authentication_listener 使用 JWT 身份验证包时不工作
authentication_listener not working when using JWT Authentication bundle
由于旧的应用程序更改,我正在将 lexik/jwtautheticationbundle 版本 1.3 与 symfony 2.8 集成。
我已经设法集成并生成了 JWT 授权令牌,但我想在 lexit_jwt 中使用 cookie 和 authentication_listener,但我使用了它,但它没有任何效果。如果我使用 cookie,token 应该保存在 cookie 中,但它保存在 session 中。
谁能告诉我为什么启用 cookie 不起作用?
Security.yml
security:
encoders:
AppBundle\Entity\User:
algorithm: bcrypt
providers:
db_provider:
entity:
class: AppBundle:User
property: username
firewalls:
login:
pattern: ^/api/login
stateless: true
anonymous: true
provider: db_provider
form_login:
check_path: /api/login_check
username_parameter: username
password_parameter: password
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api
stateless: true
anonymous: true
provider: db_provider
lexik_jwt:
authentication_listener: storefront.listener.jwt_authentication
cookie:
enabled: true
name: IDENTITY
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
services.yml
# Learn more about services, parameters and containers at
# https://symfony.com/doc/current/service_container.html
parameters:
#parameter_name: value
services:
#service_name:
# class: AppBundle\Directory\ClassName
# arguments: ['@another_service_name', 'plain_value', '%parameter_name%']
storefront.listener.jwt_authentication:
class: AppBundle\Listener\AuthenticationListener
arguments:
- "@security.token_storage"
- "@security.authentication.manager"
- []
AuthenicationListener.php
<?php
namespace AppBundle\Listener;
use Lexik\Bundle\JWTAuthenticationBundle\Security\Authentication\Token\JWTUserToken;
use Lexik\Bundle\JWTAuthenticationBundle\Security\Firewall\JWTListener;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
class AuthenticationListener extends JWTListener
{
public function handle(GetResponseEvent $event): void
{
if (!($requestToken = $this->getRequestToken($event->getRequest()))) {
return;
}
$token = new JWTUserToken();
$token->setRawToken($requestToken);
try {
$authToken = $this->authenticationManager->authenticate($token);
$this->tokenStorage->setToken($authToken);
return;
} catch (AuthenticationException $failed) {
if ($this->config['throw_exceptions']) {
throw $failed;
}
}
}
}
我以为当启用cookie时,它会将token保存在浏览器的cookie中,但它意味着只从cookie中读取token。所以我想到了自己。无论如何谢谢你
由于旧的应用程序更改,我正在将 lexik/jwtautheticationbundle 版本 1.3 与 symfony 2.8 集成。
我已经设法集成并生成了 JWT 授权令牌,但我想在 lexit_jwt 中使用 cookie 和 authentication_listener,但我使用了它,但它没有任何效果。如果我使用 cookie,token 应该保存在 cookie 中,但它保存在 session 中。
谁能告诉我为什么启用 cookie 不起作用?
Security.yml
security:
encoders:
AppBundle\Entity\User:
algorithm: bcrypt
providers:
db_provider:
entity:
class: AppBundle:User
property: username
firewalls:
login:
pattern: ^/api/login
stateless: true
anonymous: true
provider: db_provider
form_login:
check_path: /api/login_check
username_parameter: username
password_parameter: password
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api
stateless: true
anonymous: true
provider: db_provider
lexik_jwt:
authentication_listener: storefront.listener.jwt_authentication
cookie:
enabled: true
name: IDENTITY
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
services.yml
# Learn more about services, parameters and containers at
# https://symfony.com/doc/current/service_container.html
parameters:
#parameter_name: value
services:
#service_name:
# class: AppBundle\Directory\ClassName
# arguments: ['@another_service_name', 'plain_value', '%parameter_name%']
storefront.listener.jwt_authentication:
class: AppBundle\Listener\AuthenticationListener
arguments:
- "@security.token_storage"
- "@security.authentication.manager"
- []
AuthenicationListener.php
<?php
namespace AppBundle\Listener;
use Lexik\Bundle\JWTAuthenticationBundle\Security\Authentication\Token\JWTUserToken;
use Lexik\Bundle\JWTAuthenticationBundle\Security\Firewall\JWTListener;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
class AuthenticationListener extends JWTListener
{
public function handle(GetResponseEvent $event): void
{
if (!($requestToken = $this->getRequestToken($event->getRequest()))) {
return;
}
$token = new JWTUserToken();
$token->setRawToken($requestToken);
try {
$authToken = $this->authenticationManager->authenticate($token);
$this->tokenStorage->setToken($authToken);
return;
} catch (AuthenticationException $failed) {
if ($this->config['throw_exceptions']) {
throw $failed;
}
}
}
}
我以为当启用cookie时,它会将token保存在浏览器的cookie中,但它意味着只从cookie中读取token。所以我想到了自己。无论如何谢谢你