I am tyring to set up symfony4 api JSON login by JWT. The api platform core bundle is installed and I followed this instruction: https://api-platform.com/docs/core/jwt/
I created the custom user provider as described. By opening the URL /api/login_check the error message "Unable to find the controller for path "/api/login_check". The route is wrongly configured." occurs.
By sending a POST request I get the error page in html.
This is my routes.yaml:
#index:
# path: /
# controller: App\Controller\DefaultController::index
api_login_check:
path: /api/login_check
And here is my security.yaml:
security:
encoders:
App\Security\User\WebserviceUser: bcrypt
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
webservice:
id: App\Security\User\WebserviceUserProvider
in_memory: { memory: ~ }
main:
entity: { class: App\Entity\User, property: email }
firewalls:
login:
pattern: ^/api/login
stateless: true
anonymous: true
provider: webservice
json_login:
check_path: /api/login_check
username_path: email
password_path: password
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
api:
pattern: ^/api
provider: webservice
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: ~
# activate different ways to authenticate
# http_basic: true
# https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
# form_login: true
# https://symfony.com/doc/current/security/form_login_setup.html
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
bin/console debug:route returns:
--------------------------- -------- -------- ------ -------------------------------------
Name Method Scheme Host Path
--------------------------- -------- -------- ------ -------------------------------------
api_entrypoint ANY ANY ANY /api/{index}.{_format}
api_doc ANY ANY ANY /api/docs.{_format}
api_jsonld_context ANY ANY ANY /api/contexts/{shortName}.{_format}
api_users_get_collection GET ANY ANY /api/users.{_format}
api_users_post_collection POST ANY ANY /api/users.{_format}
api_users_get_item GET ANY ANY /api/users/{id}.{_format}
api_users_delete_item DELETE ANY ANY /api/users/{id}.{_format}
api_users_put_item PUT ANY ANY /api/users/{id}.{_format}
_twig_error_test ANY ANY ANY /_error/{code}.{_format}
api_login_check ANY ANY ANY /api/login_check
--------------------------- -------- -------- ------ -------------------------------------
Does anybody know what my mistake is?
I ran into the same issue, and it appeared that the header
Content-Type: application/json
must be added when you requesting /api/login_check
Comment in security.yaml those lines:
main:
anonymous: true
Had same issue, but somehow when I changed order of nested config in firewall it solved that issue and lexik jwt started to work. my config:
security:
encoders:
App\Entity\User:
algorithm: bcrypt
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
# used to reload user from session & other features (e.g. switch_user)
app_user_provider:
entity:
class: App\Entity\User
property: email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
# activate different ways to authenticate
login:
pattern: ^/api/login
stateless: true
anonymous: true
json_login:
check_path: /api/login
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
api:
pattern: ^/api
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
main:
anonymous: true
# http_basic: true
# https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
# form_login: true
# https://symfony.com/doc/current/security/form_login_setup.html
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /api/user/activate, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
routes.yaml
app:
path: /{params}
controller: App\Controller\DefaultController::index
requirements:
params: "^(?!admin|api).+"
api_login_check:
path: /api/login
methods: [POST]
It seems like you haven't declared a Controller
for this path:
api_login_check:
path: /api/login_check
controller: App\Controller\AuthenticationController::login
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With