symfony

Improve security when working with JWT and Symfony

Using JWT for authentication in a SPA with Symfony is very easy thanks to bundles like FOSUserBundle, LexikJWTAuthenticationBundle and JWTRefreshTokenBundle. Unfortunately they don't provide security against XSS attacks (which you

php

Remove JWT refresh token on logout in Symfony

Using JWT has a few advantages when working with SPAs, but also a few security disadvantages. One of them is that (depending on the implementation) with only a refresh token

symfony

Cors Listener in Symfony backend

When working with a frontend and backend on different domains I run into issues with the cors headers. Here's a way to solve them for a Symfony backend. A setup

symfony

Serialize null as undefined with Symfony serializer

There are two popular packages when for serialization when working with Symfony or with PHP in general. One serializes null as undefined and one as null. The one serializing it

symfony

Catch all routing in Symfony

When building single page applications, I still base them on top of symfony as I want to use the Symfony profiler. The whole routing should still take place in the

security

Generate a new JWT public and private key

JSON Web Tokens are becoming more and more common in single page applications and I'm also using them in multiple projects. But I also forget how to generate a new

symfony

Create new JWT when user updates email address (username)

Using JWT for a single page application in combination with Symfony in the backend is great when using the bundles lexik/jwt-authentication-bundle and gesdinet/jwt-refresh-token-bundle. lexik/jwt-authentication-bundle provides general JWT

php

Symfony http basic auth for debugging on live server

When deploying a Symfony application you usually remove the dev environment for security reasons. Which of course makes it more difficult to debug the system if there are errors occurring.

symfony

Get translatable entity from repository with specific locale

I wanted to have translatable entities in my project. So I used Gedmo translatable through the doctrine extensions bundle for Symfony. When using any kind of entity repository, a listener

symfony

Use environment variables as Symfony parameters

I had a case where I wanted to store a configuration into a vhost environment variable. But how to get this into your symfony parameters? There is a special environment

symfony

Disable elements in the Symfony developer toolbar with CompilerPass

One of the comments of the "Disable elements in the Symfony developer toolbar" post was the question to do the same thing with a compiler pass instead of overwriting the definitions with the services.yml Wouldn't it be a cleaner approach to

symfony

Disable elements in the Symfony developer toolbar

There are a lot of handy elements in the Symfony toolbar. But I think - especially with the last version - the toolbar got a little bit crowded. There are just a few elements I don't need (at least not for now). So I

symfony

How to pass SensioLabs Insight route check when using SonataAdminBundle

One of the rules SensioLabs Insight checks for is: A route should always have a valid HTTP method This will always fail when you use the SonataAdminBundle, because there is no way to set the methods in all routes generated by the admin classes.

php

Add Access-Control-Allow-Origin

Cross-site HTTP requests are HTTP requests for resources from a different domain than the domain of the resource making the request. For instance, a resource loaded from Domain A (http://www.liplex.de) such as an HTML web page, makes a request for a

mysql

Symfony console connection refused with MAMP

Recently I switched from a custom system setup on my Mac (Apache, MySQL, PHP, ...) to the MAMP Pro system. Unfortunately the Symfony console won't work with the default configuration in parameters.yml like the following: # Database parameters database_driver: pdo_mysql database_host: 127.

symfony

Symfony installer

I recently stumbled over a "new" tool in the Symfony environment called the Symfony installer. It's a simple little tool which help you to start a new project based on the Symfony full-stack framework. The installation is extremely easy. Just download the

symfony

Get data from json request with Symfony

When working with Symfony actions you can get request parameters with $request->get('parameter-name'). When working with JSON requests, you don't have this kind of convenience methods. You're going to need to convert the request into parameters first. This could be done the

symfony

Symfony route to annotation

When setting up routes with yml, xml or php you always define a name for a route. This name can be used to generate a url. With annotations this name is not required and not set in the documentation examples. The following is a

symfony

"IS NOT NULL" expression with Symfony query builder

I searched for a easy way to get values that contain a not null in the where clause. That's what I came up with: $repo = $this->getDoctrine()->getRepository('LiplexBundle:User'); $query = $repo ->createQueryBuilder('u') ->where('u.lastOnline

best-practices

Generate parameters.yml files in Symfony

The best practice in Symfony with the parameters.yml file is to create a parameters.yml.dist file and generate the parameters.yml from it. But how do you do this? With the ParameterHandler from Incenteev. To use it, just put the following into

php

Redirect user to login page on access denied in symfony

Add the following line to your security config(app/config/security.yml) security: access_denied_url: /login

php

Symfony services with autocomplete in IDE

I use PhpStorm as my IDE for PHP development. It has a nice framework integration for Symfony but lacks the autocomplete when you get services through the container: $mailChimpService = $this->get('hype_mailchimp'); To let the IDE know which kind of object a

uberspace

Getting a symfony project running on uberspace

I really like the german hoster uberspace. They have a great setup, awesome documentation (only in german) and an amazing support team. This is a small introduction how you get your symfony project running on their system. 1 ) Composer I found a great introduction

analysis

Symfony code analysis done right

Everyone working with symfony should know the company SensioLabs. It’s the geniuses behind symfony and they are innovating like crazy. There newest (and for me most amazing) product is called SensioLabsInsight. It’s the code analysis tool I never knew I wanted, but

homebrew

Setup a development environment for Symfony on a Mac with Homebrew

Althougha Mac already comes with an apache and php installed, as soon as you’re starting serious development, you’re going to miss a few things. There are many package manager out there and until now I used MacPorts. Unfortunately it has a few

A collection of 25 posts

Improve security when working with JWT and Symfony

Remove JWT refresh token on logout in Symfony

Cors Listener in Symfony backend

Serialize null as undefined with Symfony serializer

Catch all routing in Symfony

Generate a new JWT public and private key

Create new JWT when user updates email address (username)

Symfony http basic auth for debugging on live server

Get translatable entity from repository with specific locale

Use environment variables as Symfony parameters

Disable elements in the Symfony developer toolbar with CompilerPass

Disable elements in the Symfony developer toolbar

How to pass SensioLabs Insight route check when using SonataAdminBundle

Add Access-Control-Allow-Origin

Symfony console connection refused with MAMP

Symfony installer

Get data from json request with Symfony

Symfony route to annotation

"IS NOT NULL" expression with Symfony query builder

Generate parameters.yml files in Symfony

Redirect user to login page on access denied in symfony

Symfony services with autocomplete in IDE

Getting a symfony project running on uberspace

Symfony code analysis done right

Setup a development environment for Symfony on a Mac with Homebrew

Search all posts

Subscribe to Christian Kolb

Search all posts