symfony - Jwt身份验证包，注册后如何授权用户

Question

Symfony 3.3.10，lexik/jwt-authentication-bundle": "~2.0" 我有注册端点，我/api/registrations在其中创建用户并将其设置为 DB 并返回带有对象用户的 json。我有身份验证端点，/api/login_check其中 JWT 返回带有刷新令牌的令牌我的问题，如何在注册操作中调用 JWT 身份验证处理程序并返回带有刷新令牌而不是用户对象的令牌？

这是我的安全

        login:
        pattern:  ^/api/login
        stateless: true
        anonymous: true
        form_login:
            check_path: /api/login_check
            require_previous_session: false
            success_handler: lexik_jwt_authentication.handler.authentication_success
            failure_handler: lexik_jwt_authentication.handler.authentication_failure

    register:
        pattern:  ^/api/registrations
        stateless: true
        anonymous: true

和我对 reg 的行动

public function postRegistrationAction(Request $request)
{
    $em = $this->get('doctrine')->getManager();
    $encoder = $this->container->get('security.password_encoder');
    $logger = $this->container->get('logger');

    try {
        $auth = $this->get('app.auth');

        /** @var User $user */
        $user = $auth->validateEntites('request', User::class, ['registration']);
        $password = $request->request->get('_password');

        $user
            ->setPassword($encoder->encodePassword($user, $password));

        $em->persist($user);
        $em->flush();

        return $this->createSuccessResponse($user, ['profile'], true);
    } catch (ValidatorException $e) {
        $view = $this->view(['message' => $e->getErrorsMessage()], self::HTTP_STATUS_CODE_BAD_REQUEST);
        $logger->error($this->getMessagePrefix().'validate error: '.$e->getErrorsMessage());
    } catch (\Exception $e) {
        $view = $this->view((array) $e->getMessage(), self::HTTP_STATUS_CODE_BAD_REQUEST);
        $logger->error($this->getMessagePrefix().'error: '.$e->getMessage());
    }

    return $this->handleView($view);
}

score 0 · Accepted Answer

解决了，我重写AuthenticationSuccessHandler并添加了本地参数以返回事件数组，然后为此配置服务器并在注册操作中调用它

        login:
        pattern:  ^/api/login
        stateless: true
        anonymous: true
        form_login:
            check_path: /api/login_check
            require_previous_session: false
            username_parameter: _email
            password_parameter: _password
            success_handler: custom
            failure_handler: lexik_jwt_authentication.handler.authentication_failure

配置服务

    custom:
    class: "%app.authentication_success_handler.class%"
    arguments:
        - "@lexik_jwt_authentication.jwt_manager"
        - "@event_dispatcher"
    tags:
        - { name: monolog.logger, channel: security }

事件数据包含令牌信息

    public function handleAuthenticationSuccess(UserInterface $user, $jwt = null, $returnEvent = false)
{
    if (null === $jwt) {
        $jwt = $this->jwtManager->create($user);
    }

    $response = new JWTAuthenticationSuccessResponse($jwt);
    $event = new AuthenticationSuccessEvent(['token' => $jwt], $user, $response);

    $this->dispatcher->dispatch(Events::AUTHENTICATION_SUCCESS, $event);
    $response->setData($event->getData());

    if ($returnEvent) {
        return $event;
    }

    return $response;
}

接着

    public function postRegistrationAction(Request $request)
{
    $em = $this->get('doctrine')->getManager();
    $encoder = $this->container->get('security.password_encoder');
    $logger = $this->container->get('logger');

    try {
        $auth = $this->get('app.auth');

        /** @var User $user */
        $user = $auth->validateEntites('request', User::class, ['registration']);
        $password = $request->request->get('_password');

        $user
            ->setPassword($encoder->encodePassword($user, $password));
        $em->persist($user);
        $em->flush();
        $lexikJwtAuthentication = $this->get('custom');
        $event = $lexikJwtAuthentication->handleAuthenticationSuccess($user, null, true);

        return $this->createSuccessResponse($event->getData());

注册后的用户获得授权，我的操作返回令牌信息

symfony - Jwt身份验证包，注册后如何授权用户

1 回答 1

Related

Reference