Symfony Login Application In Depth

In this "2nd" tutorial, learn all about Symfonys Security component. Along the way, practice more "employable" skills.
3.8 (6 ratings) Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
67 students enrolled
$19
$20
5% off
Take This Course
  • Lectures 23
  • Length 4 hours
  • Skill Level Intermediate Level
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works

Discover

Find online courses made by experts from around the world.

Learn

Take your courses with you and learn anywhere, anytime.

Master

Learn and practice real-world skills and achieve your goals.

About This Course

Published 9/2015 English

Course Description

Learn the tools, concepts and inbuilt functions you need to get a Symfony Security System up and running in your projects. Become more employable in the process.

With the skills taught in this course you can easily understand the inner workings of any other third party bundle you may choose to use in the future. Or you can write your own!

  • More practice with console code generators
  • Deeper understanding of working with twig templates
  • Thorough explanation of the Security Encoding Component in both Fixtures and Controllers
  • Thorough explanation and coding of Application Login Functionality
  • Thorough explanation of Authorization and Access Control for your pages
  • More practice in writing a controller by hand

A powerful and valuable skill at your fingertips.

For PHP Developers there is no better choice in choosing a framework to bring your skill set to the next level. Symfony is one of the two main frameworks of choice in the PHP development world today and is the basis of the second. With powerful third party bundles, excellent documentation and a large giving community, Symfony is the most useful tool to add to your PHP collection.

Content and Overview

Suitable for intermediate and advanced PHP developers, this lecture series takes a beginning look at the powerful and elegant security system in Symfony. If you can write a class but are not yet comfortable with the MVC paradigm then you've come to the right place. We won't get bogged down in too much theory. Instead we will learn by doing.

In this 3 plus hour course we show targeted errors along the way so that you know how to handle them. We dig into the fundamentals of Authentication and Authorization in depth and practice many common skills along the way.

The course is designed to be your "second" tutorial. So many courses start at the very beginning and don't delve to deeply in any given subject. The question is asked where do I go next? The answer is here. Security is considered by most to be the most difficult of the Symfony Components. Here we will dispel that myth!

The course files are designed so that you can look at every coding change to any file along the way. They are devided into each video section and only include the changed files so that you can easily navigate to any code you need to look at quickly.



What are the requirements?

  • Students should have a running Symfony2 deployment on their machine
  • They should know the basic commands for Terminal or Console access on their prospective environments
  • They should have taken one Symfony Tutorial in the past, though this is not strictly necessary for advanced users

What am I going to get from this course?

  • Write a Security centered Application in the Symfony2 Framework
  • Practice "employable" skills such as writing controllers by hand
  • Implement a Service in Symfony2
  • Implement a Fixture in Symfony2
  • Write Flash Messages with ease.
  • Write Data Fixtures at will

What is the target audience?

  • Any PHP developer wishing to expand into the wonderful world of Framework Experience
  • OOP Experience is a must, though it is not required that it be in depth
  • Any PHP developer wishing to take their OOP knowledge to the next level and learn a robust MVC system through structured practice

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.

Curriculum

Section 1: Start Here
00:38

Very short overview of the required skills necessary to take this coarse.


  • PHP Developer
  • A basic understanding of Object Oriented Programming. More on OOP requirements in next video!
  • A basic familiarity with the Model/View/Controller Paradigm
  • This is probably at least your "Second" Symfony Tutorial


01:30

This lecture delves into a little greater detail about the application we are building and the actual knowledge level required to get it done.

Section 2: Symfony Login Application Setup
04:37

In our first instructional lecture we cover the following concepts:

  1. Get into sudo mode so that we can be sure that you don't have problems with permissions. Keep in mind that I prefer you not do this, but I can't be certain of your environments permissions.
  2. We will download a new Symfony project.
  3. We will navigate to the newly created project and have a look at what we've created.
  4. Now we will clear out all the extraneous template html and show ourselves that we are in control with our own content.

I have included a zipped folder that contains all the files that were adjusted after the initial download of our project.

10:00

In this lecture we will adjust our templates to make them a little more appealing.

This is a good way to get practice time in working with Symfony's Twig Templating System.

  1. Navigate to the Twitter Bootstrap website and pick out a template for our use.
  2. We will then adjust our base twig file to reflect the new Bootstrap look and feel.
  3. We will write a small style sheet for any adjustments that we need to make.
  4. We will then adjust our crud templates with some Bootstrap jumbotron classes
  5. Finally we take a look at our creations.

It is entirely possible to skip this video if you do in fact know what you are doing. However if you are new to Symfony I recommend going through the lecture anyway just to get more practice. Understanding Twig templates is an integral part of becoming an effective and employed Symfony Developer.

