I have a Symfony project. I used Easyadmin bundle and I used form login for security and authentication. I have some API too and I need a custom authentication for that. I'm not sure how can I change my security.yml to keep both of them.

here is my security yaml:

firewalls:
        secured_area:
            form_login:
                enable_csrf: false
                login_path: app_login
                check_path: app_login
                default_target_path: app_admin_custom_custom_index
            logout:
                path: app_logout
                target: /login

and I need to append the following custom authenticator into it

custom_authenticator: App\Security\ApiKeyAuthenticator

thanks in advance for your supports

CodePudding user response：

In recent versions of Symfony, at least, you can add your list of custom_authenticators at the same level as the form_login.

Two very useful commands to show the configuration - and all available options are:

• bin/console debug:config security # what is currently set (including defaults)
• bin/console config:dump-reference security # What could be set

https://symfony.com/doc/current/security/custom_authenticator.html has some details on writing, and configuring, custom authenticators.

CodePudding user response：

finally, I found the solution I had to define two different firewalls in my security.YAML. here is my configuration, hope It will be helpful.

firewalls:
    api:
        pattern: ^/api/
        stateless: true
        custom-authenticator: App\Security\ApiKeyAuthenticator
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false
    main:
        lazy: true
        form_login:
            enable_csrf: false
            login_path: app_login
            check_path: app_login
            default_target_path: app_admin_custom_custom_index
        logout:
            path: app_logout
            target: /login