我正在将symfony2用于网站。我还使用Fosuser和LexikJWT通过Web服务进行连接。我阅读了LexikJWT的文档,但它不起作用。
jwt_private_key_path: %kernel.root_dir%/var/jwt/private.pem # ssh private key path
jwt_public_key_path: %kernel.root_dir%/var/jwt/public.pem # ssh public key path
jwt_key_pass_phrase: 'mypass' # ssh key pass phrase
jwt_token_ttl: 86400
fos_user:
resource: "@FOSUserBundle/Resources/config/routing/all.xml"
fos_user_change_password:
resource: "@FOSUserBundle/Resources/config/routing/change_password.xml"
prefix: /profile
admin:
resource: "@AppBundle/Resources/config/routing.php"
prefix: /
api_login_check:
path: /api/login_check
fos_user:
db_driver: orm
firewall_name: main
user_class: AppBundle\Entity\User
registration:
confirmation:
enabled: true
service:
mailer: fos_user.mailer.default
lexik_jwt_authentication:
private_key_path: %jwt_private_key_path%
public_key_path: %jwt_public_key_path%
pass_phrase: %jwt_key_pass_phrase%
token_ttl: %jwt_token_ttl%
安全性:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
in_memory:
memory: ~
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
main:
anonymous: true
pattern: ^/
form_login:
provider: fos_userbundle
#csrf_provider: fos_user.user_provider.username
logout: true
anonymous: true
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
# http_basic:
# realm: "REST Service Realm"
# provider: fos_userbundle
login:
pattern: ^/api/login
stateless: true
anonymous: true
#provider: fos_userbundle
form_login:
check_path: /api/login_check
login_path: fos_user_security_login
check_path: fos_user_security_check
username_parameter: username
password_parameter: password
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api/.*
stateless: true
lexik_jwt: ~
provider: fos_userbundle
# default:
# pattern: ^/
# http_basic:
# realm: "REST Service Realm"
# provider: fos_userbundle
# logout: true
# activate different ways to authenticate
# http_basic: ~
# http://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate
# form_login: ~
# http://symfony.com/doc/current/cookbook/security/form_login_setup.html
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, role: ROLE_ADMIN }
- { path: ^/api/login, roles: ROLE_API }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
为了得到令牌,我把它放在终端上:
curl -X POST -d '{"username": "xxxx", "password": "xxxxx"}' -H "Content-Type:application/json" http://myhost:8888/api/login_check
然后它返回:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<meta http-equiv="refresh" content="1;url=http://myhost:8888/login" />
<title>Redirecting to http://myhost:8888/login</title>
</head>
<body>
Redirecting to <a href="http://myhost:8888/login">http://myhost:8888/login</a>.
</body>
</html>
但我想要一个json响应,如:
{
"token" : "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJleHAiOjE0MzQ3Mjc1MzYsInVzZXJuYW1lIjoia29ybGVvbiIsImlhdCI6IjE0MzQ2NDExMzYifQ.nh0L_wuJy6ZKIQWh6OrW5hdLkviTs1_bau2GqYdDCB0Yqy_RplkFghsuqMpsFls8zKEErdX5TYCOR7muX0aQvQxGQ4mpBkvMDhJ4-pE4ct2obeMTr_s4X8nC00rBYPofrOONUOR4utbzvbd4d2xT_tj4TdR_0tsr91Y7VskCRFnoXAnNT-qQb7ci7HIBTbutb9zVStOFejrb4aLbr7Fl4byeIEYgp2Gd7gY"
}
我不明白......任何人都可以帮助我吗?
谢谢!
编辑:我看到开发日志,错误是:
Access denied, the user is not fully authenticated