I have included a zipped folder that contains all the files that were adjusted during this lecture.

09:54

Doctine is Symfonys preferred method of Object Relational Mapping. Look at a Symfony Entity as a map for the data driven part of your application. Now instead of focusing your applications around the database and it's structure you are instead focusing your application around the map, or in this case the Entity we are creating in this lecture. From this entity you will create everything. You will map it to the database. You will use the entity for generating CRUD. Lastly, you will use the entity for validation. All of these concepts are covered in lectures later in this coarse, but it all starts here with the initial Entity Creation.

In this video we will:

  1. Create and initialize the database for our application
  2. Create the entity using console commands
  3. Create our database table based on the Entity
  4. Generate CRUD for our users based on the Entity
  5. And finally we will do some functional testing to show that it all works by creating some users.

I have included a zipped folder that contains all the files that were adjusted during this lecture.

14:35

In this lecture we begin to focus on getting more out of our twig templates.

  • We will write some css classes into our templates that make bootstrap come alive in our displayed CRUD
  • In the twig templates themselves we will make adjustments concerning what data is actually displayed
  • We will examine the all import form method in the twig template and make it work better for us!
06:23

Form Types are Symfony's way of telling the template how to display a form.

The file is simple and it is atomized away from other types of logic in our application. That means that with only one form type we can have several forms that use the same entity. It makes our code easier to understand and it ensures that any of our logic is only done once! At the end of this series we will end up with 5 different pages that make forms based on this form type in conjunction with the the User Entity that we created in the last lecture.

In this video we will learn how to:

  1. Specify field types for our forms.
  2. Take control of the labels in our forms
  3. Add css classes to our inputs
  4. Add attributes to our input tags such as "placeholder"

I have included a zipped folder that contains all the files that were adjusted during this lecture.

14:05

I have named this lecture Form and Object Validation. The more appropriate name would just simply be Object Validation. Remember that the Entity is our map in the Object Relational Mapping paradigm. So if we validate our object, or in this case the entity, every single form we have based on that entity will automatically be validated. This saves us a tremendous amount of development time. As you know time is money, so understanding this concept helps to get you more employable.

In this lecture we will cover the following concepts:

  1. Turning off HTML5 form validation so we can test the server side validation.
  2. Pulling in USE statements so that we may extend our entities capabilities with other parts of the framework.
  3. Validating against empty fields and displaying appropriate error messages.
  4. Validating against regular expression patterns and displaying appropriate messages.
  5. Validating against uniqueness of data such as Emails and Usernames.
  6. Learn to remove a specific field from a rendering of one form but not another.

I have included a zipped folder that contains all the files that were adjusted during this lecture.

13:05

When we want to change how our templates look we have to make adjustments to the way that Symfony Core renders them. Instead of refactoring code in the Core itself, Symfony gives a way to "override" the parts that we don't like. This concept is known as Form Themeing.

In this lecture we learn how to:

  1. Find the base template that Symfony uses to create forms.
  2. Make our errors look pretty in the overwrite file.
  3. Include the overwrite file in other templates.
  4. Make sure and pay attention to our form object names and where they go and what they mean.
  5. Make further adjustments to our forms and end up with the final look and feel with our generated CRUD.

I have included a zipped folder that contains all the files that were adjusted during this lecture.

09:29

Fixtures are a great tool that any good developer should use to help test her projects. Simply put a fixture is a mechanism for purging and reloading dumb data into your database. Lucky for us, Symfony makes it easy to load data with fixtures. Since we will be doing a lot of different scenarios with our users that require testing it is a good idea to have a fresh set of data and our fingertips to load into our application.

In this video we will do the following:

  1. Use Composer to download the required dependencies.
  2. Update AppKernal.php to effectively turn on our new depencies.
  3. We will the write the simple fixture files.
  4. Finally we will use our newly created fixture to load dumb data into our database.
  5. We are leaving some very specific errors so that we can see what they look like.

I have included a zipped folder that contains all the files that were adjusted during this lecture.

Section 3: Working with passwords in Symfony
11:22

Encrypting passwords is at the heart of any security system.

In this lecture we will start by encoding passwords in the fixture that we built in the last lecture. We have 4 things to do:

  • Make our new fixture "container aware"
  • Adjust the security.yml file with an appropriate encoder: bcrypt
  • Write a method that uses the encoder to hash a password
  • And finally, encode passwords in the fixture.

I have included a zipped folder that contains all the files that were adjusted during this lecture.

15:29

In this lecture we concentrate on encoding passwords that come from the CRUD pages we built in the last section.

