我尝试对我的symfony / mongodb项目实施LexikJWT身份验证,我成功通过静态用户(in_memory)进行身份验证,但我不知道如何使用我自己的用户类来利用它,这里是我的代码-lines:
Security.yml
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
#
# role_hierarchy:
# ROLE_USER: ROLE_USER
# ROLE_CLIENT: ROLE_CLIENT
# ROLE_ADMIN: ROLE_ADMIN
providers:
in_memory:
memory:
users:
wajdi:
password: wajdi
roles: 'ROLE_USER'
aymen:
password: aymen
roles: 'ROLE_ADMIN'
firewalls:
login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api
stateless: true
anonymous: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_ANONYMOUSLY }
运行以下命令行后,我可以成功获取令牌:
curl -X POST http://192.168.1.13:8000/api/login_check -d _username=wajdi -d _password=wajdi
现在我想将我的用户文档设置为提供者,所以我更新为:
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
providers:
jwt:
lexik_jwt:
class: ApiBundle\Security\User
firewalls:
login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api
stateless: true
anonymous: true
provider: jwt
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_ANONYMOUSLY }
这就是我的用户文档:
<?php
namespace ApiBundle\Document;
use Doctrine\ODM\MongoDB\Mapping\Annotations as MongoDB;
/**
* @MongoDB\Document
* @MongoDB\InheritanceType("COLLECTION_PER_CLASS")
*/
class User
{
/**
* @MongoDB\Id
*/
protected $id;
/**
* @MongoDB\Field(type="string")
*/
protected $username;
/**
* @MongoDB\Field(type="string")
*/
protected $email;
/**
* @MongoDB\Field(type="string")
*/
protected $password;
/**
* Get id
*
* @return id $id
*/
public function getId()
{
return $this->id;
}
/**
* Set username
*
* @param string $username
* @return self
*/
public function setUsername($username)
{
$this->username = $username;
return $this;
}
/**
* Get username
*
* @return string $username
*/
public function getUsername()
{
return $this->username;
}
/**
* Set email
*
* @param string $email
* @return self
*/
public function setEmail($email)
{
$this->email = $email;
return $this;
}
/**
* Get email
*
* @return string $email
*/
public function getEmail()
{
return $this->email;
}
/**
* Set password
*
* @param string $password
* @return self
*/
public function setPassword($password)
{
$this->password = $password;
return $this;
}
/**
* Get password
*
* @return string $password
*/
public function getPassword()
{
return $this->password;
}
}
我添加了JWTUserInterface,我跟随该链接 https://github.com/lexik/LexikJWTAuthenticationBundle/blob/master/Resources/doc/8-jwt-user-provider.md
但它不清楚,没有例子,我需要知道更多细节,换句话说如何将我的用户设置为提供者(通过用户名或电子邮件/密码连接)。
关键字的
谢谢。
答案 0 :(得分:0)
使用此链接。https://github.com/m0uj/symfony4-mongodb-jwt-starter 这真的很有帮助。 检查security.yaml文件配置和用户文档 如果可能,请使用以下mongodb提供程序: our_db_provider: mongodb: 类别:App \ Document \ ERPUserMaster 属性:用户名
答案 1 :(得分:0)
这里有一个例子:
https://symfony.com/doc/current/security/custom_provider.html
在您的Web服务提供商的构造函数中分配一个存储库,然后使用该存储库获取用户。
在security.yml中: