猿问

Symfony 4 - LexikJWTAuthenticationBundle 未找到 JWT

下午好,


我尝试在我的项目中使用 LexikJWTAuthenticationBundle,但我遇到了未生成令牌的问题。我已在 var/jwt 目录中设置私钥和公钥。


当我尝试使用登录路由时,API 返回此响应:


{

    "code": 401,

    "message": "JWT Token not found"

}

阿帕奇虚拟主机:


<VirtualHost *:80>

    ServerName ypostirixi

    DocumentRoot "/var/www/ypostirixi/public"


    RewriteEngine On

    RewriteCond %{HTTP:Authorization} ^(.*)

    RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

</VirtualHost>

公共目录中的.htaccess文件:


<IfModule mod_rewrite.c>

    RewriteEngine On


    RewriteCond %{HTTP:Authorization} ^(.*)

    RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]


    # Send would-be 404 requests to Craft

    RewriteCond %{REQUEST_FILENAME} !-f

    RewriteCond %{REQUEST_FILENAME} !-d

    RewriteRule (.+) index.php?p=$1 [QSA,L]

</IfModule>

security.yaml 安全性:


encoders:

    App\Entity\User:

        algorithm: bcrypt

providers:

    doctrine_provider:

        entity:

            class: App\Entity\User

            property: email


firewalls:

    dev:

        pattern: ^/(_(profiler|wdt)|css|images|js)/

        security: false

    api_doc:

        pattern:  ^/api/doc

        security: false

    api:

        pattern:   ^/api

        stateless: true

        guard:

            authenticators:

                - lexik_jwt_authentication.jwt_token_authenticator

    main:

        pattern:   ^/

        stateless: true

        guard:

            authenticators:

                - lexik_jwt_authentication.jwt_token_authenticator

        provider: doctrine_provider


access_control:

    - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }

    - { path: ^/api,       roles: IS_AUTHENTICATED_FULLY }

我希望成功使用登录路由并在其他路由上生成有效令牌。


拉莫斯之舞
浏览 97回答 3
3回答

慕森王

也许您忘记在防火墙部分或登录参数(电子邮件作为用户名)中配置登录防火墙..检查这个1配置/包/security.yaml    firewalls:        login:            pattern:  ^/api/login            stateless: true            anonymous: true            form_login:                check_path:               /api/login_check                username_parameter: email                password_parameter: password                success_handler:          lexik_jwt_authentication.handler.authentication_success                failure_handler:          lexik_jwt_authentication.handler.authentication_failure                require_previous_session: false        api:            pattern:   ^/api            stateless: true            guard:               authenticators:                   - lexik_jwt_authentication.jwt_token_authenticator        access_control:            - { path: ^/api/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }            - { path: ^/api/, role: IS_AUTHENTICATED_FULLY }2配置/routes.yamlapi_login_check:    path: /api/login_check3用curl测试一下X POST -H "Content-Type: application/json" http://localhost/api/login_check -d '{"email":"user@example.com","password":"pass"}'

函数式编程

您不允许匿名访问任何防火墙。您应该将匿名选项添加到您的主防火墙中。&nbsp; &nbsp; main:&nbsp; &nbsp; &nbsp; &nbsp; pattern:&nbsp; &nbsp;^/&nbsp; &nbsp; &nbsp; &nbsp; stateless: true&nbsp; &nbsp; &nbsp; &nbsp; anonymous: true&nbsp; &nbsp; &nbsp; &nbsp; guard:&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; authenticators:&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; - lexik_jwt_authentication.jwt_token_authenticator&nbsp; &nbsp; &nbsp; &nbsp; provider: doctrine_provider

阿晨1998

我发现此升级存在问题,但我有解决方案。在 lexik_jwt_authentication.yaml 文件中:lexik_jwt_authentication:&nbsp; &nbsp; secret_key: '%env(resolve:JWT_SECRET_KEY)%'&nbsp; &nbsp; public_key: '%env(resolve:JWT_PUBLIC_KEY)%'&nbsp; &nbsp; pass_phrase: '%env(JWT_PASSPHRASE)%'&nbsp; &nbsp; token_ttl: '%env(JWT_TTL)%'&nbsp; &nbsp; token_extractors:&nbsp; &nbsp; &nbsp; &nbsp; authorization_header:&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; enabled: true&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; prefix:&nbsp; '%env(JWT_TOKEN_PREFIX)%'&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; name:&nbsp; &nbsp; Authorization&nbsp; &nbsp; user_identity_field: email
随时随地看视频慕课网APP
我要回答