I'm trying to make some experiments with JWT and PHP, but I cannot make the LexikJWTAuthenticationBundle work.
I created a Symfony project using composer composer create-project symfony/skeleton my_project
and install LexikJWTAuthenticationBundle with Symfony Flex composer req jwt-auth
Then I follow the Getting Started from project in Github (https://github.com/lexik/LexikJWTAuthenticationBundle/blob/master/Resources/doc/index.md#getting-started) but when I try to run the application I got this error message:
[Symfony\Component\Config\Exception\FileLoaderLoadException]
There is no extension able to load the configuration for "api_login_check" (in /home/alan/Desktop/auth/config/packages/routing.yaml). Looked for namespace "api_login_check", found "framework", "security", "lexik_jwt_authentication" in /home/alan/Desktop/auth/config/packages/routing.yaml (which is loaded in resource "/home/alan/Desktop/auth/config/packages/routing.yaml").
[Symfony\Component\DependencyInjection\Exception\InvalidArgumentException]
There is no extension able to load the configuration for "api_login_check" (in /home/alan/Desktop/auth/config/packages/routing.yaml). Looked for namespace "api_login_check", found "framework", "security", "lexik_jwt_authentication"
I created a repository in github with the code that is getting error https://github.com/alanoliveira/jwt_auth_test
Could someone give me some tip what I am doing wrong?
I found the solution!
Firstly, in the security.conf we need to add login and api firewalls before main firewall.
# config/packages/security.yaml
security:
# https://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
in_memory: { memory: ~ }
firewalls:
login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: ~
# activate different ways to authenticate
# http_basic: ~
# https://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate
# form_login: ~
# https://symfony.com/doc/current/cookbook/security/form_login_setup.html
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
Then the config of route needs to be defined in routes.yaml, and not in routing.yaml
# config/routes.yaml
api_login_check:
path: /api/login_check
Finally we need to remove the comments of the session lines in the framework.yaml
# config/packages/framework.yaml
framework:
secret: '%env(APP_SECRET)%'
#default_locale: en
#csrf_protection: ~
#http_method_override: true
#trusted_hosts: ~
# https://symfony.com/doc/current/reference/configuration/framework.html#handler-id
session:
# The native PHP session handler will be used
handler_id: ~
#esi: ~
#fragments: ~
php_errors:
log: true
It should do the job!
I hope it can help someone else with the same problem
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With