我的JWT令牌身份验证存在问题。我在Symfony中是新手,如果我向用户实体添加用户提供程序,则令牌身份验证不起作用,并且您不再需要标头中的令牌=>访问任何东西。但是,如果我删除用户提供程序,我会在每个第二个请求上收到此消息,但另一个请求可以正常使用该令牌:
"There is no user provider for user "AppBundle\Entity\TbluserBase"
有人可以帮助我或建议一些有关此问题的教程吗?我想我错过了或者必须在我的文件中更改一些内容。
JWT身份验证器
class JWT_Authenticator extends AbstractGuardAuthenticator {
private $Entity_Manager;
private $JWT_Encoder;
public function __construct(EntityManager $em, DefaultEncoder $jwt_Encoder) {
$this->Entity_Manager = $em;
$this->JWT_Encoder = $jwt_Encoder;
}
public function start(Request $request, AuthenticationException $authException = null) {
$error = ['error' => 'Auth header required'];
return new JsonResponse($error, 401);
}
public function getCredentials(Request $request) {
if (!$request->headers->has('Authorization')) return;
$extractor = new AuthorizationHeaderTokenExtractor(
'Bearer',
'Authorization'
);
$token = $extractor->extract($request);
if(!$token) return;
return $token;
}
public function getUser($credentials, UserProviderInterface $user_Provider) {
$data = $this->JWT_Encoder->decode($credentials);
if (!$data) return;
$username = $data['usrnickname'];
$user = $this->Entity_Manager
->getRepository('AppBundle:TbluserBase')
->findOneBy(['usrnickname' => $username]);
if (!$user) return;
return $user;
}
public function checkCredentials($credentials, UserInterface $user) { return true; }
public function onAuthenticationFailure(Request $request, AuthenticationException $exception) {
return new JsonResponse([
'message' => $exception->getMessage()
], 401);
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey) { return; }
public function supportsRememberMe() { return false; }
}
安全
security:
encoders:
Symfony\Component\Security\Core\User\User:
algorithm: bcrypt
cost: 15
FOS\UserBundle\Model\UserInterface:
algorithm: bcrypt
cost: 15
AppBundle\Entity\TbluserBase:
algorithm: bcrypt
cost: 15
harsh:
algorithm: bcrypt
cost: 15
# http://symfony.com/doc/current/security.html#b-configuring-how-users-are-loaded
providers:
in_memory:
memory: ~
base_users:
id: app.user_provider
firewalls:
api:
pattern: ^/api/(?!Get_Token)
guard:
authenticators:
- app.jwt_token_authenticator
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: ~
http_basic: ~
# activate different ways to authenticate
# http://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
#http_basic: ~
# http://symfony.com/doc/current/cookbook/security/form_login_setup.html
#form_login: ~
access_control:
- { path: /api/Get_Token, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: [ROLE_USER, ROLE_API_USER] }
服务
parameters:
#parameter_name: value
services:
app.user_provider:
class: AppBundle\Security\UserBaseProvider
app.jwt_token_authenticator:
class: AppBundle\Security\JWT_Authenticator
arguments: ['@doctrine.orm.entity_manager', '@lexik_jwt_authentication.encoder.default']
#service_name:
# class: AppBundle\Directory\ClassName
# arguments: ['@another_service_name', 'plain_value', '%parameter_name%']
用户提供商
class UserBaseProvider implements UserProviderInterface
{
public function loadUserByUsername($username)
{
$user = new TbluserBase();
$user->setUsrnickname($username);
return $user;
}
public function refreshUser(UserInterface $user)
{
return $user;
}
public function supportsClass($class)
{
return $class == 'AppBundle\Entity\TbluserBase';
}
}
我使用过这些教程:
https://kolabdigital.com/lab-time/symfony-json-web-tokens-authentication-guard