wip-feat: authenticates with LDAP

2025-05-10 08:48:12 -05:00
parent e325687af5
commit 6e55195e6f
9 changed files with 139 additions and 7 deletions
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -10,19 +10,36 @@ security:
                class: App\User\Framework\Entity\User
                property: email

+        app_ldap_provider:
+            ldap:
+                service: Symfony\Component\Ldap\Ldap
+                base_dn: '%env(LDAP_BASE_DN)%'
+                search_dn: '%env(LDAP_BIND_USER)%'
+                search_password: '%env(LDAP_BIND_PASS)%'
+                default_roles: ROLE_USER
+                uid_key: uid
+                extra_fields: ['mail', 'cn', 'givenname', 'sn', 'displayname', 'initials']
+
+
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            lazy: true
-            provider: app_user_provider
-            form_login:
+            provider: app_ldap_provider
+#            form_login:
+#                login_path: app_login
+#                check_path: app_login
+#                enable_csrf: true
+            logout:
+                path: app_logout
+            form_login_ldap:
                login_path: app_login
                check_path: app_login
                enable_csrf: true
-            logout:
-                path: app_logout
+                service: Symfony\Component\Ldap\Ldap
+                dn_string: '%env(LDAP_DN_STRING)%'
                # where to redirect after logout
                # target: app_any_route