How to do Symfony + Angular authorization?

P

Pavel Busel2016-09-23 16:44:01

symfony

Pavel Busel, 2016-09-23 16:44:01

There is a project on symfony2 where the backend and frontend are in the framework. It was decided to split into symfony(backend) + angular2(frontend). There is a lot of different material on the Internet how to do all sorts of little things in this bundle. But how to build the work process in general is not entirely clear. How to organize user authorization? At the moment, my vision is the following: we display an authorization form for the user, he enters a login pass, we pass this login pass to the symfony on a custom "authorizer" (xs how to translate correctly) symfony.com/doc/current/security/api_key_authentic... that it authorizes and generates a token that we put in a radish (common for the node and symphony) and user cookies.
Have I described everything correctly? Maybe there will be a better solution?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Andrey Kulikovsky, 2016-10-04
@by25

We use JWT for authorization.
Suitable bundle - https://github.com/lexik/LexikJWTAuthenticationBundle + third-party ones (for cors, etc.) are indicated in the dock.
For angular - there are many solutions or it is very easy to implement your own provider.
Description of jwt - jwt.io + there were several articles on Habré.