From 963d0a6e9affa040d6e859b31f945e84ebb1c037 Mon Sep 17 00:00:00 2001 From: Javier Eguiluz Date: Tue, 9 Jun 2015 16:52:55 +0200 Subject: [PATCH] Added mentions to some popular (and useful) Symfony bundles --- book/security.rst | 8 +++++++- cookbook/assetic/asset_management.rst | 8 ++++++++ cookbook/assetic/jpeg_optimize.rst | 6 ++++++ cookbook/doctrine/file_uploads.rst | 8 ++++++++ cookbook/security/custom_authentication_provider.rst | 10 +++++++++- 5 files changed, 38 insertions(+), 2 deletions(-) diff --git a/book/security.rst b/book/security.rst index 2bf071c0cbe..b20ae745c5c 100644 --- a/book/security.rst +++ b/book/security.rst @@ -275,6 +275,11 @@ But who can you login as? Where do users come from? What other methods are supported? See the :doc:`Configuration Reference ` or :doc:`build your own `. +.. tip:: + + If your application logs in users via a third-party service such as Google, + Facebook or Twitter, check out the `HWIOAuthBundle`_ community bundle. + .. _security-user-providers: .. _where-do-users-come-from-user-providers: @@ -480,7 +485,7 @@ else, you'll want to encode their passwords. The best algorithm to use is - + @@ -1283,3 +1288,4 @@ Learn More from the Cookbook .. _`online tool`: https://www.dailycred.com/blog/12/bcrypt-calculator .. _`frameworkextrabundle documentation`: http://symfony.com/doc/current/bundles/SensioFrameworkExtraBundle/index.html +.. _`HWIOAuthBundle`: https://github.com/hwi/HWIOAuthBundle diff --git a/cookbook/assetic/asset_management.rst b/cookbook/assetic/asset_management.rst index 6db46608147..89c33321538 100644 --- a/cookbook/assetic/asset_management.rst +++ b/cookbook/assetic/asset_management.rst @@ -183,6 +183,12 @@ To include an image you can use the ``image`` tag. You can also use Assetic for image optimization. More information in :doc:`/cookbook/assetic/jpeg_optimize`. +.. tip:: + + Instead of using Assetic to include images, you may consider using the + `LiipImagineBundle`_ community bundle, which allows to compress and + manipulate images (rotate, resize, watermark, etc.) before serving them. + .. _cookbook-assetic-cssrewrite: Fixing CSS Paths with the ``cssrewrite`` Filter @@ -572,3 +578,5 @@ some isolated directory (e.g. ``/js/compiled``), to keep things organized: ) as $url): ?> + +.. _`LiipImagineBundle`: http://knpbundles.com/liip/LiipImagineBundle diff --git a/cookbook/assetic/jpeg_optimize.rst b/cookbook/assetic/jpeg_optimize.rst index d3aebeb9e94..3d2973fa773 100644 --- a/cookbook/assetic/jpeg_optimize.rst +++ b/cookbook/assetic/jpeg_optimize.rst @@ -250,4 +250,10 @@ file: ), )); +.. tip:: + + Instead of using Assetic and Jpegoptim, you can also compress and manipulate + images before serving them using the `LiipImagineBundle`_ community bundle. + .. _`Jpegoptim`: http://www.kokkonen.net/tjko/projects.html +.. _`LiipImagineBundle`: http://knpbundles.com/liip/LiipImagineBundle diff --git a/cookbook/doctrine/file_uploads.rst b/cookbook/doctrine/file_uploads.rst index f9a2d7bb4d9..22ce38521bb 100644 --- a/cookbook/doctrine/file_uploads.rst +++ b/cookbook/doctrine/file_uploads.rst @@ -4,6 +4,13 @@ How to Handle File Uploads with Doctrine ======================================== +.. note:: + + Instead of handling file uploading yourself, you may consider using the + `VichUploaderBundle`_ community bundle. This bundle provides all the common + operations (such as file renaming, saving and deleting) and it's tightly + integratd with Doctrine ORm, ODM, PHPCR ODM and Propel. + Handling file uploads with Doctrine entities is no different than handling any other file upload. In other words, you're free to move the file in your controller after handling a form submission. For examples of how to do this, @@ -557,3 +564,4 @@ order to remove the file. Before it's removed, you must store the file path from the database, you can safely delete the file (in ``PostRemove``). .. _`preUpdate`: http://docs.doctrine-project.org/projects/doctrine-orm/en/latest/reference/events.html#preupdate +.. _`VichUploaderBundle`: https://github.com/dustin10/VichUploaderBundle diff --git a/cookbook/security/custom_authentication_provider.rst b/cookbook/security/custom_authentication_provider.rst index e91171a97ef..fb21870acaf 100644 --- a/cookbook/security/custom_authentication_provider.rst +++ b/cookbook/security/custom_authentication_provider.rst @@ -4,6 +4,13 @@ How to Create a custom Authentication Provider ============================================== +.. note:: + + If you want to authenticate users via OAuth using a third-party service + such as Google, Facebook or Twitter, there is no need to create your own + authentication provider. In those cases, use the `HWIOAuthBundle`_ community + bundle. + If you have read the chapter on :doc:`/book/security`, you understand the distinction Symfony makes between authentication and authorization in the implementation of security. This chapter discusses the core classes involved @@ -280,7 +287,7 @@ the ``PasswordDigest`` header value matches with the user's password. .. note:: - The comparsion of the expected and the provided digests uses a constant + The comparison of the expected and the provided digests uses a constant time comparison provided by the :method:`Symfony\\Component\\Security\\Core\\Util\\StringUtils::equals` method of the ``StringUtils`` class. It is used to mitigate possible @@ -615,6 +622,7 @@ set to any desirable value per firewall. The rest is up to you! Any relevant configuration items can be defined in the factory and consumed or passed to the other classes in the container. +.. _`HWIOAuthBundle`: https://github.com/hwi/HWIOAuthBundle .. _`WSSE`: http://www.xml.com/pub/a/2003/12/17/dive.html .. _`nonce`: http://en.wikipedia.org/wiki/Cryptographic_nonce .. _`timing attacks`: http://en.wikipedia.org/wiki/Timing_attack