Question

我尝试按照http://symfony.com/doc/current/security/api_key_authentication.html的教程

向我的Symfony项目添加API身份验证

我从那里做了所有事情，将ApiKeyAuthenticator和ApiKeyUserProvider文件添加到项目中就像他们在那里一样并配置了services和security指令但是每当我尝试要对API进行身份验证，它会将我重定向到我的登录页面。

让我展示与教程不同的文件

security.yml

security:
    encoders:
        AppBundle\Entity\User:
            algorithm: bcrypt

    # http://symfony.com/doc/current/security.html#b-configuring-how-users-are-loaded
    providers:
        mysql_provider:
            entity:
                class: AppBundle:User
        api_key_user_provider:
            id: api_key_user_provider

    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main:
            pattern: ^/
            http_basic: ~
            provider: mysql_provider
            anonymous: ~
            http_basic: ~
            form_login:
                login_path: login
                check_path: login
                csrf_token_generator: security.csrf.token_manager
                default_target_path: home
                target_path_parameter: redirect_url
                always_use_default_target_path: true
                use_referer: true
            logout:
                path: /logout
                target: /
        secured_area:
            pattern: ^/api
            stateless: true
            simple_preauth:
                authenticator: api_key_authenticator
            provider: api_key_user_provider

    access_control:
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, roles: ROLE_USER }
        - { path: ^/user/*, roles: ROLE_USER }
        - { path: ^/job/*, roles: ROLE_USER }
        - { path: ^/home, roles: ROLE_USER }
        - { path: ^/api/*, roles: ROLE_API }

services.yml

parameters:
services:
    app.locale_listener:
        class: AppBundle\EventListener\LocaleListener
        arguments: ['%kernel.default_locale%']
        tags:
            - { name: kernel.event_subscriber }

    app.login_service:
        class:        AppBundle\EventListener\LoginListener
        arguments:    ["@doctrine.orm.entity_manager"]
        tags:
            - { name: kernel.event_listener, event: security.authentication.success, method: onSuccessfulLogin }

    api_key_authenticator:
        class:  AppBundle\Security\ApiKeyAuthenticator
        public: false

    api_key_user_provider:
        class: AppBundle\Security\ApiKeyUserProvider

config.yml

imports:
    - { resource: parameters.yml }
    - { resource: security.yml }
    - { resource: services.yml }

# Put parameters here that don't need to change on each machine where the app is deployed
# http://symfony.com/doc/current/best_practices/configuration.html#application-related-configuration
parameters:
    locale: en

framework:
    #esi:             ~
    #translator:      { fallbacks: ["%locale%"] }
    translator: { fallbacks: [en, es] }
    secret:          "%secret%"
    router:
        resource: "%kernel.root_dir%/config/routing.yml"
        strict_requirements: ~
    form:            ~
    csrf_protection: ~
    validation:      { enable_annotations: true }
    templating:
        engines: ['twig']
    default_locale:  "%locale%"
    trusted_hosts:   ~
    trusted_proxies: ~
    session:
        # http://symfony.com/doc/current/reference/configuration/framework.html#handler-id
        handler_id:  session.handler.native_file
        save_path:   "%kernel.root_dir%/../var/sessions/%kernel.environment%"
    fragments:       ~
    http_method_override: true
    assets: ~
    php_errors:
        log: true

# Twig Configuration
twig:
    debug:            "%kernel.debug%"
    strict_variables: "%kernel.debug%"
    form_themes: ['bootstrap_3_layout.html.twig']

# Doctrine Configuration
doctrine:
    dbal:
        driver:   pdo_mysql
        host:     "%database_host%"
        port:     "%database_port%"
        dbname:   "%database_name%"
        user:     "%database_user%"
        password: "%database_password%"
        charset:  UTF8

    orm:
        auto_generate_proxy_classes: "%kernel.debug%"
        naming_strategy: doctrine.orm.naming_strategy.underscore
        auto_mapping: true

# Swiftmailer Configuration
swiftmailer:
    transport: "%mailer_transport%"
    host:      "%mailer_host%"
    username:  "%mailer_user%"
    password:  "%mailer_password%"
    spool:     { type: memory }

ApiKeyAuthenticator和ApiKeyUserProvider与教程中的文件相同。

有人可以帮我解决吗？

Answer 1

我终于解决了它，问题在于security配置文件中防火墙中指令的顺序。

我不得不将其更改为：

...
    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        secured_area:
            pattern: ^/api
            stateless: true
            simple_preauth:
                authenticator: api_key_authenticator
            provider: api_key_user_provider
        main:
            pattern: ^/
            http_basic: ~
            provider: mysql_provider
            anonymous: ~
            http_basic: ~
            form_login:
                login_path: login
                check_path: login
                csrf_token_generator: security.csrf.token_manager
                default_target_path: home
                target_path_parameter: redirect_url
                always_use_default_target_path: true
                use_referer: true
            logout:
                path: /logout
                target: /
...

现在它按预期工作

无法让Symfony的API身份验证工作

1 个答案: