In my first Symfony 4.4 project, I need to authenticate users from database. Unfortunately, before user sign-in I need to check user status in remote API service. If user is active in this service and credentials are same as in my database, I can authenticate user in my app.
Where is best place to check that user is active before authentication in my app? I need to create custom guard? Custom user provider?
I use Lexik JWT authentication, there is my /config/packages/security.yaml
security: providers: app_user_provider: entity: class: App\Entity\User property: email firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false authorization: pattern: ^/api/v1/auth/ stateless: true anonymous: true json_login: check_path: /api/v1/auth/sign-in/ success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure username_path: email api: pattern: ^/api/v1/(user|req)/ stateless: true anonymous: false provider: app_user_provider guard: authenticators: - lexik_jwt_authentication.jwt_token_authenticator