symfony LexikJWTAuthenticationBundle 凭证错误
Posted
技术标签:
【中文标题】symfony LexikJWTAuthenticationBundle 凭证错误【英文标题】:symfony LexikJWTAuthenticationBundle bad credential 【发布时间】:2017-12-03 14:32:40 【问题描述】:我想将 symfony 的 LexikJWTAuthenticationBundle 与 fosUserBundle 集成,我已按照说明进行操作 here 但总是收到 401 bad credentials 错误。
这是我的 config.yml 文件:
imports:
- resource: parameters.yml
- resource: security.yml
- resource: services.yml
# Put parameters here that don't need to change on each machine where the app is deployed
# https://symfony.com/doc/current/best_practices/configuration.html#application-related-configuration
parameters:
locale: en
framework:
#esi: ~
#translator: fallbacks: ['%locale%']
translator: ~
secret: '%secret%'
router:
resource: '%kernel.project_dir%/app/config/routing.yml'
strict_requirements: ~
form: ~
csrf_protection: ~
validation: enable_annotations: true
#serializer: enable_annotations: true
templating:
engines: ['twig']
default_locale: '%locale%'
trusted_hosts: ~
session:
# https://symfony.com/doc/current/reference/configuration/framework.html#handler-id
handler_id: session.handler.native_file
save_path: '%kernel.project_dir%/var/sessions/%kernel.environment%'
fragments: ~
http_method_override: true
assets: ~
php_errors:
log: true
serializer:
enabled: true
# Twig Configuration
twig:
debug: '%kernel.debug%'
strict_variables: '%kernel.debug%'
# Doctrine Configuration
doctrine:
dbal:
driver: pdo_mysql
host: '%database_host%'
port: '%database_port%'
dbname: '%database_name%'
user: '%database_user%'
password: '%database_password%'
charset: UTF8
mapping_types:
enum: string
# if using pdo_sqlite as your database driver:
# 1. add the path in parameters.yml
# e.g. database_path: "%kernel.project_dir%/var/data/data.sqlite"
# 2. Uncomment database_path in parameters.yml.dist
# 3. Uncomment next line:
#path: '%database_path%'
orm:
auto_generate_proxy_classes: '%kernel.debug%'
naming_strategy: doctrine.orm.naming_strategy.underscore
auto_mapping: true
# Swiftmailer Configuration
swiftmailer:
transport: '%mailer_transport%'
host: '%mailer_host%'
username: '%mailer_user%'
password: '%mailer_password%'
spool: type: memory
fos_user:
db_driver: orm # other valid values are 'mongodb', 'couchdb' and 'propel'
firewall_name: main
user_class: AppBundle\Entity\Collaborator
from_email:
address: sahnoun.mabrouk@gmail.com
sender_name: sahnoun MABROUK
# Nelmio CORS Configuration
nelmio_cors:
defaults:
allow_credentials: false
allow_origin: ['*']
allow_headers: ['*']
allow_methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS']
max_age: 3600
hosts: []
origin_regex: false
fos_rest:
serializer:
serialize_null: true
routing_loader:
include_format: false
view:
view_response_listener: true
format_listener:
rules:
- path: '^/', priorities: ['json'], fallback_format: 'json'
- path: '^/login', priorities: ['html'], fallback_format: 'html'
- path: '^/register', priorities: ['html'], fallback_format: 'html'
- path: '^/resetting', priorities: ['html'], fallback_format: 'html'
lexik_jwt_authentication:
private_key_path: '%jwt_private_key_path%'
public_key_path: '%jwt_public_key_path%'
pass_phrase: '%jwt_key_pass_phrase%'
token_ttl: '%jwt_token_ttl%'
security.yml:
# To get started with security, check out the documentation:
# https://symfony.com/doc/current/security.html
security:
# https://symfony.com/doc/current/security.html#b-configuring-how-users-are-loaded
providers:
in_memory:
memory: ~
fos_userbundle:
id: fos_user.user_provider.username
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
firewalls:
login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: ~
pattern: ^/
logout: true
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
logout: true
anonymous: true
# activate different ways to authenticate
# https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
#http_basic: ~
# https://symfony.com/doc/current/security/form_login_setup.html
#form_login: ~
access_control:
- path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY
- path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY
- path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY
- path: ^/admin/, role: ROLE_ADMIN
- path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY
- path: ^/api, roles: IS_AUTHENTICATED_FULLY
我添加了 api_login_check:
path: /api/login_check 到路由文件。
我已阅读与此错误相关的所有问题,但对我没有任何帮助。
谁能帮帮我
【问题讨论】:
能否请您提供两个附加信息: * 您如何进行 http 调用? * 您是如何集成成功处理程序的? 我刚刚配置了捆绑包并测试了捆绑包功能,正如 curl cmd 所说的文档: curl -X POST localhost:8000/api/login_check -d _username=admin -d _password=admin 【参考方案1】:您缺少每条路线的相应提供商,请查看here。
security:
firewalls:
login:
...
provider: in_memory
...
api:
...
provider: jwt
...
【讨论】:
感谢您的重播,但也无法正常工作,它返回一个类似于 symfony 项目索引页代码的 html 响应! 解决了!我刚刚将 fos_userbundle 作为第一个提供者来检查数据库中的凭据【参考方案2】:问题解决了!只需将 fos_userbundle 作为第一个提供者来检查数据库中的凭据
security:
providers:
fos_userbundle:
id: fos_user.user_provider.username
in_memory:
memory: ~
...
【讨论】:
以上是关于symfony LexikJWTAuthenticationBundle 凭证错误的主要内容,如果未能解决你的问题,请参考以下文章
symfony/skeleton 和 symfony/website-skeleton
WordPress 作为 Symfony (Symfony3) 子目录