Securing your API endpoints is very important to prevent unauthorized access to your systems. But how do you do this efficiently? Are you going to build a user management system from scratch? Let me introduce you to Keycloak and how to integrate it with API Platform.
What is Keycloak?
Keycloak is an open source server for identity and access management. It has a lot of awesome features which saves us, developers, from building user management tooling and login and registration systems.
Continue Reading “Integrating Keycloak with API Platform”
In the previous part we’ve created a basic mobile app using React Native and the Expo framework. We’ve added login functionality and setup the router for our app. In this part we’re going add a registration screen and handle user activation using deeplinks.
The user registration screen
Let’s start by creating a user registration screen. This will be a very basic form for this series with just 4 input fields and a button. We’ll need the user’s first name, last name, email address and a password for the account.
Continue Reading “Adding functionality to the app (Part 6)”
In the last part of this series we’ve finished our API for our stock portfolio. Today we’re going to start building our mobile app using React Native. We’ll start by setting up a new project using React Native, after which we’ll implement a basic login screen with login logic. This will cover the full spectrum, from building screens to calling our API for logging in.
Set up React Native
To make development with React Native a bit easier we’re going to use a framework called Expo. This framework consists of a set of tools to make developing, building and releasing React Native apps a lot easier.
Continue Reading “Setting up React Native (Part 5)”
In the previous part of this series we’ve talked about using the Messenger component for sending emails. We’ve also talked about how to use JWT tokens as an easy way to create tokens for account activation links or password reset links. In this part we will tie up some loose ends and we’ll start implementing the basic stock portfolio entities, which we’ll extend in the future parts.
Tying up loose ends
We’ve used some general exceptions throughout our services. If you do not catch those, API Platform will throw an Internal Server Error to the client. To combat this we’ll implement custom exceptions and map those to the correct HTTP Statuscode.
Continue Reading “Tying up loose ends & Stock Portfolio API (Part 4)”
In part 2 of this series we’ve added a custom endpoint to make it possible for users to register themselves. In this part we’ll add an
EmailService class to send emails using the Symfony Messenger component. I’ll also show you an awesome technique for generating JWT Tokens for specific user actions like activating an account or resetting a password.
Our application needs to send email messages to our users. A basic example is an account activation email with a link for users to click on. When they click on the link their account will be activated and ready for use.
Continue Reading “How to create a simple application using Symfony and React Native – Part 3”