Update "User authentication" customization example (4.6) (#3086)

adriendupuis · konradoboza · web-flow · commit dc09c2f3c6ea · 2026-06-11T11:34:21.000+02:00
* user_authentication.md: Move code to files
* code_samples.yaml: PHP 8.2 PKSA-fs5b-x5k4-1h39
* No need to declare the service


---------

Co-authored-by: adriendupuis &lt;adriendupuis@users.noreply.github.com&gt;
Co-authored-by: Konrad Oboza &lt;konrad.oboza@ibexa.co&gt;
diff --git a/.github/workflows/code_samples.yaml b/.github/workflows/code_samples.yaml
@@ -78,6 +78,13 @@ jobs:
                       "PKSA-xx6c-6d96-db2w": "As this is for code quality tests and not to run a production DXP, this can be ignored."
                   }'
 
+            - name: Ignore audit advisory for PHP 8.2
+              if: matrix.php == '8.2'
+              run: |
+                  composer config audit.ignore --json '{
+                      "PKSA-fs5b-x5k4-1h39": "As this is for code quality tests and not to run a production DXP, this can be ignored."
+                  }'
+
             - uses: ramsey/composer-install@v3
               with:
                   dependency-versions: highest
diff --git a/code_samples/user_management/in_memory/config/packages/security.yaml b/code_samples/user_management/in_memory/config/packages/security.yaml
@@ -0,0 +1,17 @@
+# config/packages/security.yaml
+security:
+    providers:
+        # Chaining in_memory and ibexa user providers
+        chain_provider:
+            chain:
+                providers: [in_memory, ibexa]
+        ibexa:
+            id: ibexa.security.user_provider
+        in_memory:
+            memory:
+                users:
+                    # You will then be able to login with username "user" and password "userpass"
+                    user:  { password: userpass, roles: [ 'ROLE_USER' ] }
+    # The "in memory" provider requires an encoder for Symfony\Component\Security\Core\User\User
+    password_hashers:
+        Symfony\Component\Security\Core\User\User: plaintext
diff --git a/code_samples/user_management/in_memory/src/EventSubscriber/InteractiveLoginSubscriber.php b/code_samples/user_management/in_memory/src/EventSubscriber/InteractiveLoginSubscriber.php
@@ -0,0 +1,32 @@
+<?php declare(strict_types=1);
+
+namespace App\EventSubscriber;
+
+use Ibexa\Contracts\Core\Repository\UserService;
+use Ibexa\Core\MVC\Symfony\Event\InteractiveLoginEvent;
+use Ibexa\Core\MVC\Symfony\MVCEvents;
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+
+final class InteractiveLoginSubscriber implements EventSubscriberInterface
+{
+    private UserService $userService;
+
+    public function __construct(UserService $userService)
+    {
+        $this->userService = $userService;
+    }
+
+    public static function getSubscribedEvents(): array
+    {
+        return [
+            MVCEvents::INTERACTIVE_LOGIN => 'onInteractiveLogin',
+        ];
+    }
+
+    public function onInteractiveLogin(InteractiveLoginEvent $event): void
+    {
+        // This loads a generic User and assigns it back to the event.
+        // You may want to create Users here, or even load predefined Users depending on your own rules.
+        $event->setApiUser($this->userService->loadUserByLogin('generic_user'));
+    }
+}
diff --git a/docs/users/user_authentication.md b/docs/users/user_authentication.md
@@ -38,73 +38,15 @@ You can override `getUser()` to return whatever user class you want, as long a
 The following is an example of using the in-memory user provider:
 
 ``` yaml
-# config/packages/security.yaml
-security:
-    providers:
-        # Chaining in_memory and ibexa user providers
-        chain_provider:
-            chain:
-                providers: [in_memory, ibexa]
-        ibexa:
-            id: ibexa.security.user_provider
-        in_memory:
-            memory:
-                users:
-                    # You will then be able to login with username "user" and password "userpass"
-                    user:  { password: userpass, roles: [ 'ROLE_USER' ] }
-    # The "in memory" provider requires an encoder for Symfony\Component\Security\Core\User\User
-    encoders:
-        Symfony\Component\Security\Core\User\User: plaintext
+[[= include_file('code_samples/user_management/in_memory/config/packages/security.yaml') =]]
 ```
 
 ### Implement the listener
 
-In the `config/services.yaml` file:
-
-``` yaml
-services:
-    App\EventListener\InteractiveLoginListener:
-        arguments: ['@ibexa.api.service.user']
-        tags:
-            - { name: kernel.event_subscriber } 
-```
-
 Don't mix `MVCEvents::INTERACTIVE_LOGIN` event (specific to [[= product_name =]]) and `SecurityEvents::INTERACTIVE_LOGIN` event (fired by Symfony security component).
 
 ``` php
-<?php
-
-namespace App\EventListener;
-
-use Ibexa\Contracts\Core\Repository\UserService;
-use eIbexa\Core\MVC\Symfony\Event\InteractiveLoginEvent;
-use Ibexa\Core\MVC\Symfony\MVCEvents;
-use Symfony\Component\EventDispatcher\EventSubscriberInterface;
-
-class InteractiveLoginListener implements EventSubscriberInterface
-{
-    /**
-     * @var \Ibexa\Contracts\Core\Repository\UserService
-     */
-    private $userService;
-
-    public function __construct(UserService $userService)
-    {
-        $this->userService = $userService;
-    }
-
-    public static function getSubscribedEvents()
-    {
-        return [
-            MVCEvents::INTERACTIVE_LOGIN => 'onInteractiveLogin'
-        ];
-    }
-
-    public function onInteractiveLogin(InteractiveLoginEvent $event)
-    {
-        // This loads a generic User and assigns it back to the event.
-        // You may want to create Users here, or even load predefined Users depending on your own rules.
-        $event->setApiUser($this->userService->loadUserByLogin( 'lolautruche' ));
-    }
-} 
+[[= include_file('code_samples/user_management/in_memory/src/EventSubscriber/InteractiveLoginSubscriber.php') =]]
 ```
+
+It's automatically tagged `kernel.event_subscriber` as implementing the `EventSubscriberInterface` and the user service injection is auto-wired.
