Update Symfony 6.4, API-Token Authentication, etc.

.gitignore

@@ -1,4 +1,3 @@
-
 /.*
 
 ###> symfony/framework-bundle ###
@@ -11,6 +10,12 @@
 /vendor/
 ###< symfony/framework-bundle ###
 
-###> lexik/jwt-authentication-bundle ###
-/config/jwt/*.pem
-###< lexik/jwt-authentication-bundle ###
+###> symfony/phpunit-bridge ###
+.phpunit.result.cache
+/phpunit.xml
+###< symfony/phpunit-bridge ###
+
+###> phpunit/phpunit ###
+/phpunit.xml
+.phpunit.result.cache
+###< phpunit/phpunit ###

bin/phpunit

@@ -0,0 +1,23 @@
+#!/usr/bin/env php
+<?php
+
+if (!ini_get('date.timezone')) {
+    ini_set('date.timezone', 'UTC');
+}
+
+if (is_file(dirname(__DIR__).'/vendor/phpunit/phpunit/phpunit')) {
+    if (PHP_VERSION_ID >= 80000) {
+        require dirname(__DIR__).'/vendor/phpunit/phpunit/phpunit';
+    } else {
+        define('PHPUNIT_COMPOSER_INSTALL', dirname(__DIR__).'/vendor/autoload.php');
+        require PHPUNIT_COMPOSER_INSTALL;
+        PHPUnit\TextUI\Command::main();
+    }
+} else {
+    if (!is_file(dirname(__DIR__).'/vendor/symfony/phpunit-bridge/bin/simple-phpunit.php')) {
+        echo "Unable to find the `simple-phpunit.php` script in `vendor/symfony/phpunit-bridge/bin/`.\n";
+        exit(1);
+    }
+
+    require dirname(__DIR__).'/vendor/symfony/phpunit-bridge/bin/simple-phpunit.php';
+}

composer.json

@@ -7,30 +7,29 @@
         "php": ">=8.1",
         "ext-ctype": "*",
         "ext-iconv": "*",
-        "api-platform/core": "^3.1",
-        "doctrine/annotations": "^2.0",
-        "doctrine/doctrine-bundle": "^2.9",
-        "doctrine/doctrine-migrations-bundle": "^3.2",
-        "doctrine/orm": "^2.15",
-        "lexik/jwt-authentication-bundle": "^2.19",
-        "nelmio/cors-bundle": "^2.3",
+        "api-platform/core": "^3.2",
+        "doctrine/doctrine-bundle": "^2.11",
+        "doctrine/doctrine-migrations-bundle": "^3.3",
+        "doctrine/orm": "^2.17",
+        "nelmio/cors-bundle": "^2.4",
         "phpdocumentor/reflection-docblock": "^5.3",
-        "phpstan/phpdoc-parser": "^1.21",
-        "symfony/asset": "6.2.*",
-        "symfony/console": "6.2.*",
-        "symfony/dotenv": "6.2.*",
-        "symfony/expression-language": "6.2.*",
+        "phpstan/phpdoc-parser": "^1.25",
+        "symfony/asset": "6.4.*",
+        "symfony/console": "6.4.*",
+        "symfony/dotenv": "6.4.*",
+        "symfony/expression-language": "6.4.*",
         "symfony/flex": "^2",
-        "symfony/framework-bundle": "6.2.*",
-        "symfony/property-access": "6.2.*",
-        "symfony/property-info": "6.2.*",
-        "symfony/runtime": "6.2.*",
-        "symfony/security-bundle": "6.2.*",
-        "symfony/serializer": "6.2.*",
-        "symfony/twig-bundle": "6.2.*",
-        "symfony/uid": "6.2.*",
-        "symfony/validator": "6.2.*",
-        "symfony/yaml": "6.2.*"
+        "symfony/framework-bundle": "6.4.*",
+        "symfony/property-access": "6.4.*",
+        "symfony/property-info": "6.4.*",
+        "symfony/runtime": "6.4.*",
+        "symfony/security-bundle": "6.4.*",
+        "symfony/serializer": "6.4.*",
+        "symfony/string": "6.4.*",
+        "symfony/twig-bundle": "6.4.*",
+        "symfony/uid": "6.4.*",
+        "symfony/validator": "6.4.*",
+        "symfony/yaml": "6.4.*"
     },
     "config": {
         "allow-plugins": {
@@ -77,8 +76,19 @@
     "extra": {
         "symfony": {
             "allow-contrib": false,
-            "require": "6.2.*",
+            "require": "6.4.*",
             "docker": false
         }
+    },
+    "require-dev": {
+        "dama/doctrine-test-bundle": "^8.0",
+        "doctrine/doctrine-fixtures-bundle": "^3.5",
+        "phpunit/phpunit": "^9.5",
+        "symfony/browser-kit": "6.4.*",
+        "symfony/css-selector": "6.4.*",
+        "symfony/http-client": "6.4.*",
+        "symfony/maker-bundle": "^1.52",
+        "symfony/phpunit-bridge": "^7.0",
+        "zenstruck/foundry": "^1.36"
     }
 }

