I am trying to use LexikJWTAuthenticationBundle with FOSUserBundle in my Symfony 2.7 application.
In principle, the FOSUserBundle configuration works fine: I load my devices correctly, and if I try to log in through the login form, it will be successful.
Getting a token from login_check also works. Then I put the Authorization heading in the “Bearer” heading and try to access another page. This is always a 401 result.
Does anyone lead on what might be the problem or how to start debugging?
Here is my configuration:
# app/config/config.yml # DunglasJsonLdApi dunglas_json_ld_api: title: %api_name% description: %api_description% default: order: DESC # FOSUserBundle fos_user: db_driver: orm firewall_name: api user_class: ApiBundle\Bundles\UserBundle\Entity\User # LewikJWTAuthentificationBundle lexik_jwt_authentication: private_key_path: %kernel.root_dir%/config/jwt/private.pem public_key_path: %kernel.root_dir%/config/jwt/public.pem pass_phrase: %jwt_pass_phrase% token_ttl: 86400
# app/config/routing.yml # DunglasJsonLdBundle api_doc: resource: @DunglasJsonLdApiBundle/Resources/config/routing.xml prefix: /api api: resource: . type: json-ld prefix: /api # FOSUserBundle fos_user_security_login: path: /login defaults: { _controller: FOSUserBundle:Security:login } fos_user_security_check: path: /api/login_check defaults: { _controller: FOSUserBundle:Security:check } fos_user_security_logout: path: /logout defaults: { _controller: FOSUserBundle:Security:logout }
# app/config/security.yml security: encoders: FOS\UserBundle\Model\UserInterface: sha512 role_hierarchy: ROLE_CA: ROLE_USER ROLE_SUPER_ADMIN: [ ROLE_CA, ROLE_ALLOWED_TO_SWITCH ] providers: fos_userbundle: id: fos_user.user_provider.username_email firewalls: dev: pattern: ^/(_(profiler|wdt|error)|css|images|js)/ security: false login: pattern: ^/login|^/api/login provider: fos_userbundle stateless: true anonymous: true form_login: login_path: fos_user_security_login check_path: fos_user_security_check username_parameter: username password_parameter: password success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure require_previous_session: false api: pattern: ^/api provider: fos_userbundle stateless: true anonymous: true lexik_jwt: access_control: - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/api/login$, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/, role: IS_AUTHENTICATED_FULLY }
Available application here .
source share