stackoom
  简体   繁体   中英

Concurrent requests for Symfony4 REST API (LexikJWTAuthenticationBundle)

 原文  2021-03-29 13:39:40       php/ symfony4/ restful-authentication/ lexikjwtauthbundle

Question

I'm a bit lost right now and could use a push in the right direction.

In short

  • PHP Symfony 4 project (mostly default configuration), hosted on Google Cloud App Engine
  • REST API, authentication via LexikJWTAuthenticationBundle
  • Requests need to pass auth token on every request (Symfony firewall is stateless: true )
  • Single Page Application as API consumer (React frontend)

In my use-case, one authenticated user opens page X . On this page, there are three different sections with data, that need to be loaded from the backend. Therefore, I have three API endpoints to be fetched.

When opening the page, these three requests aren't performed simultaniously, they wait for each other. In this SO question there's already mentioned, that Symfony doesn't support concurrent requests for one user session or one could manually close an open session. Since I'm not using sessions at all I don't want to mess with closing random stuff.

But my question: I believe having a stateless API, where the user isn't stored in a server session. I have to pass the JWT token on every request.

-> Should it be possible having the three authenticated requests being served in parallel with a stateless REST API - or isn't it just not possible as soon as 'a user is involved'?

fyi: Trying three requests for an un-authed endpoints shows me parallel requests.

Code fragments

security.yaml

    firewalls:
        login:
            pattern:  ^/api/v1/login
            stateless: true
            anonymous: true
            json_login:
                check_path:               /api/v1/login_check
                success_handler:          lexik_jwt_authentication.handler.authentication_success
                failure_handler:          lexik_jwt_authentication.handler.authentication_failure

        api:
            pattern:   ^/api/v1
            stateless: true
            access_denied_handler: App\Security\AccessDeniedHandler
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator


    access_control:
        - { path: ^/api/v1/, role: IS_AUTHENTICATED_FULLY }

1 answers

solution1
 0  2021-03-31 16:34:06

Okay, nevermind, it was a configuration problem with my Staging environment. For the API endpoint I tested, a session was created.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Symfony 4 API Platform+LexikJWTAuthenticationBundle : Bad credentials Using GMAIL API with Symfony4 Symfony not serving concurrent requests Symfony LexikJWTAuthenticationBundle Unable to authenticate Symfony 4 - JWT not found with LexikJWTAuthenticationBundle symfony4 get header in api key authentificator Symfony4 - Where process the payload in restful api Forward Requests to another Controller does not work - symfony4 How to hide an entity property in Symfony4 api-platform Evade database errors in concurrent requests (PHP and Symfony)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM