我有一个symfony 3应用程序。 / api和one / back(管理)有一部分
/ api使用LexikJwtAuthentication和/ back FosUserBundle。
根据我的实际安全性,当我去/返回时我有错误。
Accept我认为,我的应用尝试阅读Bearer令牌。
如何将FosUSerBundle安全性与routes / back一起使用?
我的security.yml
A Token was not found in the TokenStorage.
的routing.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
...
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
...
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api
stateless: true
guard:
authenticators:
- api.jwt_authenticator
logout: true
anonymous: true
back:
pattern: ^/back
form_login:
provider: fos_userbundle
login_path: /back/login
check_path: /back/login_check
csrf_token_generator: security.csrf.token_manager
config.yml
fos_user_security_login:
defaults: { _controller: "FOSUserBundle:Security:login" }
path: /back/login
fos_user_security_check:
defaults: { _controller: "FOSUserBundle:Security:check" }
path: /back/login_check
fos_user_security_logout:
defaults: { _controller: "FOSUserBundle:Security:logout" }
path: /back/logout
答案 0 :(得分:0)
我想您忘记添加提供程序和csrf_token_generator(Symfony doc):
back:
pattern: ^/back
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
login_path: /back/login
check_path: /back/login_check
并且检查FOSUser路线是否为后方/后方路线(cf Symfony doc)