Symfony和Api解锁路线

时间:2019-06-09 10:53:17

标签: api symfony

我正面临一个问题,但我不知道如何解决。 因此,我使用“ FOSRESTBundle”构建了一个API,并使用“ lexik_jwt_bundle”来获取令牌。

但是现在,他问我API的每个路由的令牌,而我希望没有令牌的路由可以访问。 我该怎么办?

这是我的security.yaml:

security:
    encoders:
        App\Entity\User:
            algorithm: argon2i


    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
    providers:
        # used to reload user from session & other features (e.g. switch_user)
        app_user_provider:
            entity:
                class: App\Entity\User
                property: email
        # used to reload user from session & other features (e.g. switch_user)
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        login:
            pattern: ^/api/login
            stateless: true
            anonymous: true
            json_login:
                check_path: /api/login_check
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure
        api:
            pattern: ^/api
            stateless: true
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator
        vehicule:
            pattern: ^/api/vehicules
            stateless: true
            anonymous: true
            lexik_jwt:
                authorization_header:
                    enabled: false
                    prefix:  Bearer
        main:
            anonymous: true

            # activate different ways to authenticate
            # https://symfony.com/doc/current/security.html#firewalls-authentication

            # https://symfony.com/doc/current/security/impersonating_user.html
            # switch_user: true

    # Easy way to control access for large sections of your site
    # Note: Only the *first* access control that matches will be used
    access_control:
         - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
         - { path: ^/api/vehicule, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/api/vehicules, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        # - { path: ^/admin, roles: ROLE_ADMIN }
        # - { path: ^/profile, roles: ROLE_USER }

1 个答案:

答案 0 :(得分:0)

您在access_controlfirewalls部分中的订单是错误的:

firewalls:
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false
    login:
        pattern: ^/api/login
        stateless: true
        anonymous: true
        json_login:
            check_path: /api/login_check
            success_handler: lexik_jwt_authentication.handler.authentication_success
            failure_handler: lexik_jwt_authentication.handler.authentication_failure
    vehicule:
        pattern: ^/api/vehicules
        stateless: true
        anonymous: true
        lexik_jwt:
            authorization_header:
                enabled: false
                prefix:  Bearer
    api:
        pattern: ^/api
        stateless: true
        guard:
            authenticators:
                - lexik_jwt_authentication.jwt_token_authenticator

    main:
        anonymous: true

        # activate different ways to authenticate
        # https://symfony.com/doc/current/security.html#firewalls-authentication

        # https://symfony.com/doc/current/security/impersonating_user.html
        # switch_user: true

# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
     - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
     - { path: ^/api/vehicule, roles: IS_AUTHENTICATED_ANONYMOUSLY }
     - { path: ^/api/vehicules, roles: IS_AUTHENTICATED_ANONYMOUSLY }
     - { path: ^/api, roles: IS_AUTHENTICATED_FULLY }

    # - { path: ^/admin, roles: ROLE_ADMIN }
    # - { path: ^/profile, roles: ROLE_USER }
相关问题
最新问题