stauth/symfony-stauth

Staging server athorization package, .htaccess alternative

Symfony Stauth

, _(*1)

Staging server athorization package, alternative for .htaccess, register at stauth.io, _(*2)

Installation

composer require stauth/symfony-stauth

Local and staging

If you don't want Stauth service provider to be exeuted at production environment, import routes in app/routing_dev.yml, _(*3)

# stauth protection
stauth_protection:
    resource: "@StauthProtectionBundle/Resources/config/routing.yml"

Initialize Bundle in AppKernel.php:, _(*4)

        if ($this->getEnvironment() !== 'prod') {
            // ...
            $bundles[] = new Stauth\StauthProtectionBundle();
        }

Production

If you don't mind Stauth service provider being executed at production environment, or you want to protect your production app, import routes in app/routing.yml, _(*5)

# stauth protection
stauth_protection:
    resource: "@StauthProtectionBundle/Resources/config/routing.yml"

Initialize Bundle in AppKernel.php:, _(*6)

    public function registerBundles()
    {
        $bundles = array(
            // ...
            new Stauth\StauthProtectionBundle(),
        );

Generate access token at stauth.io and add it to parameteres.yml:, _(*7)

stauth.access_token: 'eyJkkk40eXAiOiJsdvk3k43krKV1QiLCJ...'

By default protected environment is staging, in order to change this, add stauth.protected_env to parameters.yml:, _(*8)

stauth.protected_env: 'local'

Cache

Please keep in mind that this package takes adventage of csrf_token, therefore it is important to exclude both routes /stauth/protected and /stauth/authorize from any response caching engines., _(*9)