Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

JWT authentification with Symfony 2.7

I'm trying to use LexikJWTAuthenticationBundle with FOSUserBundle on my Symfony 2.7 application.

Basically, the FOSUserBundle config works fine: I properly load my fixtures and if I try to login via the login form it succeeds.

Getting the token from the login_check also works. Then I put the Authorization header with "Bearer " in the header and try to access to another page. It always result with a 401 response.

Has anyone any leads about what could be the problem or how to proceed to debug?

Here's my config:

# app/config/config.yml

# DunglasJsonLdApi
dunglas_json_ld_api:
    title:       %api_name%
    description: %api_description%
    default:
        order: DESC

# FOSUserBundle
fos_user:
    db_driver:     orm
    firewall_name: api
    user_class:    ApiBundle\Bundles\UserBundle\Entity\User

# LewikJWTAuthentificationBundle
lexik_jwt_authentication:
    private_key_path: %kernel.root_dir%/config/jwt/private.pem
    public_key_path:  %kernel.root_dir%/config/jwt/public.pem
    pass_phrase:      %jwt_pass_phrase%
    token_ttl:        86400
# app/config/routing.yml

# DunglasJsonLdBundle
api_doc:
    resource: @DunglasJsonLdApiBundle/Resources/config/routing.xml
    prefix:   /api

api:
    resource: .
    type:     json-ld
    prefix:   /api

# FOSUserBundle
fos_user_security_login:
    path:     /login
    defaults: { _controller: FOSUserBundle:Security:login }

fos_user_security_check:
    path:     /api/login_check
    defaults: { _controller: FOSUserBundle:Security:check }

fos_user_security_logout:
    path:     /logout
    defaults: { _controller: FOSUserBundle:Security:logout }
# app/config/security.yml

security:
    encoders:
        FOS\UserBundle\Model\UserInterface: sha512

    role_hierarchy:
        ROLE_CA:          ROLE_USER
        ROLE_SUPER_ADMIN: [ ROLE_CA, ROLE_ALLOWED_TO_SWITCH ]

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username_email

    firewalls:
        dev:
            pattern:   ^/(_(profiler|wdt|error)|css|images|js)/
            security:  false

        login:
            pattern:   ^/login|^/api/login
            provider:  fos_userbundle
            stateless: true
            anonymous: true
            form_login:
                login_path:               fos_user_security_login
                check_path:               fos_user_security_check
                username_parameter:       username
                password_parameter:       password
                success_handler:          lexik_jwt_authentication.handler.authentication_success
                failure_handler:          lexik_jwt_authentication.handler.authentication_failure
                require_previous_session: false

        api:
            pattern:   ^/api
            provider:  fos_userbundle
            stateless: true
            anonymous: true
            lexik_jwt:

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, role: IS_AUTHENTICATED_FULLY }

Complete application available here.

like image 278
Théo Avatar asked Apr 21 '15 22:04

Théo


1 Answers

It seems it works fine now. I did not change anything since the time I posted my question and before posting I rebooted my machine, restarted MySQL, nginx, PHP5-FPM and deleted Symfony cache, so I really fail to understand what happen...

like image 82
Théo Avatar answered Oct 11 '22 02:10

Théo