config/api_platform/resources.xml

@@ -0,0 +1,108 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!-- api/config/api_platform/resources.xml -->
+
+<resources xmlns="https://api-platform.com/schema/metadata/resources-3.0"
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:schemaLocation="https://api-platform.com/schema/metadata/resources-3.0
+        https://api-platform.com/schema/metadata/resources-3.0.xsd">
+
+<resource class="App\Entity\User">
+    <operations>
+        <operation class="ApiPlatform\Metadata\Post" />
+        <operation class="ApiPlatform\Metadata\Get" />
+        <operation class="ApiPlatform\Metadata\Get" controller="App\Controller\GetUserByName" uriTemplate="users/authName/{authName}" description="Receives a user by its authentication name">
+            <uriVariables><uriVariable parameterName="authName"></uriVariable></uriVariables>
+        </operation>
+        <operation class="ApiPlatform\Metadata\Patch" />
+    </operations>
+</resource>
+
+<resource class="App\Entity\Country">
+    <operations>
+        <operation class="ApiPlatform\Metadata\GetCollection" />
+        <operation class="ApiPlatform\Metadata\Get" />
+    </operations>
+</resource>
+
+<resource class="App\Entity\City" uriTemplate="/country/{countryId}/capital">
+    <uriVariables>
+        <uriVariable parameterName="countryId" fromClass="App\Entity\Country" toProperty="capital"></uriVariable>
+    </uriVariables>
+    <operations>
+        <operation class="ApiPlatform\Metadata\Get" />
+    </operations>
+</resource>
+<resource class="App\Entity\City" uriTemplate="/prefecture/{prefectureId}/capital">
+    <uriVariables>
+        <uriVariable parameterName="prefectureId" fromClass="App\Entity\Prefecture" toProperty="capital"></uriVariable>
+    </uriVariables>
+    <operations>
+        <operation class="ApiPlatform\Metadata\Get" />
+    </operations>
+</resource>
+<resource class="App\Entity\City">
+    <operations>
+        <operation class="ApiPlatform\Metadata\Get" />
+    </operations>
+</resource>
+
+<resource class="App\Entity\Village" uriTemplate="/prefecture/{prefectureId}/villages">
+    <uriVariables>
+        <uriVariable parameterName="prefectureId" fromClass="App\Entity\Prefecture" toProperty="villages"></uriVariable>
+    </uriVariables>
+    <operations>
+        <operation class="ApiPlatform\Metadata\GetCollection" />
+    </operations>
+</resource>
+<resource class="App\Entity\Village">
+    <operations>
+        <operation class="ApiPlatform\Metadata\Get" />
+    </operations>
+</resource>
+
+<resource class="App\Entity\Prefecture" uriTemplate="/country/{countryId}/prefectures">
+    <uriVariables>
+        <uriVariable parameterName="countryId" fromClass="App\Entity\Country" toProperty="prefectures"></uriVariable>
+    </uriVariables>
+    <operations>
+        <operation class="ApiPlatform\Metadata\GetCollection" />
+    </operations>
+</resource>
+<resource class="App\Entity\Prefecture">
+    <operations>
+        <operation class="ApiPlatform\Metadata\Get" />
+    </operations>
+</resource>
+
+
+<resource class="App\Entity\Dojo">
+    <operations>
+        <operation class="ApiPlatform\Metadata\Get" />
+        <operation class="ApiPlatform\Metadata\Post" processor="App\State\DojoPostProcessor"/>
+        <operation class="ApiPlatform\Metadata\Patch" />
+    </operations>
+</resource>
+<resource class="App\Entity\Dojo" uriTemplate="/village/{villageId}/dojos">
+    <uriVariables>
+        <uriVariable parameterName="villageId" fromClass="App\Entity\Village" toProperty="dojos"></uriVariable>
+    </uriVariables>
+    <operations>
+        <operation class="ApiPlatform\Metadata\Get" />
+    </operations>
+</resource>
+
+<resource class="App\Entity\Dungeon">
+    <operations>
+        <operation class="ApiPlatform\Metadata\Get" />
+    </operations>
+</resource>
+<resource class="App\Entity\Dungeon" uriTemplate="/city/{cityId}/dungeon">
+    <uriVariables>
+        <uriVariable parameterName="cityId" fromClass="App\Entity\City" toProperty="dungeon"></uriVariable>
+    </uriVariables>
+    <operations>
+        <operation class="ApiPlatform\Metadata\GetCollection" />
+    </operations>
+</resource>
+
+</resources>

config/bundles.php

@@ -8,5 +8,8 @@ return [
     Doctrine\Bundle\MigrationsBundle\DoctrineMigrationsBundle::class => ['all' => true],
     Nelmio\CorsBundle\NelmioCorsBundle::class => ['all' => true],
     ApiPlatform\Symfony\Bundle\ApiPlatformBundle::class => ['all' => true],
-    Lexik\Bundle\JWTAuthenticationBundle\LexikJWTAuthenticationBundle::class => ['all' => true],
+    DAMA\DoctrineTestBundle\DAMADoctrineTestBundle::class => ['test' => true],
+    Doctrine\Bundle\FixturesBundle\DoctrineFixturesBundle::class => ['dev' => true, 'test' => true],
+    Zenstruck\Foundry\ZenstruckFoundryBundle::class => ['dev' => true, 'test' => true],
+    Symfony\Bundle\MakerBundle\MakerBundle::class => ['dev' => true],
 ];

config/packages/api_platform.yaml

@@ -8,3 +8,11 @@ api_platform:
             vary: ['Content-Type', 'Authorization', 'Origin']
         extra_properties:
             standard_put: true
+    formats:
+        json: ['application/json']
+        html: ['text/html']
+    docs_formats:
+        jsonopenapi: ['application/vnd.openapi+json']
+        html: ['text/html']
+    event_listeners_backward_compatibility_layer: false
+    keep_legacy_inflector: false

config/packages/lexik_jwt_authentication.yaml

@@ -1,4 +0,0 @@
-lexik_jwt_authentication:
-    secret_key: '%env(resolve:JWT_SECRET_KEY)%'
-    public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
-    pass_phrase: '%env(JWT_PASSPHRASE)%'

config/packages/security.yaml

@@ -10,8 +10,13 @@ security:
             pattern: ^/(_(profiler|wdt)|css|images|js)/
             security: false
         main:
-            lazy: true
-            provider: users_in_memory
+            #custom_authenticators:
+            #    - App\Security\ApiKeyAuthenticator
+            stateless: true
+            
+            access_token:
+                token_handler: App\Security\AccessTokenHandler
+                token_extractors: 'App\Security\CustomTokenExtractor'
 
             # activate different ways to authenticate
             # https://symfony.com/doc/current/security.html#the-firewall
@@ -22,8 +27,8 @@ security:
     # Easy way to control access for large sections of your site
     # Note: Only the *first* access control that matches will be used
     access_control:
-        # - { path: ^/admin, roles: ROLE_ADMIN }
-        # - { path: ^/profile, roles: ROLE_USER }
+        - { path: ^/admin, roles: ROLE_ADMIN }
+        - { path: ^/api, roles: ROLE_USER }
 
 when@test:
     security:

config/packages/test/dama_doctrine_test_bundle.yaml

@@ -0,0 +1,4 @@
+dama_doctrine_test:
+    enable_static_connection: true
+    enable_static_meta_data_cache: true
+    enable_static_query_cache: true

config/packages/zenstruck_foundry.yaml

@@ -0,0 +1,7 @@
+when@dev: &dev
+    # See full configuration: https://symfony.com/bundles/ZenstruckFoundryBundle/current/index.html#full-default-bundle-configuration
+    zenstruck_foundry:
+        # Whether to auto-refresh proxies by default (https://symfony.com/bundles/ZenstruckFoundryBundle/current/index.html#auto-refresh)
+        auto_refresh_proxies: true
+
+when@test: *dev

phpunit.xml.dist

@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!-- https://phpunit.readthedocs.io/en/latest/configuration.html -->
+<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:noNamespaceSchemaLocation="vendor/phpunit/phpunit/phpunit.xsd"
+         backupGlobals="false"
+         colors="true"
+         bootstrap="tests/bootstrap.php"
+         convertDeprecationsToExceptions="false"
+>
+    <php>
+        <ini name="display_errors" value="1" />
+        <ini name="error_reporting" value="-1" />
+        <server name="APP_ENV" value="test" force="true" />
+        <server name="SHELL_VERBOSITY" value="-1" />
+        <server name="SYMFONY_PHPUNIT_REMOVE" value="" />
+        <server name="SYMFONY_PHPUNIT_VERSION" value="9.6" />
+    </php>
+
+    <testsuites>
+        <testsuite name="Project Test Suite">
+            <directory>tests</directory>
+        </testsuite>
+    </testsuites>
+
+    <coverage processUncoveredFiles="true">
+        <include>
+            <directory suffix=".php">src</directory>
+        </include>
+    </coverage>
+
+    <listeners>
+        <listener class="Symfony\Bridge\PhpUnit\SymfonyTestsListener" />
+    </listeners>
+
+    <extensions>
+        <extension class="DAMA\DoctrineTestBundle\PHPUnit\PHPUnitExtension"/>
+    </extensions>
+</phpunit>

src/ApiResource/Capital.php

@@ -1,14 +0,0 @@
-<?php
-namespace App\ApiResource;
-
-use ApiPlatform\Metadata\ApiResource;
-
-#[ApiResource]
-class Capital extends Thing
-{
-
-    public Country $country;
-
-    public Dungeon $dungeon;
-}
-

src/ApiResource/Character.php

@@ -1,43 +0,0 @@
-<?php
-namespace App\ApiResource;
-
-use ApiPlatform\Metadata\ApiResource;
-
-#[ApiResource]
-class Character extends Thing
-{
-
-    /**
-     * FIXME: Use enumeration
-     */
-    public const ROOKIE = 'rookie';
-
-    public const ACTIVE = 'active';
-
-    public const MASTER = 'master';
-
-    public const GRANDMASTER = 'grand-master';
-
-    /**
-     *
-     * @ApiPlatform\ApiProperty(
-     *  attributes={
-     *      "openapi_context" = {
-     *                "type"="string",
-     *                "enum"={"rookie", "active", "master", "grand-master"},
-     *                "example"="active",
-     *            }
-     *  }
-     * )
-     */
-    public string $role;
-
-    /**
-     * Calculates the aged based on the ulid value?
-     */
-    public function getAge(): int
-    {
-        return 17;
-    }
-}
-

src/ApiResource/Country.php

@@ -1,23 +0,0 @@
-<?php
-namespace App\ApiResource;
-
-use ApiPlatform\Metadata\ApiResource;
-
-#[ApiResource]
-class Country extends Thing
-{
-
-    /**
-     *
-     * @ApiPlatform\ApiSubresource(maxDepth=1)
-     */
-    public Capital $capital;
-
-    /**
-     *
-     * @ApiPlatform\ApiSubresource(maxDepth=1)
-     * @var Village[]
-     */
-    public iterable $villages;
-}
-

src/ApiResource/Dojo.php

@@ -1,41 +0,0 @@
-<?php
-namespace App\ApiResource;
-
-use ApiPlatform\Metadata\ApiResource;
-
-#[ApiResource]
-class Dojo extends Thing
-{
-
-    public string $name;
-
-    /**
-     * The unique identifier of the owner of this Dojo
-     *
-     * @ApiPlatform\ApiProperty(writable=false, description="owner of the dojo (player)")
-     * @ApiPlatform\ApiSubresource(maxDepth=1)
-     */
-    public Player $owner;
-
-    /**
-     *
-     * @ApiPlatform\ApiSubresource(maxDepth=1)
-     * @var Character[]
-     */
-    public iterable $members;
-
-    /**
-     *
-     * @ApiPlatform\ApiProperty
-     */
-    public Village $village;
-
-    /**
-     * Helper method that reads the timestamp section from the ulid
-     */
-    public function getCreatedAt(): \DateTimeImmutable
-    {
-        return $this->id->getDateTime();
-    }
-}
-

src/ApiResource/Dungeon.php

@@ -1,18 +0,0 @@
-<?php
-namespace App\ApiResource;
-
-use ApiPlatform\Metadata\ApiResource;
-
-/**
- * The capital is the center of the country the villages are located in.
- *
- * @ApiPlatform\ApiResource(
- *  itemOperations={"get"},
- *  collectionOperations={}
- * )
- */
-#[ApiResource]
-class Dungeon extends Thing
-{
-}
-

src/ApiResource/Player.php

@@ -1,16 +0,0 @@
-<?php
-namespace App\ApiResource;
-
-use ApiPlatform\Metadata\ApiResource;
-use ApiPlatform\Metadata\Get;
-use ApiPlatform\Metadata\GetCollection;
-
-#[ApiResource(
-operations: [new Get(), new GetCollection()]
-)]
-class Player extends Thing
-{
-
-    public string $name;
-}
-

src/ApiResource/Thing.php

@@ -1,13 +0,0 @@
-<?php
-namespace App\ApiResource;
-
-use ApiPlatform\Metadata\ApiResource;
-use Symfony\Component\Uid\Ulid;
-
-#[ApiResource]
-class Thing
-{
-
-    public Ulid $id;
-}
-

src/ApiResource/Village.php

@@ -1,19 +0,0 @@
-<?php
-namespace App\ApiResource;
-
-use ApiPlatform\Metadata\ApiResource;
-
-#[ApiResource]
-class Village extends Thing
-{
-
-    /**
-     *
-     * @ApiPlatform\ApiSubresource(maxDepth=1)
-     * @var Dojo[]
-     */
-    public iterable $dojos;
-
-    public Capital $capital;
-}
-

src/Controller/GetUserByName.php

@@ -0,0 +1,24 @@
+<?php
+namespace App\Controller;
+
+use App\Entity\User;
+use Doctrine\ORM\EntityManagerInterface;
+use Symfony\Component\HttpKernel\Attribute\AsController;
+use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
+
+#[AsController]
+final class GetUserByName
+{
+
+    public function __invoke($authName, EntityManagerInterface $em): User
+    {
+        $user = $em->getRepository(User::class)->findOneBy([
+            'authName' => $authName
+        ]);
+        if (! $user) {
+            throw new NotFoundHttpException('User not found');
+        }
+        return $user;
+    }
+}
+

src/DataFixtures/AppFixtures.php

@@ -0,0 +1,16 @@
+<?php
+namespace App\DataFixtures;
+
+use Doctrine\Bundle\FixturesBundle\Fixture;
+use Doctrine\Persistence\ObjectManager;
+
+class AppFixtures extends Fixture
+{
+
+    public function load(ObjectManager $manager): void
+    {
+        // $product = new Product();
+        // $manager->persist($product);
+        $manager->flush();
+    }
+}

