Can I use this package to migrate Symfony’s security system (like voters, firewalls) to Laravel without full framework adoption?

Yes, this bridge lets you reuse Symfony’s security components (e.g., `Voter`, `Encoder`, `Firewall`) in Laravel by adapting your `User` model. It’s designed for projects already familiar with Symfony’s auth logic or needing advanced features like role hierarchies or token-based auth.

Will this work with Laravel 10+? The PHP 5.5 requirement seems outdated.

No, the package targets PHP 5.5 and likely conflicts with Laravel 10+ (which requires PHP 8.0+). You’d need to fork it, update dependencies, or use a compatibility layer like `symfony/security-core`’s standalone components with Laravel’s service container.

Does this replace Laravel’s built-in auth (e.g., `Auth::attempt()`), or can I use both?

It doesn’t replace Laravel’s auth but bridges your `User` model to Symfony’s `UserInterface`. You can still use Laravel’s `Auth` facade while leveraging Symfony’s security features (e.g., custom voters) via the bridge. Test thoroughly to avoid conflicts with Laravel’s guards/providers.

How do I configure this to work with Laravel’s `Authenticatable` contract?

The bridge assumes your `User` model implements Symfony’s `UserInterface`. If using Laravel’s `Authenticatable`, extend both contracts or alias methods (e.g., `getRoles()` for Symfony vs. `getRole()` in Laravel). Check the [BenGorUser docs](https://github.com/BenGorUser/User/blob/master/docs/index.md) for mapping examples.

Are there performance overhead concerns compared to native Laravel auth?

The adapter adds minimal runtime overhead since it’s a thin layer. However, Symfony’s security components (e.g., `Firewall`, `Voter`) introduce additional logic during auth checks. Benchmark in your staging environment if latency is critical.

The package hasn’t been updated since 2017. What are the risks of using it?

Major risks include compatibility breaks with newer Symfony/Laravel versions and unpatched vulnerabilities in transitive dependencies (e.g., `symfony/security-core`). Consider forking or using alternatives like `spatie/laravel-permission` if maintenance is a concern.

Can I use Symfony’s `Encoder` for password hashing instead of Laravel’s `Hasher`?

Yes, the bridge enables Symfony’s `Encoder` (e.g., `bcrypt`, `argon2`) for password hashing. Replace Laravel’s `Hasher` with Symfony’s `PasswordEncoderInterface` in your auth logic. Ensure your `User` model implements `PasswordAuthenticatedInterface` for seamless integration.

What’s the best way to test this in a Laravel app before production?

Start with a minimal setup: inject the bridge’s `UserProvider` into Laravel’s auth config, test login flows, and verify Symfony-specific features (e.g., `Voter` checks). Use Laravel’s `Auth::shouldUse()` to toggle between native and Symfony auth during testing.

Are there alternatives to this package for Symfony-Laravel auth integration?

For modern Laravel, consider `spatie/laravel-permission` (roles/permissions) or direct Symfony component integration via Laravel’s service container. If you need Symfony’s full security stack, evaluate `symfony/security-bundle` with a custom Laravel wrapper.

How do I handle conflicts between Laravel’s `Authenticatable` and Symfony’s `UserInterface`?

Namespace your `User` model methods to avoid collisions (e.g., `getSymfonyRoles()` vs. `getLaravelRoles()`). Use trait composition or abstract classes to merge both interfaces. The bridge prioritizes Symfony’s interface, so override methods as needed.

Weave Code

Code Weaver

Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.

Symfony Security Bridge Laravel Package

bengor-user/symfony-security-bridge

Adapter bridge to integrate BenGorUser’s User model with the Symfony Security component. Install via Composer, fully tested with PHPSpec, and documented in the main BenGorUser/User library docs. PHP 5.5+.

