我有基于symfony3的api和前端Angular2,后者使用LexikJWTAuthenticationBundle进行身份验证。所以我的api被LexikJWT的所有端点保护着。但我的应用程序应该在没有身份验证端点的情况下访问以呈现Angular前端的数据。
我的security.yml看起来像
firewalls:
oauth_token:
pattern: ^/oauth/v2/token
security: false
oauth_authorize:
pattern: ^/oauth/v2/auth
security: false
# Add your favorite authentication process here
login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api
stateless: true
lexik_jwt: ~
main:
pattern: ^/
provider: fos_userbundle
stateless: true
form_login:
check_path: /login_check
username_parameter: username
password_parameter: password
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
logout: true
anonymous: true
在这种情况下,我必须采取什么方法?