- Can I use sylius/user in Laravel without Eloquent, or do I need Doctrine?
- The package is built for Doctrine ORM, but you can integrate it with Laravel via the `laravel-doctrine/orm` bridge to work alongside Eloquent. If your team prefers Eloquent, abstract user logic to a repository layer or use hybrid setups. Full Doctrine migration is also an option if Eloquent isn’t mandatory.
- How do I replace Laravel’s default auth with sylius/user?
- Override Laravel’s `AuthServiceProvider` to use Sylius’ user provider. Bind the Sylius repository in the provider’s `boot()` method and configure the guard to use Sylius’ `User` entity. This requires publishing Sylius’ security config and adjusting middleware to include Sylius’ security layer.
- Does sylius/user support OAuth or social logins out of the box?
- No, Sylius focuses on core authentication (email/password) and RBAC. For OAuth, integrate Laravel’s socialite packages (e.g., Laravel Socialite) alongside Sylius’ user entity. Sylius provides the user model and events, so you can extend it to handle OAuth flows via listeners.
- Will sylius/user work with Laravel Fortify or Sanctum for API auth?
- Yes, but with configuration. Sylius’ user entity can replace Laravel’s default `User` model, allowing Fortify/Sanctum to work with it. You’ll need to map Sylius’ fields (e.g., `emailVerifiedAt`) to Fortify’s requirements and adjust Sanctum’s guards to use Sylius’ provider.
- How do I handle role-based access control (RBAC) in Laravel with this package?
- Sylius uses Doctrine extensions for RBAC, which integrates via Symfony’s SecurityBundle. In Laravel, configure the `security.yaml` to define roles and access control rules. Use Sylius’ `User` entity’s `roles` property and leverage Laravel’s middleware or policy system to enforce permissions.
- Are there performance concerns using Doctrine in a Laravel app?
- Doctrine can introduce overhead compared to Eloquent, especially for simple queries. Benchmark critical paths and optimize with caching (e.g., Symfony’s cache component). For hybrid setups, use `laravel-doctrine/orm` to minimize conflicts and improve query efficiency.
- Can I extend the Sylius User entity to add custom fields?
- Yes, Sylius follows an event-driven architecture, so you can extend the `User` entity via Doctrine extensions or custom fields. Add new properties to the entity and update migrations. Use Sylius’ `user.post_create` or `user.post_update` events to handle custom logic during entity lifecycle.
- Does sylius/user support multi-tenancy for SaaS applications?
- No, the package doesn’t include built-in multi-tenancy. You’ll need to implement it manually, such as by adding a `tenant_id` field to the `User` entity and filtering queries in repositories. Consider using packages like `stancl/tenancy` for Laravel to complement Sylius’ user management.
- How do I test Sylius-specific features like role hierarchies in Laravel?
- Use Laravel’s testing tools alongside Sylius’ event system. Mock Sylius services in PHPUnit tests and verify role assignments via the `User` entity’s `roles` property. Test RBAC by simulating authenticated requests with specific roles and asserting access control outcomes.
- What’s the best alternative to sylius/user if I need a lighter-weight solution?
- For simpler needs, consider Laravel’s built-in auth (with packages like `spatie/laravel-permission` for RBAC) or `laravel/breeze` for basic authentication. If you need Sylius’ extensibility but want to avoid Doctrine, evaluate `spatie/laravel-activitylog` for auditing or `orchid/permissions` for role management.