"user"})
*/
protected $username;
public function setFullname(?string $fullname): void
{
$this->fullname = $fullname;
}
public function getFullname(): ?string
{
return $this->fullname;
}
public function isUser(?UserInterface $user = null): bool
{
return $user instanceof self && $user->id === $this->id;
}
}