SwitchUserStatelessBundle

This bundle provides impersonating feature (switch user) for API use.

Install

Install this bundle through Composer:

composer require lafourchette/switch-user-stateless-bundle

Then, update your application kernel:

// app/AppKernel.php

class AppKernel extends Kernel
{
    public function registerBundles()
    {
        $bundles = [
            // ...
            new LaFourchette\SwitchUserStatelessBundle\SwitchUserStatelessBundle(),
        ];

        // ...
    }
}

Finally, update your firewalls as following:

# app/config/security.yml

security:
    firewalls:
        main:
            # ...
            stateless: true
            switch_user_stateless: true

Configuration

You can configure the parameter used in HTTP request and role of user who switch in your config.yml. The examples below are the default values.

# app/config/config.yml

switch_user_stateless:
    parameter: 'X-Switch-User'
    role: 'ROLE_ALLOWED_TO_SWITCH'

Usage

To use this feature, you need to add a X-Switch-User header to issued HTTP request containing the username of the user you want to switch:

X-Switch-User: johndoe

For security reasons, this feature is only accessible for users with ROLE_ALLOWED_TO_SWITCH permission. Admin users have this permission by default.

Troubleshooting

Solving problems here