Search code examples
phpsymfonysymfony4symfony-securitylexikjwtauthbundle

How to configured multiple user entity with JWT token?

I have multiple user entities (multiple tables):

  1. App\Entity\Customer

  2. App\Entity\Dealer

How to configured multiple user entity with JWT token?

encoders:
    App\Entity\Dealer:
        algorithm: bcrypt

    App\Entity\Customer:
        algorithm: bcrypt

providers:
    dealer:
        entity:
          class: App\Entity\Dealer
          property: username

    customer:
        entity:
            class: App\Entity\Customer
            property: username
Solution

  • There is nothing JWT specific for having multiple user providers.

    If both types of user need to log in to the same firewall (e.g. the same URL pattern), what you need to do is create a chain user provider so the system attempts to fetch a user from each of of the user providers:

    providers:
    ## ... your other providers up here.
    all_users:
          chain:
            providers: ['customer', 'dealer']

    You will need to use this provider in the firewall you want to protect:

    firewall:
    ## ... other firewall entries ...
    api:
      pattern:   ^/api
      stateless: true
      anonymous: true
      provider: all_users
      guard:
        authenticators:
          - lexik_jwt_authentication.jwt_token_authenticator

    You should also have separate login paths for each type of users, each with its own specific user provider:

    firewall:
###
    customer_login:
      pattern:  ^/auth/login/customer
      stateless: true
      anonymous: true
      provider: customer
      json_login:
        check_path: /auth/login/customer
        success_handler: lexik_jwt_authentication.handler.authentication_success
        failure_handler: lexik_jwt_authentication.handler.authentication_failure

    dealer_login:
      pattern: ^/auth/login/dealer
      stateless: true
      anonymous: true
      provider: dealer
      json_login:
        check_path: /auth/login/dealer
        success_handler: lexik_jwt_authentication.handler.authentication_success
        failure_handler: lexik_jwt_authentication.handler.authentication_failure

    Now your "dealers" get their token at /auth/login/dealer, and your "customers" get their token at /auth/login/customer.

    Since both dealer's and customer's providers are going to be checked in sequence, if you have users in both tables with the same username, it can be problematic (since the second provider will only be checked if the user is not found in the first one), so you should plan accordingly.