0

我在 Symfony 3 上遇到了 JWT Auth 捆绑包的问题。我按照他们的 github README 中的说明进行操作,但似乎无法弄清楚我哪里出了问题或出了什么问题。

我正在使用 Symfony 3.1.1、LexikJWTAuthenticationBundle 2.0 和 FriendsofSymfony userbundle。

问题: 每当我尝试按照他们的示例中的说明通过(替换用户和密码)登录时:

curl -X POST http://192.168.33.30/api/login_check -d _username=johndoe -d _password=test

我得到:

{"code":401,"message":"Bad credentials"}

如果我通过以下方式手动生成令牌:

        $jwtManager = $this->container->get('lexik_jwt_authentication.jwt_manager');
    $userManager = $this->container->get('fos_user.user_manager');
    $user = $userManager->findUserByEmail('emailhere');
    dump($jwtManager->create($user));

我得到了一个相当长的令牌。然后在邮递员中使用它作为带有关键“授权”值的标题:“承载”

然后我尝试调用防火墙 url 下的端点并触发 failure_handler。它设法从令牌中提取数据,即我在令牌中编码的电子邮件等等。但我总是失败。

我的其他数据是:

security.yml 安全性:编码器:FOS\UserBundle\Model\UserInterface:bcrypt

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_ADMIN


# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
    in_memory:
        memory: ~
    fos_userbundle:
        id: fos_user.user_provider.username
        firewalls:
    # disables authentication for assets and the profiler, adapt it according to your needs
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false
    login:
        pattern:  ^/api/login
        stateless: true
        anonymous: true
        form_login:
            check_path:               /api/login_check
            success_handler:          lexik_jwt_authentication.handler.authentication_success
            failure_handler:          lexik_jwt_authentication.handler.authentication_failure
            require_previous_session: false
    api:
        pattern:   ^/api
        stateless: true
        guard:
            authenticators:
                - lexik_jwt_authentication.jwt_token_authenticator
    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            # csrf_token_generator: security.csrf.token_manager

        logout:       true
        anonymous:    true

配置.yml

lexik_jwt_authentication:
private_key_path: %jwt_private_key_path%
public_key_path:  %jwt_public_key_path%
pass_phrase:      %jwt_key_pass_phrase%
token_ttl:        %jwt_token_ttl%
# key under which the user identity will be stored in the token payload
user_identity_field: email

# token encoding/decoding settings
encoder:
    # token encoder/decoder service - default implementation based on the namshi/jose library
    service:            lexik_jwt_authentication.encoder.default
    # crypto engine used by the encoder service
    crypto_engine:  openssl
    # encryption algorithm used by the encoder service
    signature_algorithm: RS256

# token extraction settings
token_extractors:
    authorization_header:      # look for a token as Authorization Header
        enabled: true
        prefix:  Bearer
        name:    Authorization
    cookie:                    # check token in a cookie
        enabled: false
        name:    BEARER
    query_parameter:           # check token in query string parameter
        enabled: false
        name:    bearer

路由.yml

api_login_check:
path: /api/login_check

如果有人有任何建议,请告诉我。我被这件事难住了。

4

1 回答 1

2

您需要删除内存中的用户提供程序:

providers:
    fos_userbundle:
         id: fos_user.user_provider.username
于 2016-12-23T16:30:55.483 回答