dongping4461 2016-12-22 21:34
浏览 77
已采纳

Symfony LexikJWTAuthenticationBundle无法进行身份验证

I'm encountering an issue with the JWT Auth bundle on Symfony 3. I've followed instructions from their github README but just can't seem to figure out where I've gone wrong or what is going wrong.

I am using Symfony 3.1.1, With LexikJWTAuthenticationBundle 2.0 And FriendsofSymfony userbundle.

The problem: Whenever I try to log in as instructed in their example via (with user and password substituted):

curl -X POST http://192.168.33.30/api/login_check -d _username=johndoe -d _password=test

I get:

{"code":401,"message":"Bad credentials"}

If I generate the token manually via:

        $jwtManager = $this->container->get('lexik_jwt_authentication.jwt_manager');
    $userManager = $this->container->get('fos_user.user_manager');
    $user = $userManager->findUserByEmail('emailhere');
    dump($jwtManager->create($user));

I get given quite a lengthy token. And then using that in postman as a Header with key "Authorization" value: "Bearer "

I then try to call an endpoint under the firewalled url and the failure_handler is triggered. It manages to extract from the token the data, ie the email I encoded in the token and so on. But I always get the failure.

My other data is:

security.yml security: encoders: FOS\UserBundle\Model\UserInterface: bcrypt

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_ADMIN


# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
    in_memory:
        memory: ~
    fos_userbundle:
        id: fos_user.user_provider.username
        firewalls:
    # disables authentication for assets and the profiler, adapt it according to your needs
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false
    login:
        pattern:  ^/api/login
        stateless: true
        anonymous: true
        form_login:
            check_path:               /api/login_check
            success_handler:          lexik_jwt_authentication.handler.authentication_success
            failure_handler:          lexik_jwt_authentication.handler.authentication_failure
            require_previous_session: false
    api:
        pattern:   ^/api
        stateless: true
        guard:
            authenticators:
                - lexik_jwt_authentication.jwt_token_authenticator
    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            # csrf_token_generator: security.csrf.token_manager

        logout:       true
        anonymous:    true

config.yml

lexik_jwt_authentication:
private_key_path: %jwt_private_key_path%
public_key_path:  %jwt_public_key_path%
pass_phrase:      %jwt_key_pass_phrase%
token_ttl:        %jwt_token_ttl%
# key under which the user identity will be stored in the token payload
user_identity_field: email

# token encoding/decoding settings
encoder:
    # token encoder/decoder service - default implementation based on the namshi/jose library
    service:            lexik_jwt_authentication.encoder.default
    # crypto engine used by the encoder service
    crypto_engine:  openssl
    # encryption algorithm used by the encoder service
    signature_algorithm: RS256

# token extraction settings
token_extractors:
    authorization_header:      # look for a token as Authorization Header
        enabled: true
        prefix:  Bearer
        name:    Authorization
    cookie:                    # check token in a cookie
        enabled: false
        name:    BEARER
    query_parameter:           # check token in query string parameter
        enabled: false
        name:    bearer

routing.yml

api_login_check:
path: /api/login_check

If anyone has any suggestions please let me know. I'm stumped over this.

  • 写回答

1条回答 默认 最新

  • doute3621 2016-12-23 16:30
    关注

    You need to remove the in memory user provider:

    providers:
        fos_userbundle:
             id: fos_user.user_provider.username
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 在获取boss直聘的聊天的时候只能获取到前40条聊天数据
  • ¥20 关于URL获取的参数,无法执行二选一查询
  • ¥15 液位控制,当液位超过高限时常开触点59闭合,直到液位低于低限时,断开
  • ¥15 marlin编译错误,如何解决?
  • ¥15 有偿四位数,节约算法和扫描算法
  • ¥15 VUE项目怎么运行,系统打不开
  • ¥50 pointpillars等目标检测算法怎么融合注意力机制
  • ¥20 Vs code Mac系统 PHP Debug调试环境配置
  • ¥60 大一项目课,微信小程序
  • ¥15 求视频摘要youtube和ovp数据集