Getting Auth0 user information on non-firewall Symfony pages


Logo of the Symfony project.

I am using Auth0's Symfony library to allow users to log in with their social network providers. It works really well. Using this firewall configuration, a user who visits /private is successfully taken through the login flow and I can then use $this->getUser() to see their details. security: password_hashers: Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto' providers: users_in_memory: { memory: […]

Continue reading →

You can have user accounts without needing to manage user accounts


A slide from a presentation which says "Avoice side projects with user accounts."

The inimitable Simon Willison has a brilliant presentation all about managing side projects: It is all good advice. But I gently disagree with the slide which says: Avoid side projects with user accounts If it has user accounts it’s not a side-project, it’s an unpaid job I get the sentiment. Storing passwords securely is hard. […]

Continue reading →

␃␄