我遇到了一个很小的问题,我真的不知道该如何解决,我尝试了一些稍后将提及的解决方案,但仍然一无所获,这是在尝试使我的用户进行身份验证时出现的身份验证问题。
我有一个这样的User实体:
<?php
namespace App\Entity;
use ApiPlatform\Core\Annotation\ApiResource;
use Doctrine\ORM\Mapping as ORM;
use Doctrine\Common\Collections\ArrayCollection;
use Doctrine\Common\Collections\Collection;
use Symfony\Component\Serializer\Annotation\Groups;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* @ApiResource(normalizationContext={"groups"={"read"}})
* @ORM\Entity(repositoryClass="App\Repository\UserRepository")
*/
class User implements UserInterface {
/**
* @ORM\Id()
* @ORM\GeneratedValue()
* @ORM\Column(type="integer")
* @Groups({"read"})
*/
private $id;
/**
* @ORM\Column(type="string", length=255)
* @Groups({"read"})
*/
private $username;
/**
* @ORM\Column(type="string", length=255)
* @Groups({"read"})
*/
private $email;
/**
* @ORM\Column(type="string", length=255)
*/
private $password;
/**
* @ORM\OneToMany(targetEntity="App\Entity\Post", mappedBy="user")
* @Groups({"read"})
*/
private $posts;
public function __construct(){
$this->posts = new ArrayCollection();
}
public function getId(): ?int
{
return $this->id;
}
public function getUsername(): ?string
{
return $this->name;
}
public function setUsername(string $name): self
{
$this->name = $name;
return $this;
}
public function getEmail(): ?string
{
return $this->email;
}
public function setEmail(string $email): self
{
$this->email = $email;
return $this;
}
public function getPassword(): ?string
{
return $this->password;
}
public function setPassword(string $password): self
{
$this->password = $password;
return $this;
}
public function getRoles(){
}
public function getSalt(){
}
public function eraseCredentials(){
}
public function getPosts(): Collection
{
return $this->posts;
}
}
这是我的security.yaml文件:
security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
encoders:
App\Entity\User:
algorithm: bcrypt
providers:
#in_memory: { memory: ~ }
database:
entity:
class: App\Entity\User
property: username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
api:
pattern: ^/api
stateless: true
anonymous: true
json_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
# activate different ways to authenticate
# https://symfony.com/doc/current/security.html#firewalls-authentication
# https://symfony.com/doc/current/security/impersonating_user.html
# switch_user: true
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
# - { path: ^/admin, roles: ROLE_ADMIN }
# - { path: ^/profile, roles: ROLE_USER }
所以我做到了与本课程中提到的完全相同,但是仍然出现401错误,因此我尝试对某些文件进行一些更改,这是由面临相同问题的其他人提出的,我试图在这行中添加此行。 htaccess文件:
# Sets the HTTP_AUTHORIZATION header removed by Apache
RewriteEngine On
RewriteCond %{HTTP:Authorization} .
RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
但是仍然出现相同的错误,因此我愿意尝试提到的其他解决方案here,但是我使用的是Windows而不是Linux,因此答案与我的需求不符。
我被困了将近一天,我需要帮助的人,任何帮助将不胜感激。
答案 0 :(得分:1)
我遇到了类似的问题,并按以下步骤解决了它:
security:
firewalls:
api:
pattern: ^/login_check
json_login:
check_path: /login_check
access_control:
- { path: ^/api/login_check, roles: IS_AUTHENTICATED_ANONYMOUSLY
在LexikJWTAuthenticationBundle GitHub发行委员会上对此进行了一些讨论:here