我不确定它是我的防火墙设置还是私钥,它正在工作然后我删除了目录并从 master 克隆必须直接复制我的 var/jwt 目录我想我忘了提交它或其他什么但现在我可以得到一个令牌
curl --request GET --url http://localhost/api/private --header 'authorization: Bearer TOKEN'
但是当尝试使用命令行 curl 或 php 中的令牌时,会被重定向回登录页面
我尝试将我的 ..private/public 密钥设置为 600,但没有帮助我的防火墙不应该改变
security:
encoders:
AccountBundle\Entity\User: bcrypt
providers:
account_users:
entity: { class: AccountBundle\Entity\User, property: email}
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
username_parameter: _username
password_parameter: _password
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
main:
anonymous: ~
guard:
authenticators:
- account.security.guard.authenticator.account_form_login_authenticator
logout:
path: security_logout
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
日志显示
[2017-06-30 13:08:55] security.DEBUG: Access denied, the user is not fully authenticated; redirecting to authentication entry point. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException(code: 403): Access Denied.