Encoding passwords in our controllers will require us to Implement the Symfony provided UserInterface for the first time. We have 4 things to do:

  • Implement the UserInterface
  • Create a service for encoding the passwords
  • Implement the new service in our security.yml file
  • Now in our controllers, we use the service container to envoke our new encoding method!

I have included a zipped folder that contains all the files that were adjusted during this lecture.

18:14

I've taken great care to include practice sessions centered around common usable skills while working as a Symfony Developer. This video is a back to the basics look at building a controller by hand and interacting that controller with its corresponding twig template. We will write a simple form controller line by line explaining every aspect of the process as we go along.

I have included a zipped folder that contains all the files that were adjusted during this lecture.

11:28

This lecture is the direct continuation of the 3.3 Custom Password Form By Hand.


Just like the last video we are focusing on common usable skills in Symfony, explaining everything we are doing line by line with documentation along the way. We have three things to do:

  • Write a password form generation method
  • Write a form submission controller
  • Write a redirect on success return statement.

I have included a zipped folder that contains all the files that were adjusted during this lecture.

Section 4: Authentication - All about loging in the user!
15:24

Symfony Security is all about both Authentication and Authorization. The traditional log in form represents the Authentication part of the equation. To get this part of our application up and running we will complete 5 tasks.

  • Go through the security file line by line once again
  • Understand Role Hierarchy and how it is implemented
  • Learn how the Security System "takes over" the login in process
  • Go through the SecurityController line by line
  • Adjust our Twig Template for the new login form

I have included a zipped folder that contains all the files that were adjusted during this lecture.

12:12

So far our login form has only the most basic functionality. In this lecture we extend that functionality to gain more flexibility in our application.

  • Make our errors look pretty
  • Adjust our base template for proper links based on Authentication status
  • Change the form to log in with email address instead
  • Learn about twig functions to act upon assigned roles
  • Log in with either username or email

I have included a zipped folder that contains all the files that were adjusted during this lecture.

06:46

So far the login form does not actually load ROLES for our logged in users from the database. Before we cover that step we must first get the roles into the database.

I have included a zipped folder that contains all the files that were adjusted during this lecture.

13:53

Now that we have roles in the database, we need to work on getting them out upon each login. While we are taking care of this task we will also give the SUPER ADMINS the ability to make turn regular users into admins.

I have included a zipped folder that contains all the files that were adjusted during this lecture.

Section 5: Authorization - Restricting Pages Based on Roles
05:48

We have Roles in the database figured out. We are using those roles to direct our templates what to do. Now it is time to move on to the next part of Authentication and Authorization. The Authorization of users on pages is handled in the security file through the Access Control mechanism. We will go through this line by line and show how it works on all of our pages. We will also discuss exactly how the access_denied_url parameter works.

I have included a zipped folder that contains all the files that were adjusted during this lecture.

09:47

We now have written viable access control parameters for our application to test against. In this video we will write a few simple pages to show exactly how that works. We will also add CSRF protection to our login form.

I have included a zipped folder that contains all the files that were adjusted during this lecture.

15:03

Now that we have our ROLES under controller its time to make adjustments to our templates based on both the role of the logged in user and the role of the user be viewed. We have 3 things to do:

  • Adjust controllers so Super Admins can't edit other Super Admins
  • Learn about and then use the handy Flash Message system provided by Symfony to notify the users what happened on redirects.
  • Adjust the appropriate templates so Super Admins don't see links for editing other Super Admins

I have included a zipped folder that contains all the files that were adjusted during this lecture.

Section 6: Registration By Hand and Closing Thoughts
18:04

In our last lecture in building our app we will create a Registration by hand. It is one thing to have the code generator make your controllers for you. It is an entirely different matter to write one without help. It requires a deeper understanding of what's going on in the code. This video is for practice purposes only. We have a few things to do:

  • Understand the bare minimum of Use Statements to accomplish our task
  • Write and explain the registerAction line by line
  • Make the register.twig.html file
  • Handle the form submission
  • Add Use Statements to reduce the amount of code we have to write and better reflect what the code generator would write for us anyway.

I have included a zipped folder that contains all the files that were adjusted during this lecture.

01:29

Congratulations! We have completed our Symfony Login Application. In this short video I talk a little about your options as far as where to go next.

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Rick Mason, PHP Software Developement

I have been a PHP developer for the last 8 years and a teacher for the last 15 years. I'm excited to be working with Udemy so that I might combine my two areas of expertise. I am choosing to specialize in the Symfony Framework. I don't believe the myth that Symfony is hard. Only its documentation! Come take a course and see for yourself.

Ready to start learning?
Take This Course