src/Entity/Character.php

@@ -0,0 +1,36 @@
+<?php
+namespace App\Entity;
+
+use Doctrine\ORM\Mapping as ORM;
+use Doctrine\ORM\Mapping\JoinColumn;
+use Doctrine\ORM\Mapping\ManyToOne;
+
+#[ORM\Entity]
+class Character extends Thing
+{
+
+    #[ManyToOne()]
+    #[JoinColumn(onDelete: 'cascade')]
+    public ?Dojo $dojo;
+
+    /**
+     * Calculates the aged based on the ulid value?
+     */
+    public function getAge(): int
+    {
+        return 17;
+    }
+
+    public function getDojo(): ?Dojo
+    {
+        return $this->dojo;
+    }
+
+    public function setDojo(?Dojo $dojo): static
+    {
+        $this->dojo = $dojo;
+
+        return $this;
+    }
+}
+

src/Entity/City.php

@@ -0,0 +1,28 @@
+<?php
+namespace App\Entity;
+
+use Doctrine\ORM\Mapping\Entity;
+use Doctrine\ORM\Mapping\JoinColumn;
+use Doctrine\ORM\Mapping\OneToOne;
+
+#[Entity]
+class City extends Thing
+{
+
+    #[OneToOne(inversedBy: 'city')]
+    #[JoinColumn(onDelete: 'cascade', nullable: false)]
+    public Dungeon $dungeon;
+
+    public function getDungeon(): ?Dungeon
+    {
+        return $this->dungeon;
+    }
+
+    public function setDungeon(Dungeon $dungeon): static
+    {
+        $this->dungeon = $dungeon;
+
+        return $this;
+    }
+}
+

src/Entity/Country.php

@@ -0,0 +1,73 @@
+<?php
+namespace App\Entity;
+
+use Doctrine\Common\Collections\ArrayCollection;
+use Doctrine\Common\Collections\Collection;
+use Doctrine\ORM\Mapping\Entity;
+use Doctrine\ORM\Mapping\JoinColumn;
+use Doctrine\ORM\Mapping\OneToMany;
+use Doctrine\ORM\Mapping\OneToOne;
+
+#[Entity]
+class Country extends Thing
+{
+
+    #[OneToOne()]
+    #[JoinColumn(onDelete: 'cascade', nullable: false)]
+    public City $capital;
+
+    /** @var Prefecture[] */
+    #[OneToMany(targetEntity: Prefecture::class, mappedBy: 'prefecture')]
+    #[JoinColumn(onDelete: 'cascade', nullable: false)]
+    public iterable $prefectures;
+
+    public function __construct()
+    {
+        $this->prefectures = new ArrayCollection();
+    }
+
+    // FIXME:Shortcut to its users?
+
+    public function getCapital(): ?City
+    {
+        return $this->capital;
+    }
+
+    public function setCapital(City $capital): static
+    {
+        $this->capital = $capital;
+
+        return $this;
+    }
+
+    /**
+     * @return Collection<int, Prefecture>
+     */
+    public function getPrefectures(): Collection
+    {
+        return $this->prefectures;
+    }
+
+    public function addPrefecture(Prefecture $prefecture): static
+    {
+        if (!$this->prefectures->contains($prefecture)) {
+            $this->prefectures->add($prefecture);
+            $prefecture->setPrefecture($this);
+        }
+
+        return $this;
+    }
+
+    public function removePrefecture(Prefecture $prefecture): static
+    {
+        if ($this->prefectures->removeElement($prefecture)) {
+            // set the owning side to null (unless already changed)
+            if ($prefecture->getPrefecture() === $this) {
+                $prefecture->setPrefecture(null);
+            }
+        }
+
+        return $this;
+    }
+}
+

src/Entity/Dojo.php

@@ -0,0 +1,115 @@
+<?php
+namespace App\Entity;
+
+use ApiPlatform\Metadata\ApiProperty;
+use Doctrine\Common\Collections\ArrayCollection;
+use Doctrine\Common\Collections\Collection;
+use Doctrine\ORM\Mapping as ORM;
+use Doctrine\ORM\Mapping\Column;
+use Doctrine\ORM\Mapping\JoinColumn;
+use Doctrine\ORM\Mapping\ManyToOne;
+use Doctrine\ORM\Mapping\OneToMany;
+use Doctrine\ORM\Mapping\OneToOne;
+
+#[ORM\Entity]
+class Dojo extends Thing
+{
+
+    #[Column(unique: true)]
+    public string $name;
+
+    /** @var Character[] */
+    #[ApiProperty(writable: false)]
+    #[OneToMany(targetEntity: Character::class, mappedBy: 'dojo')]
+    #[JoinColumn(onDelete: 'cascade', nullable: false)]
+    public iterable $members;
+
+    #[ApiProperty(writable: false)]
+    #[ManyToOne()]
+    #[JoinColumn(onDelete: 'cascade', nullable: true)]
+    public ?Village $village;
+
+    #[OneToOne(inversedBy: 'dojo')]
+    #[JoinColumn(onDelete: 'cascade', nullable: false)]
+    public User $owner;
+
+    public function __construct()
+    {
+        $this->members = new ArrayCollection();
+    }
+
+    /**
+     * Helper method that reads the timestamp section from the ulid
+     */
+    public function getCreatedAt(): \DateTimeImmutable
+    {
+        return $this->id->getDateTime();
+    }
+
+    public function getName(): ?string
+    {
+        return $this->name;
+    }
+
+    public function setName(string $name): static
+    {
+        $this->name = $name;
+
+        return $this;
+    }
+
+    /**
+     * @return Collection<int, Character>
+     */
+    public function getMembers(): Collection
+    {
+        return $this->members;
+    }
+
+    public function addMember(Character $member): static
+    {
+        if (!$this->members->contains($member)) {
+            $this->members->add($member);
+            $member->setDojo($this);
+        }
+
+        return $this;
+    }
+
+    public function removeMember(Character $member): static
+    {
+        if ($this->members->removeElement($member)) {
+            // set the owning side to null (unless already changed)
+            if ($member->getDojo() === $this) {
+                $member->setDojo(null);
+            }
+        }
+
+        return $this;
+    }
+
+    public function getVillage(): ?Village
+    {
+        return $this->village;
+    }
+
+    public function setVillage(?Village $village): static
+    {
+        $this->village = $village;
+
+        return $this;
+    }
+
+    public function getOwner(): ?User
+    {
+        return $this->owner;
+    }
+
+    public function setOwner(User $owner): static
+    {
+        $this->owner = $owner;
+
+        return $this;
+    }
+}
+

