minor #6931 [Guard] Improve clarity using the configured provider (chalasr)

xabbuh · xabbuh · commit fa8d09f68e18 · 2016-09-21T18:09:12.000+02:00
This PR was merged into the 2.8 branch. Discussion ---------- [Guard] Improve clarity using the configured provider Recently at work, a colleague trying to discover Guard said me how it was confused by the given example: > Does Guard require to configure an user provider, or can I simply inject the entity manager? Otherwise, what is the point of configuring this provider? I think I understand why this example was made as is, showing the flexibility of Guard and its ability to answer different needs in different authentication ways without going deeper into things that are already documented somewhere else. On the other hand I can understand it's confusing and IMHO remove the use of the entity manager can make it clearer and easier to understand. Note that the current example shouldn't work as is, as don't set the `property` key of an entity provider involves to create a doctrine repository implementing `UserLoaderInterface` for the corresponding `User` entity (if the provider comes to be used of course). What do you think? ping @weaverryan Commits ------- 456dc05 [Guard] Improve clarity using the configured provider
diff --git a/security/guard_authentication.rst b/security/guard_authentication.rst
@@ -91,6 +91,7 @@ Next, make sure you've configured a "user provider" for the user:
                 your_db_provider:
                     entity:
                         class: AppBundle:User
+                        property: apiKey
 
             # ...
 
@@ -159,17 +160,9 @@ This requires you to implement six methods::
     use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
     use Symfony\Component\Security\Core\Exception\AuthenticationException;
     use Symfony\Component\Security\Core\User\UserProviderInterface;
-    use Doctrine\ORM\EntityManager;
 
     class TokenAuthenticator extends AbstractGuardAuthenticator
     {
-        private $em;
-
-        public function __construct(EntityManager $em)
-        {
-            $this->em = $em;
-        }
-
         /**
          * Called on every request. Return whatever credentials you want,
          * or null to stop authentication.
@@ -193,8 +186,7 @@ This requires you to implement six methods::
 
             // if null, authentication will fail
             // if a User object, checkCredentials() is called
-            return $this->em->getRepository('AppBundle:User')
-                ->findOneBy(array('apiKey' => $apiKey));
+            return $userProvider->loadUserByUsername($apiKey);
         }
 
         public function checkCredentials($credentials, UserInterface $user)
@@ -258,15 +250,12 @@ To finish this, register the class as a service:
         services:
             app.token_authenticator:
                 class: AppBundle\Security\TokenAuthenticator
-                arguments: ['@doctrine.orm.entity_manager']
 
     .. code-block:: xml
 
         <!-- app/config/services.xml -->
         <services>
-            <service id="app.token_authenticator" class="AppBundle\Security\TokenAuthenticator">
-                <argument type="service" id="doctrine.orm.entity_manager"/>
-            </service>
+            <service id="app.token_authenticator" class="AppBundle\Security\TokenAuthenticator" />
         </services>
 
     .. code-block:: php
@@ -275,10 +264,7 @@ To finish this, register the class as a service:
         use Symfony\Component\DependencyInjection\Definition;
         use Symfony\Component\DependencyInjection\Reference;
 
-        $container->setDefinition('app.token_authenticator', new Definition(
-            'AppBundle\Security\TokenAuthenticator',
-            array(new Reference('doctrine.orm.entity_manager'))
-        ));
+        $container->setDefinition('app.token_authenticator', new Definition('AppBundle\Security\TokenAuthenticator'));
 
 Finally, configure your ``firewalls`` key in ``security.yml`` to use this authenticator:
 
