我一直都在不断获得不良证书。我找不到配置中的问题。
该应用程序已经具有用户安全性(/ api路径)。我尝试为新的api捆绑包(/ apimobile路径)制作另一个。
Config.yml
fos_user:
db_driver: orm
firewall_name: api_secure_area
user_class: APIBundle\Entity\User
from_email:
address: r@re.fr
sender_name: Team
security.yml
security:
role_hierarchy:
ROLE_ANONYMOUS: ROLE_ANONYMOUS
ROLE_USER: [ROLE_ANONYMOUS]
ROLE_ENTITY_M: [ROLE_USER]
ROLE_ENTITY_MANAGER: [ROLE_ENTITY_M]
ROLE_ENTITY_SENIORS_MANAGER: [ROLE_ENTITY_M]
ROLE_REZOPRO_MANAGER: [ROLE_USER]
ROLE_MACIF: [ROLE_USER]
ROLE_ADMIN: [ROLE_MACIF, ROLE_ENTITY_MANAGER, ROLE_ENTITY_SENIORS_MANAGER, ROLE_ENTITY_M, ROLE_REZOPRO_MANAGER]
ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
fos_userbundle:
id: fos_user.user_provider.username
auth_token_user_provider:
id: auth_token_user_provider
backend:
entity:
# class: AppBundle\Entity\APIUser
class: AppBundle\Entity\APIUser
property: email
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
api:
pattern: ^/api/
stateless: true
simple_preauth:
authenticator: auth_token_authenticator
provider: auth_token_user_provider
anonymous: ~
api_secure_area:
pattern: ^/apimobile/
stateless: false
anonymous: ~
provider: fos_userbundle
lexik_jwt: ~
json_login:
check_path: /apimobile/login
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
app:
pattern: ^/
anonymous: true
provider: backend
form_login:
login_path: login
check_path: login_check
logout:
path: logout
target: homepage
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
access_control:
- { path: ^/api, roles: ROLE_ANONYMOUS }
- { path: ^/admin, roles: ROLE_SUPER_ADMIN }
- { path: ^/downloads, roles: ROLE_ANONYMOUS }
- { path: ^/Resources, methods: [GET] }
encoders:
AppBundle\Entity\APIUser:
algorithm: bcrypt
cost: 12
APIBundle\Entity\User: sha1
routing.yml
api_mobile_login_check:
path: /apimobile/login
我想知道,当现有的后端用户提供者使用电子邮件时,FOSUser是否需要用户名作为标识符这一事实是否棘手?
因此,请继续获取此信息:
curl -X POST -H“内容类型:application / json” http://localhost:8000/apimobile/login -d'{“ username”:“ UserTest”,“ password”:“ test”}'
{"code":401,"message":"Bad credentials"}
感谢您的帮助。
编辑:使用终端中的fos:user命令创建的UserTest。