src/Entity/Dungeon.php

@@ -0,0 +1,28 @@
+<?php
+namespace App\Entity;
+
+use Doctrine\ORM\Mapping\Entity;
+use Doctrine\ORM\Mapping\JoinColumn;
+use Doctrine\ORM\Mapping\OneToOne;
+
+#[Entity]
+class Dungeon extends Thing
+{
+
+    #[OneToOne(inversedBy: 'dungeon')]
+    #[JoinColumn(onDelete: 'cascade', nullable: false)]
+    public City $city;
+
+    public function getCity(): ?City
+    {
+        return $this->city;
+    }
+
+    public function setCity(City $city): static
+    {
+        $this->city = $city;
+
+        return $this;
+    }
+}
+

src/Entity/Prefecture.php

@@ -0,0 +1,89 @@
+<?php
+namespace App\Entity;
+
+use Doctrine\Common\Collections\ArrayCollection;
+use Doctrine\Common\Collections\Collection;
+use Doctrine\ORM\Mapping\Entity;
+use Doctrine\ORM\Mapping\JoinColumn;
+use Doctrine\ORM\Mapping\ManyToOne;
+use Doctrine\ORM\Mapping\OneToMany;
+use Doctrine\ORM\Mapping\OneToOne;
+
+#[Entity]
+class Prefecture extends Thing
+{
+
+    #[OneToOne()]
+    #[JoinColumn(onDelete: 'cascade', nullable: false)]
+    public City $capital;
+
+    #[ManyToOne()]
+    #[JoinColumn(onDelete: 'cascade', nullable: false)]
+    public Country $country;
+
+    /** @var Village[] */
+    #[OneToMany(targetEntity: Village::class, mappedBy: 'prefecture')]
+    #[JoinColumn(onDelete: 'cascade', nullable: false)]
+    public iterable $villages;
+
+    // FIXME:Shortcut to its users?
+    public function __construct()
+    {
+        $this->villages = new ArrayCollection();
+    }
+
+    public function getCapital(): ?City
+    {
+        return $this->capital;
+    }
+
+    public function setCapital(City $capital): static
+    {
+        $this->capital = $capital;
+
+        return $this;
+    }
+
+    public function getCountry(): ?Country
+    {
+        return $this->country;
+    }
+
+    public function setCountry(?Country $country): static
+    {
+        $this->country = $country;
+
+        return $this;
+    }
+
+    /**
+     * @return Collection<int, Village>
+     */
+    public function getVillages(): Collection
+    {
+        return $this->villages;
+    }
+
+    public function addVillage(Village $village): static
+    {
+        if (!$this->villages->contains($village)) {
+            $this->villages->add($village);
+            $village->setPrefecture($this);
+        }
+
+        return $this;
+    }
+
+    public function removeVillage(Village $village): static
+    {
+        if ($this->villages->removeElement($village)) {
+            // set the owning side to null (unless already changed)
+            if ($village->getPrefecture() === $this) {
+                $village->setPrefecture(null);
+            }
+        }
+
+        return $this;
+    }
+}
+

src/Entity/Thing.php

@@ -0,0 +1,17 @@
+<?php
+namespace App\Entity;
+
+use Doctrine\ORM\Mapping as ORM;
+use Symfony\Bridge\Doctrine\Types\UlidType;
+use Symfony\Component\Uid\Ulid;
+
+abstract class Thing
+{
+
+    #[ORM\Id]
+    #[ORM\Column(type: UlidType::NAME, unique: true)]
+    #[ORM\GeneratedValue(strategy: 'CUSTOM')]
+    #[ORM\CustomIdGenerator(class: 'doctrine.ulid_generator')]
+    public ?Ulid $id;
+}
+

src/Entity/User.php

@@ -0,0 +1,72 @@
+<?php
+namespace App\Entity;
+
+use ApiPlatform\Metadata\ApiProperty;
+use Doctrine\ORM\Mapping\Column;
+use Doctrine\ORM\Mapping\Entity;
+use Doctrine\ORM\Mapping\JoinColumn;
+use Doctrine\ORM\Mapping\OneToOne;
+use Doctrine\ORM\Mapping\Table;
+use Symfony\Component\Security\Core\User\UserInterface;
+
+#[Entity(repositoryClass: "App\Repository\UserRepository")]
+#[Table(name: '`user`')]
+class User extends Thing implements UserInterface
+{
+
+    // from discord
+    #[ApiProperty(writable: true)]
+    #[Column(type: 'string')]
+    public string $authName;
+
+    #[OneToOne(inversedBy: 'dojo')]
+    #[JoinColumn(onDelete: 'cascade', nullable: true)]
+    public ?Dojo $dojo;
+
+    // anonymous data used for the client
+    #[ApiProperty()]
+    #[Column(type: 'json')]
+    public mixed $properties;
+
+    public function getProperties(): array
+    {
+        return $this->properties;
+    }
+
+    public function setProperties(array $properties): static
+    {
+        $this->properties = $properties;
+
+        return $this;
+    }
+
+    public function getDojo(): ?Dojo
+    {
+        return $this->dojo;
+    }
+
+    public function setDojo(?Dojo $dojo): static
+    {
+        $this->dojo = $dojo;
+
+        return $this;
+    }
+
+    public function getUserIdentifier(): string
+    {
+        return $this->id;
+    }
+
+    public function eraseCredentials(): void
+    {
+        return;
+    }
+
+    public function getRoles(): array
+    {
+        return [
+            "ROLE_USER"
+        ];
+    }
+}
+

src/Entity/Village.php

@@ -0,0 +1,71 @@
+<?php
+namespace App\Entity;
+
+use Doctrine\Common\Collections\ArrayCollection;
+use Doctrine\Common\Collections\Collection;
+use Doctrine\ORM\Mapping as ORM;
+use Doctrine\ORM\Mapping\JoinColumn;
+use Doctrine\ORM\Mapping\ManyToOne;
+use Doctrine\ORM\Mapping\OneToMany;
+
+#[ORM\Entity]
+class Village extends Thing
+{
+
+    /** @var Dojo[] */
+    #[OneToMany(targetEntity: Dojo::class, mappedBy: 'village')]
+    #[JoinColumn(onDelete: 'cascade', nullable: false)]
+    public iterable $dojos;
+
+    #[ManyToOne()]
+    #[JoinColumn(onDelete: 'cascade', nullable: false)]
+    public Prefecture $prefecture;
+
+    public function __construct()
+    {
+        $this->dojos = new ArrayCollection();
+    }
+
+    /**
+     * @return Collection<int, Dojo>
+     */
+    public function getDojos(): Collection
+    {
+        return $this->dojos;
+    }
+
+    public function addDojo(Dojo $dojo): static
+    {
+        if (!$this->dojos->contains($dojo)) {
+            $this->dojos->add($dojo);
+            $dojo->setVillage($this);
+        }
+
+        return $this;
+    }
+
+    public function removeDojo(Dojo $dojo): static
+    {
+        if ($this->dojos->removeElement($dojo)) {
+            // set the owning side to null (unless already changed)
+            if ($dojo->getVillage() === $this) {
+                $dojo->setVillage(null);
+            }
+        }
+
+        return $this;
+    }
+
+    public function getPrefecture(): ?Prefecture
+    {
+        return $this->prefecture;
+    }
+
+    public function setPrefecture(?Prefecture $prefecture): static
+    {
+        $this->prefecture = $prefecture;
+
+        return $this;
+    }
+}
+

