我正在研究Symfony 4 API平台项目,并且有一个Symfony 4客户端项目,我想与谁登录该API。我正在使用guzzle来访问API上的资源。
例如,这里是我已经实现的GuzzleTrait
:
<?php
/**
* Created by PhpStorm.
* User: simslay
* Date: 15/12/2018
* Time: 15:29
*/
namespace App\Controller;
use GuzzleHttp\Client;
trait GuzzleTrait
{
private $client;
public function __construct()
{
$this->client = new Client([
'base_uri' => 'http://127.0.0.1:8001'
]);
}
private function getContent(string $finUri) {
$content = null;
try {
$dataContent = $this->client->request('GET', 'api/'.$finUri);
$content = json_decode($dataContent->getBody()->getContents(), true);
} catch(\GuzzleHttp\Exception\GuzzleException $e) {
$this->addFlash(
'danger',
$e->getMessage()
);
}
return $content;
}
}
我正在研究本教程:Implementing JWT Authentication to your API Platform application
并且在我的API上具有相同的逻辑。
另外,这是我的客户端security.yaml:
security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
encoders:
App\Entity\User: bcrypt
providers:
in_memory: { memory: ~ }
user_provider:
entity:
class: App\Entity\User
property: surnom
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: true
# activate different ways to authenticate
# http_basic: true
# https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
# form_login: true
# https://symfony.com/doc/current/security/form_login_setup.html
form_login:
login_path: security_connexion
check_path: security_connexion
username_parameter: _surnom
password_parameter: _password
default_target_path: index
provider: user_provider
logout:
path: /deconnexion
target: /
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/admin, roles: [ROLE_ADMIN, ROLE_SUPER_ADMIN] }
# - { path: ^/profile, roles: ROLE_USER }
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
我在API上有一个带有用户实体的数据库。
在客户端也必须有一个User实体吗?
在curl中,要登录,我有以下命令:
curl -X POST -H "Content-Type: application/json" http://localhost:8000/login_check -d '{"username":"johndoe","password":"test"}'
如何从Symfony 4客户端登录到API?