5

我正在使用 JWT 令牌包进行用户身份验证。当令牌过期时,我收到 500 服务器错误。取而代之的是,我如何返回带有错误代码和消息的 JsonResponse?

这是我的身份验证器类:

 class JwtTokenAuthentication extends AbstractGuardAuthenticator
{
/**
 * @var JWTEncoderInterface
 */
private $jwtEncoder;

/**
 * @var EntityManager
 */
private $em;

public function __construct(JWTEncoderInterface $jwtEncoder, EntityManager $em)
{
    $this->jwtEncoder = $jwtEncoder;
    $this->em = $em;
}


public function getCredentials(Request $request)
{
    $extractor = new AuthorizationHeaderTokenExtractor(
        'Bearer',
        'Authorization'
    );
    $token = $extractor->extract($request);
    if (!$token) {
        return null;
    }

    return $token;
}

public function getUser($credentials, UserProviderInterface $userProvider)
{
    $data = $this->jwtEncoder->decode($credentials);
    if(!$data){
      return null;
    }
    $user = $this->em->getRepository("AlumnetCoreBundle:User")->find($data["email"]);
    return $user;
}

public function checkCredentials($credentials, UserInterface $user)
{
    return true;
}

public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
{
    //todo
}

public function start(Request $request, AuthenticationException $authException = null)
{
    return new JsonResponse([
        'errorMessage' => 'auth required'
    ], Response::HTTP_UNAUTHORIZED);
}
}
4

2 回答 2

2

您可以在 try-catch 中解码令牌:

try {
    $data = $this->jwtEncoder->decode($credentials);
} catch (\Exception $e) {
    throw new \Symfony\Component\Security\Core\Exception\BadCredentialsException($e->getMessage(), 0, $e);
}

但是您可能必须实现缺失onAuthenticationFailure,因为抛出此异常会使它被调用。就像是:

public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
{
    return new JsonResponse([
        'errorMessage' => $exception->getMessage(),
    ], Response::HTTP_UNAUTHORIZED);
}

JWTTokenAuthenticator顺便说一句,LexikJWTAuthenticationBundle从 2.0 版本开始就内置了。我建议您在实现自己的身份验证器之前尝试使用它,或者至少扩展它

于 2017-03-31T16:40:07.497 回答
0

我将整个代码包含在一个 try catch 块中,当生成 JWT Token Expired 错误消息时,它被捕获在catch块中。

{ "error": 1, "status": 400, "msg": "Expired JWT Token", "data": [] }

/**
 * @Route("/api/tokens")
 * @Method("POST")
 */
public function newTokenAction(Request $request)
{
    try {
    $data['_username'] = $request->get('_username');
    $data['_password'] = $request->get('_password');
    if (empty($data['_username']) || empty($data['_password'])) {
        throw new \Exception('Username or password fields empty');
    }

    $user = $this->getDoctrine()->getRepository('AppBundle:User')->findOneBy(array('username' => $data['_username']));
    if (!$user) {
        throw new \Exception('Username or password does not exist');
    } else if ($user->hasRole('ROLE_SUPER_ADMIN')) {
        throw new \Exception('Admin is not allowed to login through app');
    } else if (!$user->getEnabled()) {
        throw new \Exception('User is not enabled');
    } else if ($user->getIsDeleted()) {
        throw new \Exception('User does not exist any more');
    }

    $isValid = $this->get('security.password_encoder')->isPasswordValid($user, $data['_password']);
    if (!$isValid) {
        throw new \Exception('Bad Credentials');
    }

    $token = $this->get('lexik_jwt_authentication.encoder')->encode(array(
        'username' => $data['_username'],
        'exp' => time() + 3600, 
        'secret_key' => ____________,
    ));

    $user->setAuthToken($token);
    $em = $this->getEntityManager();
    $em->persist($user);
    $em->flush();

    $json = $this->getJsonResponse(0, 200, 'User Logged In');

    $response = new Response($json);
    $response->headers->set('Content-Type', 'application/json');
    return $response;
} catch (\Exception $e) {
    // Using custom Execption class
    $customApiProblem = new CustomApiProblem(self::API_ERROR_TRUE, $httpStatusCode, $e->getMessage());
    $customApiProblem->set('data', $data);
    $serializer = $this->container->get('jms_serializer');
    $response_json = $serializer->serialize($customApiProblem->toArray(), 'json');
    return new Response($response_json, $statusCode);
}
}
于 2017-04-03T09:27:46.963 回答