php - Symfony 4 API Platform+LexikJWTAuthenticationBundle:错误的凭据
问题描述
我正在尝试使用 LexikJWTAuthenticationBundle 创建 JWT 身份验证。
在两者上http://127.0.0.1:8000/api/,http://127.0.0.1:8000/api/login_check?username=****&password=****我得到
{
"code": 401,
"message": "Bad credentials"
}
作为回应。
我的security.yaml看起来像这样:
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
App\Entity\User:
algorithm: bcrypt
providers:
my_provider:
entity:
class: App\Entity\User
property: username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/backend/api/login
stateless: true
form_login:
check_path: /backend/api/login_check
username_parameter: _username
password_parameter: _password
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
guard:
authenticators:
- App\Security\LoginFormAuthenticator
api:
pattern: ^/api
stateless: true
lexik_jwt: ~
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
routes.yaml是:
api_login_check:
path: api/login_check
lexik_jwt_authentication.yaml:_
lexik_jwt_authentication:
secret_key: '%kernel.project_dir%/config/jwt/private.pem' # required for token creation
public_key: '%kernel.project_dir%/config/jwt/public.pem' # required for token verification
pass_phrase: 'pass' # required for token creation, usage of an environment variable is recommended
token_ttl: 86400
实体/User.php文件:
<?php
namespace App\Entity;
use ApiPlatform\Core\Annotation\ApiResource;
use Doctrine\ORM\Mapping as ORM;
use FOS\UserBundle\Model\User as BaseUser;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* @ApiResource()
* @ORM\Table(name="user")
* @ORM\Entity(repositoryClass="App\Repository\UserRepository")
*/
class User implements UserInterface, \Serializable
{
/**
* @ORM\Id()
* @ORM\GeneratedValue()
* @ORM\Column(type="integer")
*/
private $id;
/**
* @ORM\Column(type="string", length=255)
*/
private $username;
/**
* @ORM\Column(type="string", length=255)
*/
private $fullname;
/**
* @ORM\Column(type="string", length=255)
*/
private $password;
/**
* @ORM\Column(type="string", length=255)
*/
private $email;
/**
* @ORM\Column(type="string", length=255, nullable=true)
*/
private $mobile;
/**
* @ORM\Column(type="string", length=255, nullable=true)
*/
private $bild;
/**
* @ORM\Column(type="boolean")
*/
private $status;
/**
* @ORM\Column(type="integer")
*/
private $usergroupid;
/**
* @ORM\Column(type="string", length=255, nullable=true)
*/
private $activewidgetid;
public function getId(): ?int
{
return $this->id;
}
public function getUsername(): ?string
{
return $this->username;
}
public function setUsername(string $username): self
{
$this->username = $username;
return $this;
}
public function getFullname(): ?string
{
return $this->fullname;
}
public function setFullname(string $fullname): self
{
$this->fullname = $fullname;
return $this;
}
public function getPassword(): ?string
{
return $this->password;
}
public function setPassword(string $password): self
{
$this->password = $password;
return $this;
}
public function getEmail(): ?string
{
return $this->email;
}
public function setEmail(string $email): self
{
$this->email = $email;
return $this;
}
public function getMobile(): ?string
{
return $this->mobile;
}
public function setMobile(?string $mobile): self
{
$this->mobile = $mobile;
return $this;
}
public function getBild(): ?string
{
return $this->bild;
}
public function setBild(?string $bild): self
{
$this->bild = $bild;
return $this;
}
public function getStatus(): ?bool
{
return $this->status;
}
public function setStatus(bool $status): self
{
$this->status = $status;
return $this;
}
public function setEnabled(bool $enabled): self
{
$this->enabled = $enabled;
return $this;
}
public function setSuperAdmin(bool $enabled): self
{
$this->enabled = $enabled;
return $this;
}
public function getUsergroupid(): ?int
{
return $this->usergroupid;
}
public function setUsergroupid(int $usergroupid): self
{
$this->usergroupid = $usergroupid;
return $this;
}
public function getActivewidgetid(): ?string
{
return $this->activewidgetid;
}
public function setActivewidgetid(?string $activewidgetid): self
{
$this->activewidgetid = $activewidgetid;
return $this;
}
public function getRoles()
{
return array('ROLE_ADMIN');
}
public function getSalt() {}
public function eraseCredentials() {}
public function serialize()
{
return serialize([
$this->id,
$this->username,
$this->password,
$this->email
]);
}
public function unserialize($string)
{
list (
$this->id,
$this->username,
$this->password,
$this->email
) = unserialize($string, ['allowed_classes' => false]);
}
}
我什至无法访问 Swagger,我的api_platfrom.yaml看起来像:
# api/config/packages/api_platform.yaml
api_platform:
swagger:
api_keys:
apiKey:
name: Authorization
type: header
密钥也被创建:
任何建议,解决方案?提前致谢
解决方案
我认为a更进一步。
我将security.yaml更改为:
security:
encoders:
App\Entity\User:
algorithm: bcrypt
providers:
entity_provider:
entity:
class: App\Entity\User
property: username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/login
stateless: true
anonymous: true
json_login:
check_path: /login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
register:
pattern: ^/register
stateless: true
anonymous: true
api:
pattern: ^/api
stateless: true
anonymous: false
provider: entity_provider
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/, roles: IS_AUTHENTICATED_FULLY }
现在我的http://localhost:8000/api/回应/api/login_check是
{
"code": 401,
"message": "JWT Token not found"
}
即使我尝试使用 CURL,我也会得到相同的响应:
/api 锁定在 LexikJTW 捆绑包之前,如下所示:https ://demo.api-platform.com
如何带回 api plafrom 并获取令牌作为响应?我已经没有想法和选择了......
推荐阅读
- java - 如何在 Android 中获取另一个类的字符串?
- kubernetes - k8s 就绪探测 - 带有 http get 的命令
- android - 检查 Url 完全加载的 Webview
- python - 如何拆分列表列表?
- jquery - 为选中的 p:selectOneRadio 项目设置样式
- java - 获取具有最大值的对象列表
- wordpress - 保存 Contact 7 表格以便稍后填写
- ios - 编写测试用例时弱变量变为零?
- python - 带有 FireO 的 Python 中的 Google Cloud Endpoint 框架
- java - 当我已经扩展了一个实现接口的类时,我应该显式地实现一个接口吗?