I am using the basic auth in the FOSRestBundle. Cheking my API through CURL commands showed me it is working perfectly.
But now, I am wondering to identify the user who did the POST action ( Imagine the use wants to post a comment on something! Who is that user? ). In fact, as you can see in the CURL command below, the user and his password are encoded in base64.
# POST
curl -v -H "Accept: application/json" \
-H "Content-type: application/json" \
-H "Authorization: Basic YW1pbmU6c3RpZ21hdGFn" \
-X POST -d '{"test":{"x":"Amine","y":"Jallouli"}}'
http://localhost/tuto/web/app_dev.php/api/v1/test/add
Any recommendations?
FYI, this is my config in security.yml
firewalls:
#.....
rest_api:
pattern: ^/api/
stateless: true
http_basic:
provider: fos_userbundle
You should to use this @amine
$user = $this->get('security.context')->getToken()->getUser();