Keynote: Modern Security with Symfony's Shiny new Security Component

Avatar of Ryan Weaver Ryan Weaver

Yes, Symfony's Security component is powerful. But... it's *also* complex. Can we have both? Power and flexibility with readable and expressive code?

We think so. That's why, in Symfony 5.1 & 5.2, the security component was rebuilt and *reimagined*. Complexity was stripped away, logic was centralized and intelligent hook points were added.

The result is a security system that can *do* more with code that you can understand.

In this talk, I'll introduce you to the new security component and show you how to activate and migrate to it (hint: it's simple!). We'll also dive into some of the new possibilities, like streamlined custom authenticators (bye Guard!), centralized "login throttling", magic login links, 2fa and more!

And since no security talk would be complete without API authentication, I'll give you a quick guide to how *you* should implement API auth and how that fits into the new system.

Let's go!

Delivered in English

This talk is delivered twice during the conference:

  • Thursday, December 3, 2020 at 15:05 PM – 15:45 PM

  • Thursday, December 3, 2020 at 23:00 PM – 23:40 PM

Introductory talk, no prior knowledge needed.