我尝试对我的 symfony/mongodb 项目实施 LexikJWT 身份验证,我成功通过静态用户(in_memory)进行身份验证,但我不知道如何使用我自己的用户类来利用它,这是我的代码行:
安全.yml
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
#
# role_hierarchy:
# ROLE_USER: ROLE_USER
# ROLE_CLIENT: ROLE_CLIENT
# ROLE_ADMIN: ROLE_ADMIN
providers:
in_memory:
memory:
users:
wajdi:
password: wajdi
roles: 'ROLE_USER'
aymen:
password: aymen
roles: 'ROLE_ADMIN'
firewalls:
login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api
stateless: true
anonymous: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_ANONYMOUSLY }
运行以下命令行后,我可以成功获取令牌:
curl -X POST http://192.168.1.13:8000/api/login_check -d _username=wajdi -d _password=wajdi
现在我想将我的用户文档设置为提供者,所以我更新为这样:
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
providers:
jwt:
lexik_jwt:
class: ApiBundle\Security\User
firewalls:
login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api
stateless: true
anonymous: true
provider: jwt
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_ANONYMOUSLY }
这就是我的用户文档:
<?php
namespace ApiBundle\Document;
use Doctrine\ODM\MongoDB\Mapping\Annotations as MongoDB;
/**
* @MongoDB\Document
* @MongoDB\InheritanceType("COLLECTION_PER_CLASS")
*/
class User
{
/**
* @MongoDB\Id
*/
protected $id;
/**
* @MongoDB\Field(type="string")
*/
protected $username;
/**
* @MongoDB\Field(type="string")
*/
protected $email;
/**
* @MongoDB\Field(type="string")
*/
protected $password;
/**
* Get id
*
* @return id $id
*/
public function getId()
{
return $this->id;
}
/**
* Set username
*
* @param string $username
* @return self
*/
public function setUsername($username)
{
$this->username = $username;
return $this;
}
/**
* Get username
*
* @return string $username
*/
public function getUsername()
{
return $this->username;
}
/**
* Set email
*
* @param string $email
* @return self
*/
public function setEmail($email)
{
$this->email = $email;
return $this;
}
/**
* Get email
*
* @return string $email
*/
public function getEmail()
{
return $this->email;
}
/**
* Set password
*
* @param string $password
* @return self
*/
public function setPassword($password)
{
$this->password = $password;
return $this;
}
/**
* Get password
*
* @return string $password
*/
public function getPassword()
{
return $this->password;
}
}
我添加了 JWTUserInterface,我正在关注该链接 https://github.com/lexik/LexikJWTAuthenticationBundle/blob/master/Resources/doc/8-jwt-user-provider.md
但不清楚,没有例子,我需要了解更多细节,换句话说,如何将我的用户设置为提供者(通过用户名或电子邮件/密码连接)。
关键词
- Symfony 3.2
- MongoDB 3.4.4
- LexikJWTAuthenticationBundle
谢谢你。