0

We're about to embark on building a REST API for a clients web application, and they've specified that users log in with a PIN number (Any length).

So would I go about setting up a Custom Auth Provider, etc, which would find the user by PIN number and if it find's them auth? Is this possible? Most examples I've seen require a username and a password.

Where as I only require a password.

Is this possible with Symfony2, or should I be looking elsewhere?

Improve this question

1 Answer 1

Reset to default
2

To answer your first question, the cookbook shows how to create you own custom authentication provider: http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html

But it's not for the faint of heart. Am I correct in assuming that you have not used Symfony 2 much?

I don't really see why you could not use the existing typical username/password approach in which a pin number serves as both the username as well as the password. You would tweak the login form so it only display the one field. Then somewhere along the way you would put in a bit of code to copy the submitted data into both username and password. Probably easier than trying to make a complete auth system.

Might also search around a bit so see if someone else has already done the work for you.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I thought about doing it that way, submitting the PIN as both username and password. Make's the most sense without too much hacking! I've had a little look around and found nothing so far. I'll keep this updated, and if it's not already a bundle, I'll make a small security one for other people under similar circumstances. Thanks

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.