Skip to content
Advertisement

Check JWT (Firebase) Token with Symfony 5.3

I’m working on an API, and I had implemented a JWT to make it stateless. I created an AuthController, which returns a JWT when login information is correct. Here you can see the return code that generates the token:

JavaScript

This is the result when I run the authenticate method, un the URL localhost:8000/authenticate.
Now, what I would need to do is that, when a user tries to get another / URL, the program doesn’t allow him to reach it if he’s not passing the Bearer token in the request’s header. But it’s not working. The platform always allows me to enter any URL without setting an Authorization in the header.
Here’s my security file, where I tried to set this:

JavaScript

And, finally, here’s my AppSecurityJwtAuthenticator:

JavaScript

I’ve been looking at a lot of websites and tutorials, but not anyone is doing exactly what I need or are implementing very basic functionalities that don’t match with what I need. Almost all of that websites explain this using Symfony 4, but I’m using Symfony 5, so a lot of functions that use in tutorials are deprecated. Does someone know what I am missing?

Advertisement

Answer

You are probably missing access_control configuration in security.yaml:

JavaScript
User contributions licensed under: CC BY-SA
6 People found this is helpful
Advertisement