Skip to content

Latest commit

 

History

History
75 lines (57 loc) · 1.97 KB

File metadata and controls

75 lines (57 loc) · 1.97 KB

Application Guide

Route Description
/ Public home page
/register Create a new account
/login Sign in with email + password
/verify/pending Email verification reminder (shown after login if unverified)
/dashboard Authenticated user dashboard (requires verified email)
/profile View your profile
/profile/edit Edit name and email
/reset-password Forgot password flow
/logout Sign out

Email verification is required to access protected routes. After registration an email is sent with:

  • A Verify Email Address link (expires in 1 hour)
  • A cancel this registration link — clicking it immediately deletes the account (no login required)

Password reset is handled by symfonycasts/reset-password-bundle with a signed, expiring link sent to the registered email. All outgoing mail lands in Mailpit (http://localhost:8025).

The API uses JWT authentication via lexik/jwt-authentication-bundle.

Obtain a token

curl -X POST http://localhost:8000/api/login \
  -H 'Content-Type: application/json' \
  -d '{"email":"admin@example.com","password":"password"}'
{ "token": "<jwt>" }

Authenticated requests

curl http://localhost:8000/api/me \
  -H 'Authorization: Bearer <jwt>'
{
  "id": 1,
  "name": "Admin User",
  "email": "admin@example.com",
  "roles": ["ROLE_ADMIN", "ROLE_USER"],
  "emailVerified": true,
  "createdAt": "2026-01-01T00:00:00+00:00"
}

The interactive API documentation (via API Platform) is available at http://localhost:8000/api.

Requires ROLE_ADMIN. Log in with the seeded admin account (see Database → Fixtures):

Field Value
Email admin@example.com
Password password

The admin panel (EasyAdmin 5) provides a full CRUD interface for managing users.