我在Symfony 3上遇到了JWT Auth软件包的问题。我已经按照他们的github自述文件中的说明进行了操作但似乎无法弄清楚我哪里出错了或者出了什么问题。
我正在使用Symfony 3.1.1,使用LexikJWTAuthenticationBundle 2.0 和FriendsofSymfony userbundle。
问题: 每当我尝试按照他们的示例中的指示登录(用户和密码替换):
curl -X POST http://192.168.33.30/api/login_check -d _username=johndoe -d _password=test
我明白了:
{"code":401,"message":"Bad credentials"}
如果我通过以下方式手动生成令牌:
$jwtManager = $this->container->get('lexik_jwt_authentication.jwt_manager');
$userManager = $this->container->get('fos_user.user_manager');
$user = $userManager->findUserByEmail('emailhere');
dump($jwtManager->create($user));
我得到了相当长的令牌。然后在邮递员中使用它作为带有密钥"授权"的标题。价值:"持票人"
然后我尝试在防火墙URL下调用端点并触发failure_handler。它设法从令牌中提取数据,即我在令牌中编码的电子邮件等。但我总是失败。
我的其他数据是:
security.yml 安全: 编码器: FOS \ UserBundle \ Model \ UserInterface:bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
in_memory:
memory: ~
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
main:
pattern: ^/
form_login:
provider: fos_userbundle
# csrf_token_generator: security.csrf.token_manager
logout: true
anonymous: true
config.yml
lexik_jwt_authentication:
private_key_path: %jwt_private_key_path%
public_key_path: %jwt_public_key_path%
pass_phrase: %jwt_key_pass_phrase%
token_ttl: %jwt_token_ttl%
# key under which the user identity will be stored in the token payload
user_identity_field: email
# token encoding/decoding settings
encoder:
# token encoder/decoder service - default implementation based on the namshi/jose library
service: lexik_jwt_authentication.encoder.default
# crypto engine used by the encoder service
crypto_engine: openssl
# encryption algorithm used by the encoder service
signature_algorithm: RS256
# token extraction settings
token_extractors:
authorization_header: # look for a token as Authorization Header
enabled: true
prefix: Bearer
name: Authorization
cookie: # check token in a cookie
enabled: false
name: BEARER
query_parameter: # check token in query string parameter
enabled: false
name: bearer
的routing.yml
api_login_check:
path: /api/login_check
如果有人有任何建议,请告诉我。我很难过这个。
答案 0 :(得分:2)
您需要删除内存中的用户提供程序:
providers:
fos_userbundle:
id: fos_user.user_provider.username