src/Factory/DojoFactory.php

@@ -0,0 +1,69 @@
+<?php
+
+namespace App\Factory;
+
+use App\Entity\Dojo;
+use Doctrine\ORM\EntityRepository;
+use Zenstruck\Foundry\ModelFactory;
+use Zenstruck\Foundry\Proxy;
+use Zenstruck\Foundry\RepositoryProxy;
+
+/**
+ * @extends ModelFactory<Dojo>
+ *
+ * @method        Dojo|Proxy                       create(array|callable $attributes = [])
+ * @method static Dojo|Proxy                       createOne(array $attributes = [])
+ * @method static Dojo|Proxy                       find(object|array|mixed $criteria)
+ * @method static Dojo|Proxy                       findOrCreate(array $attributes)
+ * @method static Dojo|Proxy                       first(string $sortedField = 'id')
+ * @method static Dojo|Proxy                       last(string $sortedField = 'id')
+ * @method static Dojo|Proxy                       random(array $attributes = [])
+ * @method static Dojo|Proxy                       randomOrCreate(array $attributes = [])
+ * @method static EntityRepository|RepositoryProxy repository()
+ * @method static Dojo[]|Proxy[]                   all()
+ * @method static Dojo[]|Proxy[]                   createMany(int $number, array|callable $attributes = [])
+ * @method static Dojo[]|Proxy[]                   createSequence(iterable|callable $sequence)
+ * @method static Dojo[]|Proxy[]                   findBy(array $attributes)
+ * @method static Dojo[]|Proxy[]                   randomRange(int $min, int $max, array $attributes = [])
+ * @method static Dojo[]|Proxy[]                   randomSet(int $number, array $attributes = [])
+ */
+final class DojoFactory extends ModelFactory
+{
+    /**
+     * @see https://symfony.com/bundles/ZenstruckFoundryBundle/current/index.html#factories-as-services
+     *
+     * @todo inject services if required
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * @see https://symfony.com/bundles/ZenstruckFoundryBundle/current/index.html#model-factories
+     *
+     * @todo add your default values here
+     */
+    protected function getDefaults(): array
+    {
+        return [
+            'name' => self::faker()->text(),
+            'owner' => UserFactory::new(),
+        ];
+    }
+
+    /**
+     * @see https://symfony.com/bundles/ZenstruckFoundryBundle/current/index.html#initialization
+     */
+    protected function initialize(): self
+    {
+        return $this
+            // ->afterInstantiate(function(Dojo $dojo): void {})
+        ;
+    }
+
+    protected static function getClass(): string
+    {
+        return Dojo::class;
+    }
+}

src/Factory/UserFactory.php

@@ -0,0 +1,69 @@
+<?php
+namespace App\Factory;
+
+use App\Entity\User;
+use Zenstruck\Foundry\ModelFactory;
+
+/**
+ *
+ * @extends ModelFactory<User>
+ *
+ * @method User|Proxy create(array|callable $attributes = [])
+ * @method static User|Proxy createOne(array $attributes = [])
+ * @method static User|Proxy find(object|array|mixed $criteria)
+ * @method static User|Proxy findOrCreate(array $attributes)
+ * @method static User|Proxy first(string $sortedField = 'id')
+ * @method static User|Proxy last(string $sortedField = 'id')
+ * @method static User|Proxy random(array $attributes = [])
+ * @method static User|Proxy randomOrCreate(array $attributes = [])
+ * @method static EntityRepository|RepositoryProxy repository()
+ * @method static User[]|Proxy[] all()
+ * @method static User[]|Proxy[] createMany(int $number, array|callable $attributes = [])
+ * @method static User[]|Proxy[] createSequence(iterable|callable $sequence)
+ * @method static User[]|Proxy[] findBy(array $attributes)
+ * @method static User[]|Proxy[] randomRange(int $min, int $max, array $attributes = [])
+ * @method static User[]|Proxy[] randomSet(int $number, array $attributes = [])
+ */
+final class UserFactory extends ModelFactory
+{
+
+    /**
+     *
+     * @see https://symfony.com/bundles/ZenstruckFoundryBundle/current/index.html#factories-as-services
+     *
+     * @todo inject services if required
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     *
+     * @see https://symfony.com/bundles/ZenstruckFoundryBundle/current/index.html#model-factories
+     *
+     * @todo add your default values here
+     */
+    protected function getDefaults(): array
+    {
+        return [
+            'authName' => self::faker()->text(),
+            'properties' => []
+        ];
+    }
+
+    /**
+     *
+     * @see https://symfony.com/bundles/ZenstruckFoundryBundle/current/index.html#initialization
+     */
+    protected function initialize(): self
+    {
+        return $this;
+        // ->afterInstantiate(function(User $user): void {})
+    }
+
+    protected static function getClass(): string
+    {
+        return User::class;
+    }
+}

src/Repository/UserRepository.php

@@ -0,0 +1,48 @@
+<?php
+
+namespace App\Repository;
+
+use App\Entity\User;
+use Doctrine\Bundle\DoctrineBundle\Repository\ServiceEntityRepository;
+use Doctrine\Persistence\ManagerRegistry;
+
+/**
+ * @extends ServiceEntityRepository<User>
+ *
+ * @method User|null find($id, $lockMode = null, $lockVersion = null)
+ * @method User|null findOneBy(array $criteria, array $orderBy = null)
+ * @method User[]    findAll()
+ * @method User[]    findBy(array $criteria, array $orderBy = null, $limit = null, $offset = null)
+ */
+class UserRepository extends ServiceEntityRepository
+{
+    public function __construct(ManagerRegistry $registry)
+    {
+        parent::__construct($registry, User::class);
+    }
+
+//    /**
+//     * @return User[] Returns an array of User objects
+//     */
+//    public function findByExampleField($value): array
+//    {
+//        return $this->createQueryBuilder('u')
+//            ->andWhere('u.exampleField = :val')
+//            ->setParameter('val', $value)
+//            ->orderBy('u.id', 'ASC')
+//            ->setMaxResults(10)
+//            ->getQuery()
+//            ->getResult()
+//        ;
+//    }
+
+//    public function findOneBySomeField($value): ?User
+//    {
+//        return $this->createQueryBuilder('u')
+//            ->andWhere('u.exampleField = :val')
+//            ->setParameter('val', $value)
+//            ->getQuery()
+//            ->getOneOrNullResult()
+//        ;
+//    }
+}

src/Security/AccessTokenHandler.php

@@ -0,0 +1,50 @@
+<?php
+namespace App\Security;
+
+use App\Repository\UserRepository;
+use Psr\Log\LoggerInterface;
+use Symfony\Component\Security\Core\Exception\BadCredentialsException;
+use Symfony\Component\Security\Http\AccessToken\AccessTokenHandlerInterface;
+use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
+use DateInterval;
+use DateTimeImmutable;
+use DateTimeZone;
+
+class AccessTokenHandler implements AccessTokenHandlerInterface
+{
+
+    public function __construct(private UserRepository $userRepository, private LoggerInterface $logger)
+    {}
+
+    public function getUserBadgeFrom(string $accessToken): UserBadge
+    {
+        if ($accessToken === FALSE) {
+            throw new BadCredentialsException('Missing credentials.');
+        }
+
+        $sign_seed = sodium_base642bin($_ENV['AUTH_SEED'], SODIUM_BASE64_VARIANT_ORIGINAL);
+        $sign_pair = sodium_crypto_sign_seed_keypair($sign_seed);
+        $sign_public = sodium_crypto_sign_publickey($sign_pair);
+        $message_signed = sodium_base642bin($accessToken, SODIUM_BASE64_VARIANT_URLSAFE);
+        $message = sodium_crypto_sign_open($message_signed, $sign_public);
+
+        if ($message === FALSE) {
+            throw new BadCredentialsException('Invalid credentials.');
+        }
+
+        $arr = explode('|', $message);
+
+        $ts = new DateTimeImmutable($arr[1], new DateTimeZone("UTC"));
+        $now = new DateTimeImmutable("now", new DateTimeZone("UTC"));
+
+        $ts = $ts->add(DateInterval::createFromDateString('5 min'));
+        if ($ts < $now) {
+            throw new BadCredentialsException('Token has already expired.');
+        }
+
+        $auth_name = $arr[0];
+        $this->logger->critical("Nearly there! $auth_name");
+        return new UserBadge($auth_name, fn (string $id) => $this->userRepository->findByAuthName($id));
+    }
+}
+

src/Security/ApiKeyAuthenticator.php

@@ -0,0 +1,68 @@
+<?php
+namespace App\Security;
+
+use App\Repository\UserRepository;
+use Psr\Log\LoggerInterface;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
+use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
+use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
+
+class ApiKeyAuthenticator extends AbstractAuthenticator
+{
+
+    public function __construct(private UserRepository $userRepository, private LoggerInterface $logger)
+    {}
+
+    /**
+     * Called on every request to decide if this authenticator should be
+     * used for the request.
+     * Returning false will cause this authenticator
+     * to be skipped.
+     */
+    public function supports(Request $request): ?bool
+    {
+        return $request->headers->has('X-AUTH-TOKEN');
+    }
+
+    public function authenticate(Request $request): Passport
+    {
+        $apiToken = $request->headers->get('X-AUTH-TOKEN');
+        if (null === $apiToken) {
+            return null;
+        }
+
+        $userIdentifier = $apiToken;
+
+        return new SelfValidatingPassport(
+            new UserBadge($userIdentifier,
+                function (string $userIdentifier): ?UserInterface {
+                    return $this->userRepository->findOneBy([
+                        'authName' => $userIdentifier
+                    ]);
+                }));
+    }
+
+    public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
+    {
+        // on success, let the request continue
+        return null;
+    }
+
+    public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
+    {
+        $this->logger->critical("YYY");
+        $message = strtr($exception->getMessageKey(), $exception->getMessageData());
+        // or to translate this message
+        // $this->translator->trans($exception->getMessageKey(), $exception->getMessageData())
+
+        // This should translated by FOSRestBundle!
+        throw new AccessDeniedHttpException($message);
+    }
+}

src/Security/CustomTokenExtractor.php

@@ -0,0 +1,21 @@
+<?php
+namespace App\Security;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Http\AccessToken\AccessTokenExtractorInterface;
+
+class CustomTokenExtractor implements AccessTokenExtractorInterface
+{
+
+    public function __construct()
+    {}
+
+    public function extractAccessToken(Request $request): ?string
+    {
+        if ($request->headers->has('X-AUTH-TOKEN')) {
+            return $request->headers->get('X-AUTH-TOKEN');
+        }
+        return NULL;
+    }
+}
+

src/State/DojoPostProcessor.php

@@ -0,0 +1,40 @@
+<?php
+namespace App\State;
+
+use ApiPlatform\Metadata\DeleteOperationInterface;
+use ApiPlatform\Metadata\Operation;
+use ApiPlatform\State\ProcessorInterface;
+use App\Entity\Dojo;
+use Psr\Log\LoggerInterface;
+use Symfony\Bundle\SecurityBundle\Security;
+use Symfony\Component\DependencyInjection\Attribute\Autowire;
+
+/**
+ *
+ * @implements ProcessorInterface<Dojo, Dojo|void>
+ */
+class DojoPostProcessor implements ProcessorInterface
+{
+
+    public function __construct(
+        #[Autowire(service: 'api_platform.doctrine.orm.state.persist_processor')] private ProcessorInterface $persistProcessor,
+        #[Autowire(service: 'api_platform.doctrine.orm.state.remove_processor')] private ProcessorInterface $removeProcessor,
+        private Security $security, private LoggerInterface $logger)
+    {}
+
+    public function process(mixed $data, Operation $operation, array $uriVariables = [], array $context = []): Dojo
+    {
+        if ($operation instanceof DeleteOperationInterface) {
+            return $this->removeProcessor->process($data, $operation, $uriVariables, $context);
+        }
+        $this->updateDojo($data);
+        $result = $this->persistProcessor->process($data, $operation, $uriVariables, $context);
+
+        return $result;
+    }
+
+    private function updateDojo(Dojo $dojo): void
+    {
+        $dojo->setOwner($this->security->getUser());
+    }
+}

