Recently needed to add a check in a symfony app where only active users could login.
I first created a user checker interface
<?php
namespace App\Security;
use App\Entity\User;
use Symfony\Component\Security\Core\Exception\LockedException;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\User\UserInterface;
class UserChecker implements UserCheckerInterface
{
public function checkPreAuth(UserInterface $user)
{
if (!$user instanceof User) {
return;
}
if (!$user->getActive()) {
throw new LockedException();
}
}
public function checkPostAuth(UserInterface $user)
{
}
}then registered this as a service
# config/packages/security.yaml
security:
firewalls:
api:
pattern: ^/
user_checker: App\Security\UserChecker