View on GitHub

Deep Wiki

Context7

Adapter to make User compatible with Symfony security component

Frequently asked questions about Symfony Security Bridge

Can I use this package to migrate Symfony’s security system (like voters, firewalls) to Laravel without full framework adoption?: Yes, this bridge lets you reuse Symfony’s security components (e.g., `Voter`, `Encoder`, `Firewall`) in Laravel by adapting your `User` model. It’s designed for projects already familiar with Symfony’s auth logic or needing advanced features like role hierarchies or token-based auth.
Will this work with Laravel 10+? The PHP 5.5 requirement seems outdated.: No, the package targets PHP 5.5 and likely conflicts with Laravel 10+ (which requires PHP 8.0+). You’d need to fork it, update dependencies, or use a compatibility layer like `symfony/security-core`’s standalone components with Laravel’s service container.
Does this replace Laravel’s built-in auth (e.g., `Auth::attempt()`), or can I use both?: It doesn’t replace Laravel’s auth but bridges your `User` model to Symfony’s `UserInterface`. You can still use Laravel’s `Auth` facade while leveraging Symfony’s security features (e.g., custom voters) via the bridge. Test thoroughly to avoid conflicts with Laravel’s guards/providers.
How do I configure this to work with Laravel’s `Authenticatable` contract?: The bridge assumes your `User` model implements Symfony’s `UserInterface`. If using Laravel’s `Authenticatable`, extend both contracts or alias methods (e.g., `getRoles()` for Symfony vs. `getRole()` in Laravel). Check the [BenGorUser docs](https://github.com/BenGorUser/User/blob/master/docs/index.md) for mapping examples.
Are there performance overhead concerns compared to native Laravel auth?: The adapter adds minimal runtime overhead since it’s a thin layer. However, Symfony’s security components (e.g., `Firewall`, `Voter`) introduce additional logic during auth checks. Benchmark in your staging environment if latency is critical.
The package hasn’t been updated since 2017. What are the risks of using it?: Major risks include compatibility breaks with newer Symfony/Laravel versions and unpatched vulnerabilities in transitive dependencies (e.g., `symfony/security-core`). Consider forking or using alternatives like `spatie/laravel-permission` if maintenance is a concern.
Can I use Symfony’s `Encoder` for password hashing instead of Laravel’s `Hasher`?: Yes, the bridge enables Symfony’s `Encoder` (e.g., `bcrypt`, `argon2`) for password hashing. Replace Laravel’s `Hasher` with Symfony’s `PasswordEncoderInterface` in your auth logic. Ensure your `User` model implements `PasswordAuthenticatedInterface` for seamless integration.
What’s the best way to test this in a Laravel app before production?: Start with a minimal setup: inject the bridge’s `UserProvider` into Laravel’s auth config, test login flows, and verify Symfony-specific features (e.g., `Voter` checks). Use Laravel’s `Auth::shouldUse()` to toggle between native and Symfony auth during testing.
Are there alternatives to this package for Symfony-Laravel auth integration?: For modern Laravel, consider `spatie/laravel-permission` (roles/permissions) or direct Symfony component integration via Laravel’s service container. If you need Symfony’s full security stack, evaluate `symfony/security-bundle` with a custom Laravel wrapper.
How do I handle conflicts between Laravel’s `Authenticatable` and Symfony’s `UserInterface`?: Namespace your `User` model methods to avoid collisions (e.g., `getSymfonyRoles()` vs. `getLaravelRoles()`). Use trait composition or abstract classes to merge both interfaces. The bridge prioritizes Symfony’s interface, so override methods as needed.

Popularity trends

Recorded values over time (once-a-day snapshots). May 21, 2026 – Jun 19, 2026

GitHub · stars

GitHub · forks

GitHub · watchers

Packagist · monthly downloads

View on GitHub

Stars

Favorites

Forks

Score

0.9

Score breakdown

Sum of components, capped 0–100. Halved if archived.

Stars

input: 0

+0.0
Forks

input: 0

+0.0
Open issues + PRs

input: 0

+0.0
Releases

input: 3

+0.9
Recency

input: 3423

+0.0
Issue opportunity

input: 0

+0.0
Laravel News mentions

input: 0

+0.0
Dependents

input: 0

+0.0

Total 0.9

Opportunity

30.1

Opportunity score breakdown

Hidden gem signal × 0.65 + contribution need × 0.35, scaled by health factor.

Hidden gem

log(monthly_downloads / (stars + 1)) × 25

54.5
Contribution need

open_issues + open_prs: 0

0.0
Health factor

archived + recency + open issues

×0.85

Total 30.1

License

MIT

Last release

Feb 2, 2017

Watchers

Downloads

151/mo

Dependents

Open issues

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.

Add packages to context

No packages found.

babenkoivan/elastic-client

innmind/static-analysis

innmind/coding-standard

datacore/hub-sdk

alengo/sulu-http-cache-bundle

develia/commons

cuci/prototurk-sdk

cuci/prototurk-sdk-symfony

develia/geo-bundle

dreamzy/livewire-charts

touchestate-sdk/php-sdk

22h/doctrine-garbage-collection-bundle

imbo/imbo-coding-standard

visualbuilder/filament-lottie

servicioslineaonce/starter-kit

atomcoder/laravel-reorderable

irajul/filament-shadcn-theme

agtp/agtp-php

agtp/mod-php

centraldesktop/protobuf-php