I have an API project in Symfony. Authentication is secured by the JWT token. I want to allow 2 actions in the controller which can be used without login users.
I tried to allow in security.yaml access control without success.
access_control:
- { path: ^/api/point/.*/(elmeter|measurement)$, role: IS_AUTHENTICATED_ANONYMOUSLY }
/**
* @param string $sign
* @param Request $request
*
* @Route("/point/{sign}/elmeter", methods={"POST"}
*/
public function postPointElmeterAction(string $sign, Request $request)
{
...
}
/**
* @param string $sign
* @param Request $request
*
* @Route("/point/{sign}/measurement", methods={"POST"}, name="api_point_measurement")
*/
public function postPointMeasurementAction(string $sign, Request $request)
{
...
}
Thank you for every answer.
You need to specify this route in firewalls section in security.yaml like this:
security:
...
...
firewalls
point:
pattern: ^/api/point/.*/(elmeter|measurement)$
stateless: true
anonymous: true
access_control:
- { path: ^/api/point/.*/(elmeter|measurement)$, role: IS_AUTHENTICATED_ANONYMOUSLY }