具有学说的LexikJWTAuthenticationBundle->找不到JWT令牌

时间:2019-04-13 19:16:43

标签: api-platform.com

我正在尝试将LexikJWTAuthenticationBundle与具有API平台的Doctrine用户管理一起使用。 配置完成后,我总是收到 {“ code”:401,“ message”:“找不到JWT令牌”}

1)我按照https://github.com/lexik/LexikJWTAuthenticationBundle/blob/master/Resources/doc/index.md中的说明安装了LexikJWTAuthenticationBundle,我将route.yaml更改为/ login_check路径,而不是/ api / login_check

2)我生成了实体用户,并使用了原理来生成数据库表。另外,我创建了类UserRepository

3)我将security.yaml更改为

# app/config/packages/security.yaml
security:
    encoders:
        FOS\UserBundle\Model\UserInterface: bcrypt

    role_hierarchy:
        ROLE_READER: ROLE_USER
        ROLE_ADMIN: ROLE_READER

    providers:
        users:
            entity:
                # the class of the entity that represents users
                class: 'App\Entity\User'
                # the property to query by - e.g. username, email, etc
                property: 'username'
                # optional: if you're using multiple Doctrine entity
                # managers, this option defines which one to use
                # manager_name: 'customer'

    firewalls:
        login:
            pattern:  ^/login
            stateless: true
            anonymous: true
            provider: users
            json_login:
                check_path: /login_check
                username_path: email
                password_path: password
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure

        main:
            pattern:   ^/
            provider: users
            stateless: true
            anonymous: true
            guard:
                authenticators:
                - lexik_jwt_authentication.jwt_token_authenticator

        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false

    access_control:
    - { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/books, roles: [ ROLE_READER ] }
    - { path: ^/, roles: [ ROLE_READER ] }

此外,我将api_platform.yaml更改为

parameters:
    # Adds a fallback VARNISH_URL if the env var is not set.
    # This allows you to run cache:warmup even if your
    # environment variables are not available yet.
    # You should not need to change this value.
    env(VARNISH_URL): ''

api_platform:
    swagger:
        api_keys:
            apiKey:
                name: Authorization
                type: header
    mapping:
        paths: ['%kernel.project_dir%/src/Entity']
    title: Hello API Platform
    version: 1.0.0
    #Varnish integration, remove if unwanted
#    http_cache:
#        invalidation:
#            enabled: true
#            varnish_urls: ['%env(VARNISH_URL)%']
#        max_age: 0
#        shared_max_age: 3600
#        vary: ['Content-Type', 'Authorization']
#        public: true
    # Mercure integration, remove if unwanted
    mercure:
        hub_url: '%env(MERCURE_SUBSCRIBE_URL)%'

用户外观

<?php

namespace App\Entity;

use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\UserInterface;

/**
 * @ORM\Entity(repositoryClass="App\Repository\UserRepository")
 */
class User implements UserInterface, \Serializable
{
    /**
     * @ORM\Column(type="integer")
     * @ORM\Id
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    private $id;

    /**
     * @ORM\Column(type="string", length=25, unique=true)
     */
    private $username;

    /**
     * @ORM\Column(type="string", length=64)
     */
    private $password;

    /**
     * @ORM\Column(type="string", length=60, unique=true)
     */
    private $email;

    /**
     * @ORM\Column(name="is_active", type="boolean")
     */
    private $isActive;

    public function __construct() // add $username
    {
        $this->isActive = true;
    }

    public function getUsername()
    {
        return $this->username;
    }

    public function getSalt()
    {
        // you *may* need a real salt depending on your encoder
        // see section on salt below
        return null;
    }

    public function getPassword()
    {
        return $this->password;
    }

    public function getRoles()
    {
        return array('ROLE_ADMIN');
    }

    public function eraseCredentials()
    {
    }

    /** @see \Serializable::serialize() */
    public function serialize()
    {
        return serialize(array(
            $this->id,
            $this->username,
            $this->password,
            // see section on salt below
            // $this->salt,
        ));
    }

    /** @see \Serializable::unserialize() */
    public function unserialize($serialized)
    {
        list (
            $this->id,
            $this->username,
            $this->password,
            // see section on salt below
            // $this->salt
            ) = unserialize($serialized);
    }
}

如果我使用curl我会收到以下错误: 找不到路径“ / login_check”的控制器。路由配置错误。 (找不到404)

我的错误在哪里?预先感谢。

1 个答案:

答案 0 :(得分:0)

如果您使用 Apache ,并且拥有{"code": 401, "message": "JWT token not found"},则问题可能出在虚拟主机中的重写规则。 就我而言,我从虚拟主机中删除了重写规则,并将丢失的.htaccess添加到/public文件夹中(Symfony 4)

PS:Symfony <4的/web文件夹


请参阅Lexik JWT Token not found