symfony.lock

@@ -13,14 +13,17 @@
             "src/ApiResource/.gitignore"
         ]
     },
-    "doctrine/annotations": {
-        "version": "2.0",
+    "dama/doctrine-test-bundle": {
+        "version": "7.3",
         "recipe": {
-            "repo": "github.com/symfony/recipes",
+            "repo": "github.com/symfony/recipes-contrib",
             "branch": "main",
-            "version": "1.10",
-            "ref": "64d8583af5ea57b7afa4aba4b159907f3a148b05"
-        }
+            "version": "4.0",
+            "ref": "2c920f73a217f30bd4a37833c91071f4d3dc1ecd"
+        },
+        "files": [
+            "config/packages/test/dama_doctrine_test_bundle.yaml"
+        ]
     },
     "doctrine/doctrine-bundle": {
         "version": "2.10",
@@ -36,6 +39,18 @@
             "src/Repository/.gitignore"
         ]
     },
+    "doctrine/doctrine-fixtures-bundle": {
+        "version": "3.5",
+        "recipe": {
+            "repo": "github.com/symfony/recipes",
+            "branch": "main",
+            "version": "3.0",
+            "ref": "1f5514cfa15b947298df4d771e694e578d4c204d"
+        },
+        "files": [
+            "src/DataFixtures/AppFixtures.php"
+        ]
+    },
     "doctrine/doctrine-migrations-bundle": {
         "version": "3.2",
         "recipe": {
@@ -49,28 +64,30 @@
             "migrations/.gitignore"
         ]
     },
-    "lexik/jwt-authentication-bundle": {
-        "version": "2.19",
+    "nelmio/cors-bundle": {
+        "version": "2.3",
         "recipe": {
             "repo": "github.com/symfony/recipes",
             "branch": "main",
-            "version": "2.5",
-            "ref": "e9481b233a11ef7e15fe055a2b21fd3ac1aa2bb7"
+            "version": "1.5",
+            "ref": "6bea22e6c564fba3a1391615cada1437d0bde39c"
         },
         "files": [
-            "config/packages/lexik_jwt_authentication.yaml"
+            "config/packages/nelmio_cors.yaml"
         ]
     },
-    "nelmio/cors-bundle": {
-        "version": "2.3",
+    "phpunit/phpunit": {
+        "version": "9.6",
         "recipe": {
             "repo": "github.com/symfony/recipes",
             "branch": "main",
-            "version": "1.5",
-            "ref": "6bea22e6c564fba3a1391615cada1437d0bde39c"
+            "version": "9.6",
+            "ref": "7364a21d87e658eb363c5020c072ecfdc12e2326"
         },
         "files": [
-            "config/packages/nelmio_cors.yaml"
+            ".env.test",
+            "phpunit.xml.dist",
+            "tests/bootstrap.php"
         ]
     },
     "symfony/console": {
@@ -116,6 +133,30 @@
             "src/Kernel.php"
         ]
     },
+    "symfony/maker-bundle": {
+        "version": "1.50",
+        "recipe": {
+            "repo": "github.com/symfony/recipes",
+            "branch": "main",
+            "version": "1.0",
+            "ref": "fadbfe33303a76e25cb63401050439aa9b1a9c7f"
+        }
+    },
+    "symfony/phpunit-bridge": {
+        "version": "7.0",
+        "recipe": {
+            "repo": "github.com/symfony/recipes",
+            "branch": "main",
+            "version": "6.3",
+            "ref": "1f5830c331065b6e4c9d5fa2105e322d29fcd573"
+        },
+        "files": [
+            ".env.test",
+            "bin/phpunit",
+            "phpunit.xml.dist",
+            "tests/bootstrap.php"
+        ]
+    },
     "symfony/routing": {
         "version": "6.2",
         "recipe": {
@@ -177,5 +218,17 @@
         "files": [
             "config/packages/validator.yaml"
         ]
+    },
+    "zenstruck/foundry": {
+        "version": "1.36",
+        "recipe": {
+            "repo": "github.com/symfony/recipes",
+            "branch": "main",
+            "version": "1.10",
+            "ref": "37c2f894cc098ab4c08874b80cccc8e2f8de7976"
+        },
+        "files": [
+            "config/packages/zenstruck_foundry.yaml"
+        ]
     }
 }

tests/DojoTest.php

@@ -0,0 +1,56 @@
+<?php
+namespace App\Tests;
+
+use ApiPlatform\Symfony\Bundle\Test\ApiTestCase;
+use ApiPlatform\Symfony\Bundle\Test\Response;
+use App\Factory\UserFactory;
+use App\Repository\UserRepository;
+use Zenstruck\Foundry\Test\Factories;
+use Zenstruck\Foundry\Test\ResetDatabase;
+use DateTimeImmutable;
+use DateTimeZone;
+
+class DojoTest extends ApiTestCase
+{
+    // This trait provided by Foundry will take care of refreshing the database content to a known state before each test
+    use ResetDatabase, Factories;
+
+    private function generateAuthToken(string $authName)
+    {
+        $sign_seed = sodium_base642bin($_ENV['AUTH_SEED'], SODIUM_BASE64_VARIANT_ORIGINAL);
+        $sign_pair = sodium_crypto_sign_seed_keypair($sign_seed);
+        $sign_secret = sodium_crypto_sign_secretkey($sign_pair);
+        $now = new DateTimeImmutable("now", new DateTimeZone("UTC"));
+        $message = $authName . "|" . $now->format("c");
+
+        return sodium_bin2base64(sodium_crypto_sign($message, $sign_secret), SODIUM_BASE64_VARIANT_URLSAFE);
+    }
+
+    public function testCreateDojo(): void
+    {
+        UserFactory::createOne([
+            'authName' => "blablabla"
+        ]);
+
+        $userRepository = $this->getContainer()->get(UserRepository::class);
+        $this->assertCount(1, $userRepository->findAll());
+
+        /**
+         *
+         * @var Response $response
+         */
+        $response = static::createClient()->request('POST', '/api/dojos',
+            [
+                'headers' => [
+                    'accept' => 'application/json',
+                    'X-AUTH-TOKEN' => $this->generateAuthToken('blablabla')
+                ],
+                'json' => [
+                    'name' => 'FooBar'
+                ]
+            ]);
+
+        $this->assertResponseStatusCodeSame(201);
+    }
+}
+

tests/bootstrap.php

@@ -0,0 +1,15 @@
+<?php
+
+use Symfony\Component\Dotenv\Dotenv;
+
+require dirname(__DIR__).'/vendor/autoload.php';
+
+if (file_exists(dirname(__DIR__).'/config/bootstrap.php')) {
+    require dirname(__DIR__).'/config/bootstrap.php';
+} elseif (method_exists(Dotenv::class, 'bootEnv')) {
+    (new Dotenv())->bootEnv(dirname(__DIR__).'/.env');
+}
+
+if ($_SERVER['APP_DEBUG']) {
+    umask(0000);
+}