API-Platform JWT : No route found for “GET /api/lo

2020-03-30 04:56发布

问题:

I successfully installed API Platform, it works well with all my entities. Now i'm trying to add JWT authentication whith LexikJWTAuthenticationBundle, but when i send the request for login i get :

No route found for "GET /api/login"

My request :

http://localhost:8000/api/login?username=john&password=doe

I'm using Symfony 4, here is my security.yaml :

encoders:
    App\Entity\User:
        algorithm: bcrypt

providers:
    entity_provider:
        entity:
            class: App\Entity\User
            property: username

firewalls:
    login:
        pattern:  ^/api/login
        stateless: true
        anonymous: true
        provider: entity_provider
        json_login:
            check_path: /api/login
            username_path: email
            password_path: password
            success_handler: lexik_jwt_authentication.handler.authentication_success
            failure_handler: lexik_jwt_authentication.handler.authentication_failure

    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false

    main:
        pattern:   ^/
        provider: entity_provider
        stateless: true
        anonymous: true
        guard:
            authenticators:
                - lexik_jwt_authentication.jwt_token_authenticator

access_control:
    - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/api, roles: IS_AUTHENTICATED_FULLY }

I think the JWT bundle works well because when i try to access a resource, i get :

{"code":401,"message":"JWT Token not found"}

I think it's just a matter of routing, but as i'm quite a newbie to Symfony i don't know what to do...

I already tried to change patterns, check path...

Any hint ?

EDIT : i added this in routes.yaml :

api_login_check:
    path: /api/login

Now i have :

Unable to find the controller for path "/api/login". The route is wrongly configured.

More details from the logs :

WARNING 09:40:52 request Unable to look for the controller as the "_controller" parameter is missing.

ERROR 09:40:53 request Uncaught PHP Exception Symfony\Component\HttpKernel\Exception\NotFoundHttpException: "Unable to find the controller for path "/api/login". The route is wrongly configured."

回答1:

Check this link https://github.com/symfony/symfony-docs/pull/7081/files#diff-7f5c7908922a550bda01ab86f19f3938R119

You have to send your request to http://localhost:8000/api/login with a json body like this

{"username": "john","password": "doe"}

Also I recommend to read this "How to Build a JSON Authentication Endpoint" https://symfony.com/doc/current/security/json_login_setup.html

Thanks



回答2:

Thanks lvillarino, i already tried that without success but i think i made other mistake then... I tried again as i was quite sure that was the good direction and now it works !

This is my final configuration, maybe it will help someone... FYI, i'm using email/password as credentials.

security.yaml

providers:
    entity_provider:
        entity:
            class: App\Entity\User
            property: email
firewalls:
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false

    login:
        pattern:  ^/api/login
        stateless: true
        anonymous: true
        provider: entity_provider
        json_login:
            check_path: /api/login
            username_path: email
            password_path: password
            success_handler: lexik_jwt_authentication.handler.authentication_success
            failure_handler: lexik_jwt_authentication.handler.authentication_failure

    main:
        pattern:   ^/
        provider: entity_provider
        stateless: true
        anonymous: true
        guard:
            authenticators:
                - lexik_jwt_authentication.jwt_token_authenticator

encoders:
    App\Entity\User:
        algorithm: bcrypt

access_control:
    - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/api, roles: IS_AUTHENTICATED_FULLY }

routes.yaml

api_login_check:
    path: /api/login

I tried to login to my api using Postman using this url : http://localhost:8000/api/login

On the headers section i have :

Accept : application/json
Content-type: application/json

And on the body section (raw) :

{
    "email":"john@doe.fr",
    "password":"mypass"
}

The token is successfully generated and functional, it is accepted as Bearer in further api calls.

More information : i had problems with private and public keys generated using PuttyGen on windows, i always had bad credentials when using the generated token. I had to generate them on a linux environment using openssl, and now it works. Last information : i installed LexikJWTAuthenticationBundle with composer, i used the passphrase generated in .env file to generate the keys, as it's not very well explained in the installation process.