[英]Intercept the login_check path from symfony 4.4
I have a REST API made with symfony 4.4 and I am having problems in the authentication process.我有一个用 symfony 4.4 制作的 REST API,但我在身份验证过程中遇到了问题。 Everything works fine, but I am experiencing that sometimes the login_check returns 401 Unauthorized with users who days ago could access without problems.
一切正常,但我遇到有时 login_check 返回 401 Unauthorized 对于几天前可以毫无问题地访问的用户。 I am using LexikJWTAuthenticationBundle
我正在使用LexikJWTAuthenticationBundle
Security:安全:
security:
role_hierarchy:
ROLE_ADMIN: ROLE_ADMIN
ROLE_MANAGER: ROLE_MANAGER
ROLE_CLIENT: ROLE_CLIENT
ROLE_HOST: ROLE_HOST
encoders:
App\Entity\User:
algorithm: auto
providers:
app_user_provider:
entity:
class: App\Entity\User
property: email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/api/login
stateless: true
anonymous: true
json_login:
check_path: /api/login_check
success_handler: app.jwt_authenticator_success_handler
failure_handler: lexik_jwt_authentication.handler.authentication_failure
api:
pattern: ^/api
anonymous: true
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
main:
anonymous: ~
logout:
path: app_logout
delete_cookies: ['rhsso']
success_handler: logout_handler
# where to redirect after logout
# target: app_any_route
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
I have no idea what is going on.我不知道发生了什么。 I'm trying to at least log the time where the credentials are verified but I can't find a way to intercept the code for the login_check route.
我试图至少记录验证凭据的时间,但我找不到拦截 login_check 路由代码的方法。 I don't even know where that code is in symfony security.
我什至不知道该代码在 symfony 安全中的位置。 Any help with this?
有什么帮助吗? Thanks in advance.
提前致谢。
/api/login_check path is probably defined in /config/routes/jwt.yaml or somewere in the config/routes... /api/login_check 路径可能定义在 /config/routes/jwt.yaml 或 config/routes...
bin/console debug:router api_login_check
may or may not shed some light可能会或可能不会透露一些信息
and if you run如果你跑
bin/console debug:container lexik_jwt_authentication.jwt_token_authenticator
you should find the class to intercept.你应该找到要拦截的类。 Perhaps you could dig into the failure handler to find out why you get a 401. Token expiry sounds possible if its happening from time to time.
也许您可以深入研究失败处理程序以找出为什么会收到 401。如果不时发生令牌到期,这听起来可能是可能的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.