Question

我是API平台的新手，试图使用FOSUserBundle进行JWT认证。

我一步一步地追随https://symfony.com/doc/master/bundles/FOSUserBundle/index.html 教程和第5步之后，当我尝试重新运行第1步时，我得到错误：

没有扩展能够加载＆＃34; csrf_protection＆＃34;的配置。（在E：\ rest-api \ app / config \ config.yml中）。查找命名空间＆＃34; csrf_protection＆＃34;，f ound＆＃34;框架＆＃34;，...

当我尝试更新方案时，我也得到相同的错误。任何帮助？

这是我的security.yml

security:

    encoders:
            FOS\UserBundle\Model\UserInterface: bcrypt

    role_hierarchy:
            ROLE_ADMIN:       ROLE_USER
            ROLE_SUPER_ADMIN: ROLE_ADMIN


    # http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
    providers:
        in_memory:
            memory: ~

        fos_userbundle:
                    id: fos_user.user_provider.username


    firewalls:

        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:

          #  pattern: ^/(_(profiler|wdt)|css|images|js)/
          security: false


        main:
            pattern: ^/
            form_login:
                            provider: fos_userbundle
                            Scsrf_token_generator: security.csrf.token_manager
                            #csrf_provider: form.csrf_provider
            logout:       true
            anonymous:    true


    access_control:
                - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
                - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
                - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
                - { path: ^/admin/, role: ROLE_ADMIN }

这是我添加到config.yml

的内容

 api_platform:
    http_cache:
        invalidation:
            enabled: true
            #varnish_urls: '%varnish_urls%'
        max_age: 0
        shared_max_age: 3600
        vary: ['Content-Type', 'Authorization']
        public: true
    swagger:
        api_keys:
           - { name: 'Authorization', type: 'header'}
    enable_fos_user: true

fos_user:
    db_driver: orm # other valid values are 'mongodb' and 'couchdb'
    firewall_name: main
    user_class: AppBundle\Entity\AuthUser
    from_email:
        address: "%mailer_user%"
        sender_name: "%mailer_user%"

csrf_protection:
     enabled: false

AppKernel.php

public function registerBundles()
{
    $bundles = [
        new Symfony\Bundle\FrameworkBundle\FrameworkBundle(),
        new Symfony\Bundle\SecurityBundle\SecurityBundle(),
        new Symfony\Bundle\TwigBundle\TwigBundle(),
        new Symfony\Bundle\MonologBundle\MonologBundle(),
        new Symfony\Bundle\SwiftmailerBundle\SwiftmailerBundle(),
        new Doctrine\Bundle\DoctrineBundle\DoctrineBundle(),
        new Sensio\Bundle\FrameworkExtraBundle\SensioFrameworkExtraBundle(),
        new ApiPlatform\Core\Bridge\Symfony\Bundle\ApiPlatformBundle(),
        new Nelmio\CorsBundle\NelmioCorsBundle(),
        new AppBundle\AppBundle(),
        new Lexik\Bundle\JWTAuthenticationBundle\LexikJWTAuthenticationBundle(),
        new FOS\UserBundle\FOSUserBundle(),
        new Doctrine\Bundle\MigrationsBundle\DoctrineMigrationsBundle(),
    ];

任何建议/帮助？

Answer 1

从config.yml

中删除此csrf_protection配置

csrf_protection:
     enabled: false

Answer 2

我认为您的配置配置错误，请阅读此文档：https://api-platform.com/docs/core/fosuser-bundle/他们有一个很好的JWT Authentification与api-platform集成的教程。祝你好运！

csrf_protection - 无法加载扩展名

2 个答案: