I have a website that uses Symfony2.8; I am working on a mobile app that would use the same project as the backend so I need to support token based authentication as well as regular login forms. All resources I’ve found talk about API only authentication not API(token based) and form. Anyone has any ideas how to accomplish this?
I am using FOSUserBundle if that matters.
You can do it by using custom Authenticators for each case.
Symfony 2.8 introduced Guard, which makes it’s relatively easy to create custom Authenticators.
Basically you create 2 custom Authenticators , which essentially means creating 2 Services.
FormLoginAuthenticator -> app.form_login_authenticator
ApiTokenAuthenticator -> app.api_token_authenticator
Once these services are created, you just have to register those as Authenticators
security: … main: anonymous: ~ knpu_guard: authenticators: – app.form_login_authenticator – app.api_token_authenticator entry_point: app.form_login_authenticator
Obviously it’s upto you to implement those Services, but Symfony Docs does provide a decent starting point for you to start .
Check these links for the same :How to Create a Custom Authentication System with Guard
How to Use Multiple Guard Authenticators
https://knpuniversity.com/screencast/guard ( provides fully working example + tutorial )