Skip to content

OXID-eSales/session-authentication-component

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
.github
.github
 
 
src/Security
src/Security
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
CHANGELOG-1.x.md
CHANGELOG-1.x.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 
phpunit.xml
phpunit.xml
 
 
services.yaml
services.yaml
 
 

Repository files navigation

OXID eShop Session Authentication Component

Provides session-based authentication for OXID eShop Symfony controllers. Controllers annotated with #[SessionUser] or #[AdminSessionUser] require an active OXID session cookie before the request is processed.

Note: Recommended for AJAX endpoints only. For stateless API access, use JWT authentication instead.

How it works

The component registers two Symfony kernel event subscribers:

  • SessionAuthListener — handles #[SessionUser] — requires an active frontend session (sid cookie)
  • AdminSessionAuthListener — handles #[AdminSessionUser] — requires an active admin session (admin_sid cookie) with optional role checks

Usage

Apply the attribute to an action method:

use OxidEsales\SessionAuthComponent\Security\Attribute\SessionUser;
use OxidEsales\SessionAuthComponent\Security\Attribute\AdminSessionUser;

class MyController
{
    #[SessionUser]
    public function ajaxUserAction(): ResponseInterface
    {
        // requires active frontend session (sid cookie)
    }

    #[AdminSessionUser(roles: ['ROLE_ADMIN'])]
    public function ajaxAdminAction(): ResponseInterface
    {
        // requires active admin session (admin_sid cookie) with ROLE_ADMIN
    }
}

Available roles

Role Description
ROLE_ADMIN Admin session user
ROLE_ADMIN_MALL Mall admin (full rights across all subshops)

Installation

composer require oxid-esales/session-authentication-component

About

No description, website, or topics provided.

Resources

Readme

License

View license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages