I want to use jwt token in my symfony project. But i have a problem because when i use: curl.exe -X POST -H "Content-Type: application/json" http://localhost:81/api/login_check -d '{"username": "f.djawid@outlook.com","password":"000000"}'
I get : {"code":401,"message":"JWT Token not found"}
This is my security.yml:
#/config/packages/security.yml
security:
encoders:
AppEntityUser:
algorithm: auto
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
# used to reload user from session & other features (e.g. switch_user)
app_user_provider:
entity:
class: AppEntityUser
property: email
# used to reload user from session & other features (e.g. switch_user)
# used to reload user from session & other features (e.g. switch_user)
# used to reload user from session & other features (e.g. switch_user)
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
api:
pattern: ^/api
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
login:
pattern: ^/api/login
stateless: true
anonymous: true
json_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
main:
anonymous: true
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/api/docs, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
As you can see i use the lexikJWTAthenticationBundle. I made a private key and public key with ssl.
I use docker to run the apache server where my localhost is running. This is my vhost config:
#/.docker/config/sf4.conf
<VirtualHost *:80>
Define server_name sf4.local
Define basedocroot /home/wwwroot/sf4
Define docrootweb ${basedocroot}/public
Define logdir /var/log/apache2/
<FilesMatch .php$>
SetHandler "proxy:fcgi://sf4_php:9000"
</FilesMatch>
ServerName ${server_name}
DocumentRoot ${docrootweb}
ErrorLog ${logdir}/error.log
CustomLog ${logdir}/access.log Combined
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
<Directory ${docrootweb}>
AllowOverride All
Require all granted
</Directory>
<Directory ${basedocroot}/var>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory ${docrootweb}>
DirectoryIndex ${docrootweb}/index.php
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::2$
RewriteRule ^(.*) - [E=BASE:%1]
RewriteCond %{HTTP:Authorization} .
RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^index.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^ - [L]
RewriteRule ^ %{ENV:BASE}/index.php [L]
</IfModule>
<IfModule !mod_rewrite.c>
<IfModule mod_alias.c>
RedirectMatch 302 ^/$ /index.php/
</IfModule>
</IfModule>
</Directory>
Undefine server_name
Undefine basedocroot
Undefine docrootweb
Undefine logdir
</VirtualHost>
I found on another post that the solution might be that i have to add the Rewrite for Autherization if i use Apache but its already added there and its still not posting the jwt token when used curl like i did above.
I also made user entity with make:user and i added the username, roles and password values in the table user. In the curl you can see that i use 000000 as the password. In the database this password is hashed with argon2i.
I really don’t know why i can’t see the jwt token. I have looked everywhere in the internet, but nothing seems to work for me.
EDIT
I also have this in the lexik_jwt_authentication.yml:
#/config/packages/lexik_jwt_authentication.yml
lexik_jwt_authentication:
secret_key: '%env(resolve:JWT_SECRET_KEY)%'
public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
pass_phrase: '%env(JWT_PASSPHRASE)%'
And this is what i defined in my .env file:
# /.env JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem JWT_PASSPHRASE=accountingmodule
Also when in the security.yml when i swap the login and api headers i get this error:
{"type":"https://tools.ietf.org/html/rfc2616#section-10","title":"An error occurred","status":400,"detail":"Invalid JSON.","class":"Symfony\Component\HttpKernel\Exception\BadRequestHttpException","trace":[{"namespace":"","short_class":"","class":"","type":"","function":"","file":"/home/wwwroot/sf4/vendor/symfony/security-http/Firewall/UsernamePasswordJsonAuthenticationListener.php","line":108,"args":[]},{"namespace":"Symfony\Component\Security\Http\Firewall","short_class":"UsernamePasswordJsonAuthenticationListener","class":"Symfony\Component\Security\Http\Firewall\UsernamePasswordJsonAuthenticationListener","type":"->","function":"authenticate","file":"/home/wwwroot/sf4/vendor/symfony/security-bundle/Debug/WrappedLazyListener.php","line":49,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"]]},{"namespace":"Symfony\Bundle\SecurityBundle\Debug","short_class":"WrappedLazyListener","class":"Symfony\Bundle\SecurityBundle\Debug\WrappedLazyListener","type":"->","function":"authenticate","file":"/home/wwwroot/sf4/vendor/symfony/security-http/Firewall/AbstractListener.php","line":27,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"]]},{"namespace":"Symfony\Component\Security\Http\Firewall","short_class":"AbstractListener","class":"Symfony\Component\Security\Http\Firewall\AbstractListener","type":"->","function":"__invoke","file":"/home/wwwroot/sf4/vendor/symfony/security-bundle/Debug/TraceableFirewallListener.php","line":62,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"]]},{"namespace":"Symfony\Bundle\SecurityBundle\Debug","short_class":"TraceableFirewallListener","class":"Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener","type":"->","function":"callListeners","file":"/home/wwwroot/sf4/vendor/symfony/security-http/Firewall.php","line":98,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"],["object","Generator"]]},{"namespace":"Symfony\Component\Security\Http","short_class":"Firewall","class":"Symfony\Component\Security\Http\Firewall","type":"->","function":"onKernelRequest","file":"/home/wwwroot/sf4/vendor/symfony/event-dispatcher/Debug/WrappedListener.php","line":126,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"],["string","kernel.request"],["object","Symfony\Component\HttpKernel\Debug\TraceableEventDispatcher"]]},{"namespace":"Symfony\Component\EventDispatcher\Debug","short_class":"WrappedListener","class":"Symfony\Component\EventDispatcher\Debug\WrappedListener","type":"->","function":"__invoke","file":"/home/wwwroot/sf4/vendor/symfony/event-dispatcher/EventDispatcher.php","line":264,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"],["string","kernel.request"],["object","Symfony\Component\HttpKernel\Debug\TraceableEventDispatcher"]]},{"namespace":"Symfony\Component\EventDispatcher","short_class":"EventDispatcher","class":"Symfony\Component\EventDispatcher\EventDispatcher","type":"->","function":"doDispatch","file":"/home/wwwroot/sf4/vendor/symfony/event-dispatcher/EventDispatcher.php","line":239,"args":[["array",[["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"]]],["string","kernel.request"],["object","Symfony\Component\HttpKernel\Event\RequestEvent"]]},{"namespace":"Symfony\Component\EventDispatcher","short_class":"EventDispatcher","class":"Symfony\Component\EventDispatcher\EventDispatcher","type":"->","function":"callListeners","file":"/home/wwwroot/sf4/vendor/symfony/event-dispatcher/EventDispatcher.php","line":73,"args":[["array",[["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"]]],["string","kernel.request"],["object","Symfony\Component\HttpKernel\Event\RequestEvent"]]},{"namespace":"Symfony\Component\EventDispatcher","short_class":"EventDispatcher","class":"Symfony\Component\EventDispatcher\EventDispatcher","type":"->","function":"dispatch","file":"/home/wwwroot/sf4/vendor/symfony/event-dispatcher/Debug/TraceableEventDispatcher.php","line":168,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"],["string","kernel.request"]]},{"namespace":"Symfony\Component\EventDispatcher\Debug","short_class":"TraceableEventDispatcher","class":"Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher","type":"->","function":"dispatch","file":"/home/wwwroot/sf4/vendor/symfony/http-kernel/HttpKernel.php","line":134,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"],["string","kernel.request"]]},{"namespace":"Symfony\Component\HttpKernel","short_class":"HttpKernel","class":"Symfony\Component\HttpKernel\HttpKernel","type":"->","function":"handleRaw","file":"/home/wwwroot/sf4/vendor/symfony/http-kernel/HttpKernel.php","line":80,"args":[["object","Symfony\Component\HttpFoundation\Request"],["integer",1]]},{"namespace":"Symfony\Component\HttpKernel","short_class":"HttpKernel","class":"Symfony\Component\HttpKernel\HttpKernel","type":"->","function":"handle","file":"/home/wwwroot/sf4/vendor/symfony/http-kernel/Kernel.php","line":201,"args":[["object","Symfony\Component\HttpFoundation\Request"],["integer",1],["boolean",true]]},{"namespace":"Symfony\Component\HttpKernel","short_class":"Kernel","class":"Symfony\Component\HttpKernel\Kernel","type":"->","function":"handle","file":"/home/wwwroot/sf4/public/index.php","line":25,"args":[["object","Symfony\Component\HttpFoundation\Request"]]}]}
Advertisement
Answer
So i just solved the problem. The problem was that i had to switch the position of login header and api header in security.yml. This time i used postman to test if it works and i get a token back. The reason why it’s still not working in my local server is because for some reason the symfony kernel isn’t giving any response, but that is entirly another problem.