Sylius Stack
  • Sylius Stack Documentation
  • Getting started
  • Cookbook
    • How to customize your admin panel
      • Basic operations
      • Customizing your grids
      • Customizing the logo
      • Customizing the menu
      • Configuring the security access
      • Customizing the page titles
    • How to use in a DDD architecture
      • Architecture overview
      • Resource configuration
      • Basic operations
      • Operation using a grid
  • Admin UI
    • Getting started
  • Bootstrap Admin UI
    • Getting started
  • Resource
    • Resource Bundle documentation
      • Installation
      • Create new resource
      • Configure your resource
      • Configure your operations
      • Validation
      • Redirect
      • Resource factories
      • Providers
      • Processors
      • Responders
      • Legacy Resource Documentation
        • Configuration
        • Services
        • Routing
        • Forms
        • Getting a Single Resource
        • Getting a Collection of Resources
        • Creating Resources
        • Updating Resources
        • Deleting Resources
        • Configuring a state machine
        • Configuration Reference
  • Grid
    • Grid Bundle documentation
      • Installation
      • Creating your first grid
      • Configuring Fields
      • Field types
      • Creating a custom Field Type
      • Creating a custom Action
      • Creating a custom Bulk Action
      • Filters
      • Creating a custom Filter
      • Advanced configuration
      • Configuration Reference
  • 🍀Twig Extra
    • Getting started
  • 🌱Twig Hooks
    • Getting started
    • Passing data to your hookables
    • Making your hookables configurable
    • Autoprefixing feature
    • Composable Layouts with a predictable structure
    • Advanced
      • Ergonomic work with hooks
      • Metadata objects
      • Multiple hooks inside a single template
      • Overriding hookables
Powered by GitBook
On this page
  • Create a user entity
  • Configure the user provider
  • Configure the firewall
  • Configure Access Control Authorization
  1. Cookbook
  2. How to customize your admin panel

Configuring the security access

PreviousCustomizing the menuNextCustomizing the page titles

Last updated 4 months ago

Now that you have an admin panel, you want to make sure admin users are the only ones allowed to access its URL. To secure your back-office interface, you can simply resort to Symfony's Security configuration with 4 basic steps :

Create a user entity

You can use the Symfony maker to create a new user.

bin/console make:user

Configure the user provider

Here is an example of a user provider configuration:

config/packages/security.yaml
security:
    # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
    password_hashers:
        Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
    # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
    providers:
        # used to reload user from session & other features (e.g. switch_user)
        app_admin_user_provider:
            entity:
                class: App\Entity\User
                property: email

Configure the firewall

Here is an example of how to configure a firewall for your admin routes:

config/packages/security.yaml
security:
    firewalls:
        # ...
        admin:
            context: admin
            pattern: '/admin(?:/.*)?$'
            provider: app_admin_user_provider # Reuse the provider key you configured on providers section
            form_login:
                # These routes are provided by Sylius Admin Ui package
                login_path: sylius_admin_ui_login 
                check_path: sylius_admin_ui_login_check
                default_target_path: sylius_admin_ui_dashboard
            logout:
                # These routes are provided by Sylius Admin Ui package
                path: sylius_admin_ui_logout
                target: sylius_admin_ui_login

Configure Access Control Authorization

Only admin users will have access to "/admin" routes.

config/packages/security.yaml
security:
    access_control:
        - { path: ^/admin/login, roles: PUBLIC_ACCESS }
        - { path: ^/admin/logout, roles: PUBLIC_ACCESS }
        - { path: ^/admin, roles: ROLE_ADMIN }
        - { path: ^/, roles: PUBLIC_ACCESS }

Learn more on how to

Learn more on how to

Learn more on how to

Learn more on how to

create a User
create a user provider on the Symfony documentation
configure the firewall on the Symfony documentation
configure Access Control Authorization on the Symfony documentation
Create a User
Create the user provider
Configure firewalls
Configure the access control authorization
Login page