The SitePoint PHP blog has a tutorial posted looking to help you with managing your application's users via the Symfony2 FOSUserBundle. This bundle provides much of the basic user functionality (creation, login, etc) is a easy-to-drop-in package for your Symfony 2 application.

Symfony has a very powerful authentication and authorization system, which can cater to a lot of our needs out of the box. FOSUserBundle is a library built on top of Symfony’s security system, which provides functionality such as registration, login, password resets, etc. It has built in support for MongoDB, as well as ORMs such as Doctrine, Propel, etc.

The tutorial walks you through the setup of a new Symfony 2 application (living on a Homestead instance) and grabbing the FOSUserBundle code via Composer and pulling into the project. They help you configure the application's security via the security.yml file and create the base user class and matching database table. From there they talk about customizing the templates that come as defaults with the bundle (Twig) and how to handle the email verification of new accounts as well as user logins/forgot password features. The tutorial ends with an example template showing the user's profile information including username, email address and and "edit" link.

Benjamin Eberlei has posted some of the results of his work at decoupling Symfony security from the FOSUserBundle, one of the "Friends of Symfony" packages that provides easy user management in your application.

In this blog post I will show how to decouple your core application from the Symfony Security component and User bundles such as the FOSUserBundle. [...] This blog post will add another perspective on how to achieve decoupling from Symfony user and security with a very simple approach. With this puzzle piece and others I wrote about before (Controllers as Service, Param Converters) and other pieces I still need to write about, I would classify Symfony2 as a good framework.

He talks about some of the dependencies this bundle introduces and one way to mitigate it by extending the User object with your own custom entities. His example is a "Customer" entity that only defines the "id" and "username" properties.