Question

我正在使用Symfony 4.2和API平台开发API。我将Lexik JWT捆绑包用于JWT管理。

我首先通过GIT恢复项目，然后安装了依赖项。然后，我配置了数据库（在.env中）。我重新生成了私钥和公钥，并在.env（以及lexik配置文件）中更改了pass_phrase。

我创建了数据库，架构，还添加了固定装置。

.env文件：

###> symfony/framework-bundle ###
APP_ENV=dev
APP_SECRET=fe2d9e035f82de508cfa67d0ae4720ed
#TRUSTED_PROXIES=127.0.0.1,127.0.0.2
#TRUSTED_HOSTS='^localhost|example\.com$'
###< symfony/framework-bundle ###

###> doctrine/doctrine-bundle ###
# Format described at http://docs.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url
# For an SQLite database, use: "sqlite:///%kernel.project_dir%/var/data.db"
# Configure your db driver and server_version in config/packages/doctrine.yaml
DATABASE_URL=mysql://root:dimitri@localhost:3306/mydb

###< doctrine/doctrine-bundle ###

###> symfony/swiftmailer-bundle ###
# For Gmail as a transport, use: "gmail://username:password@localhost"
# For a generic SMTP server, use: "smtp://localhost:25?encryption=&auth_mode="
# Delivery is disabled by default via "null://localhost"
MAILER_URL=null://localhost
###< symfony/swiftmailer-bundle ###

###> nelmio/cors-bundle ###
CORS_ALLOW_ORIGIN=*
###< nelmio/cors-bundle ###

###> lexik/jwt-authentication-bundle ###
JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem
JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem
JWT_PASSPHRASE=dimitri
###< lexik/jwt-authentication-bundle ###

PROJECT_NAME="NAME"
PROJECT_VERSION="1.0"
API_URI="http://127.0.0.1:8000"

security.yaml文件：

security:
    encoders:
        App\Entity\User:
            algorithm: bcrypt
    providers:
        app_user_provider:
            entity:
                class: App\Entity\User
                property: email
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        login:
            pattern:  ^/login
            stateless: true
            anonymous: true
            json_login:
                check_path:               /login_check
                success_handler:          lexik_jwt_authentication.handler.authentication_success
                failure_handler:          lexik_jwt_authentication.handler.authentication_failure
        api:
            pattern:   ^/
            stateless: true
            anonymous: true
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator
        main:
            anonymous: true
    access_control:
        - { path: ^/users/email$, roles: IS_AUTHENTICATED_ANONYMOUSLY }

我的项目在本地运行（在我的PC上），但是当我在VPS上部署它时，会收到以下响应：401未经授权-凭据错误

Answer 1

您的VPS是否已配置为支持https？从文档中，您必须在VirtualHost配置中添加SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1（如果您使用的是ubuntu服务器，它将是httpd.conf。我使用的是）来支持HTTP。如果不是，它将剥离授权标头。

有关更多信息，请参阅此LeixkJWTAuthentication Documentation

401未经授权：/ login_check上的凭据无效

1 个答案: