0

I'm new to API-platform, trying to do JWT Authentification using FOSUserBundle.

I followed step by step https://symfony.com/doc/master/bundles/FOSUserBundle/index.html tutorial and after Step 5 when I try re-run step 1 I get err:

There is no extension able to load the configuration for "csrf_protection" (in E:\rest-api\app/config\config.yml). Looked for namespace "csrf_protection", f ound "framework", ...

Also I get the same error when I try update scheme. Any help ??

This is my security.yml

security:

    encoders:
            FOS\UserBundle\Model\UserInterface: bcrypt

    role_hierarchy:
            ROLE_ADMIN:       ROLE_USER
            ROLE_SUPER_ADMIN: ROLE_ADMIN


    # http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
    providers:
        in_memory:
            memory: ~

        fos_userbundle:
                    id: fos_user.user_provider.username


    firewalls:

        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:

          #  pattern: ^/(_(profiler|wdt)|css|images|js)/
          security: false


        main:
            pattern: ^/
            form_login:
                            provider: fos_userbundle
                            Scsrf_token_generator: security.csrf.token_manager
                            #csrf_provider: form.csrf_provider
            logout:       true
            anonymous:    true


    access_control:
                - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
                - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
                - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
                - { path: ^/admin/, role: ROLE_ADMIN }

This is what I add to config.yml

 api_platform:
    http_cache:
        invalidation:
            enabled: true
            #varnish_urls: '%varnish_urls%'
        max_age: 0
        shared_max_age: 3600
        vary: ['Content-Type', 'Authorization']
        public: true
    swagger:
        api_keys:
           - { name: 'Authorization', type: 'header'}
    enable_fos_user: true

fos_user:
    db_driver: orm # other valid values are 'mongodb' and 'couchdb'
    firewall_name: main
    user_class: AppBundle\Entity\AuthUser
    from_email:
        address: "%mailer_user%"
        sender_name: "%mailer_user%"

csrf_protection:
     enabled: false

AppKernel.php

public function registerBundles()
{
    $bundles = [
        new Symfony\Bundle\FrameworkBundle\FrameworkBundle(),
        new Symfony\Bundle\SecurityBundle\SecurityBundle(),
        new Symfony\Bundle\TwigBundle\TwigBundle(),
        new Symfony\Bundle\MonologBundle\MonologBundle(),
        new Symfony\Bundle\SwiftmailerBundle\SwiftmailerBundle(),
        new Doctrine\Bundle\DoctrineBundle\DoctrineBundle(),
        new Sensio\Bundle\FrameworkExtraBundle\SensioFrameworkExtraBundle(),
        new ApiPlatform\Core\Bridge\Symfony\Bundle\ApiPlatformBundle(),
        new Nelmio\CorsBundle\NelmioCorsBundle(),
        new AppBundle\AppBundle(),
        new Lexik\Bundle\JWTAuthenticationBundle\LexikJWTAuthenticationBundle(),
        new FOS\UserBundle\FOSUserBundle(),
        new Doctrine\Bundle\MigrationsBundle\DoctrineMigrationsBundle(),
    ];

Any suggestuion/help ?

4

2 回答 2

0

从 config.yml 中删除此 csrf_protection 配置

csrf_protection:
     enabled: false
于 2017-12-13T15:39:30.450 回答
0

我认为您的配置中有错误的配置,请阅读此文档:https ://api-platform.com/docs/core/fosuser-bundle/他们有一个很好的 JWT 身份验证与 api-platform 集成的教程。祝你好运 !

于 2017-12-13T18:05:13.150 回答