[英]Symfony LexikJWTAuthenticationBundle Unable to authenticate
I'm encountering an issue with the JWT Auth bundle on Symfony 3. I've followed instructions from their github README but just can't seem to figure out where I've gone wrong or what is going wrong. 我在Symfony 3上遇到JWT Auth捆绑包的问题。我已经按照他们的github自述文件中的说明进行操作,但似乎无法弄清楚哪里出了问题或出了什么问题。
I am using Symfony 3.1.1, With LexikJWTAuthenticationBundle 2.0 And FriendsofSymfony userbundle. 我正在使用LexikJWTAuthenticationBundle 2.0和FriendsofSymfony userbundle的Symfony 3.1.1。
The problem: Whenever I try to log in as instructed in their example via (with user and password substituted): 问题:每当我尝试按照其示例中的说明通过(使用用户名和密码替换)登录时:
curl -X POST http://192.168.33.30/api/login_check -d _username=johndoe -d _password=test
I get: 我得到:
{"code":401,"message":"Bad credentials"}
If I generate the token manually via: 如果我通过以下方式手动生成令牌:
$jwtManager = $this->container->get('lexik_jwt_authentication.jwt_manager');
$userManager = $this->container->get('fos_user.user_manager');
$user = $userManager->findUserByEmail('emailhere');
dump($jwtManager->create($user));
I get given quite a lengthy token. 我得到了一个很长的令牌。 And then using that in postman as a Header with key "Authorization" value: "Bearer " 然后在邮递员中将其用作具有“授权”键值的标头:“载体”
I then try to call an endpoint under the firewalled url and the failure_handler is triggered. 然后,我尝试在防火墙URL下调用终结点,并触发failure_handler。 It manages to extract from the token the data, ie the email I encoded in the token and so on. 它设法从令牌中提取数据,即我在令牌中编码的电子邮件,依此类推。 But I always get the failure. 但是我总是失败。
My other data is: 我的其他数据是:
security.yml security: encoders: FOS\\UserBundle\\Model\\UserInterface: bcrypt security.yml安全性:编码器:FOS \\ UserBundle \\ Model \\ UserInterface:bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
in_memory:
memory: ~
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
main:
pattern: ^/
form_login:
provider: fos_userbundle
# csrf_token_generator: security.csrf.token_manager
logout: true
anonymous: true
config.yml 配置文件
lexik_jwt_authentication:
private_key_path: %jwt_private_key_path%
public_key_path: %jwt_public_key_path%
pass_phrase: %jwt_key_pass_phrase%
token_ttl: %jwt_token_ttl%
# key under which the user identity will be stored in the token payload
user_identity_field: email
# token encoding/decoding settings
encoder:
# token encoder/decoder service - default implementation based on the namshi/jose library
service: lexik_jwt_authentication.encoder.default
# crypto engine used by the encoder service
crypto_engine: openssl
# encryption algorithm used by the encoder service
signature_algorithm: RS256
# token extraction settings
token_extractors:
authorization_header: # look for a token as Authorization Header
enabled: true
prefix: Bearer
name: Authorization
cookie: # check token in a cookie
enabled: false
name: BEARER
query_parameter: # check token in query string parameter
enabled: false
name: bearer
routing.yml routing.yml
api_login_check:
path: /api/login_check
If anyone has any suggestions please let me know. 如果有人有任何建议,请告诉我。 I'm stumped over this. 我为此感到难过。
You need to remove the in memory user provider: 您需要删除内存用户提供程序:
providers:
fos_userbundle:
id: fos_user.user_provider.username
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.