LexikJWTAuthenticationBundle - There is no extension able to load the configuration for "api_login_check"

Question

I'm trying to make some experiments with JWT and PHP, but I cannot make the LexikJWTAuthenticationBundle work.

I created a Symfony project using composer composer create-project symfony/skeleton my_project and install LexikJWTAuthenticationBundle with Symfony Flex composer req jwt-auth Then I follow the Getting Started from project in Github (https://github.com/lexik/LexikJWTAuthenticationBundle/blob/master/Resources/doc/index.md#getting-started) but when I try to run the application I got this error message:

[Symfony\Component\Config\Exception\FileLoaderLoadException]
There is no extension able to load the configuration for "api_login_check" (in /home/alan/Desktop/auth/config/packages/routing.yaml). Looked for namespace "api_login_check", found "framework", "security", "lexik_jwt_authentication" in /home/alan/Desktop/auth/config/packages/routing.yaml (which is loaded in resource "/home/alan/Desktop/auth/config/packages/routing.yaml").

[Symfony\Component\DependencyInjection\Exception\InvalidArgumentException]
There is no extension able to load the configuration for "api_login_check" (in /home/alan/Desktop/auth/config/packages/routing.yaml). Looked for namespace "api_login_check", found "framework", "security", "lexik_jwt_authentication"

I created a repository in github with the code that is getting error https://github.com/alanoliveira/jwt_auth_test

Could someone give me some tip what I am doing wrong?

Answer 1

I found the solution!

Firstly, in the security.conf we need to add login and api firewalls before main firewall.

# config/packages/security.yaml
security:
    # https://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
    providers:
        in_memory: { memory: ~ }
    firewalls:
        login:
            pattern:  ^/api/login
            stateless: true
            anonymous: true
            form_login:
                check_path:               /api/login_check
                success_handler:          lexik_jwt_authentication.handler.authentication_success
                failure_handler:          lexik_jwt_authentication.handler.authentication_failure
                require_previous_session: false

        api:
            pattern:   ^/api
            stateless: true
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator

        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            anonymous: ~

            # activate different ways to authenticate

            # http_basic: ~
            # https://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate

            # form_login: ~
            # https://symfony.com/doc/current/cookbook/security/form_login_setup.html

    access_control:
        - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api,       roles: IS_AUTHENTICATED_FULLY }

Then the config of route needs to be defined in routes.yaml, and not in routing.yaml

# config/routes.yaml
api_login_check:
    path: /api/login_check

Finally we need to remove the comments of the session lines in the framework.yaml

# config/packages/framework.yaml
framework:
    secret: '%env(APP_SECRET)%'
    #default_locale: en
    #csrf_protection: ~
    #http_method_override: true
    #trusted_hosts: ~
    # https://symfony.com/doc/current/reference/configuration/framework.html#handler-id
    session:
       # The native PHP session handler will be used
       handler_id: ~
    #esi: ~
    #fragments: ~
    php_errors:
        log: true

It should do the job!

I hope it can help someone else with the same problem