Search code examples
symfonylexikjwtauthbundleauthenticator

using symfony authenticator with lexik jwt authentication

I'm working on a symfony 4 project : I created a documented API with API Platform, API expose data to be using from external and now, I want to add a dashboard for administration. The API routes are protected with jwt lexik bundle and i generated symfony authenticator.

My security.yaml file :

security:
    encoders:
        App\Entity\AppUser:
            algorithm: auto
    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
    providers:
        # used to reload user from session & other features (e.g. switch_user)
        app_user_provider:
            entity:
                class: App\Entity\AppUser
                property: email
        # used to reload user from session & other features (e.g. switch_user)
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            stateless: true
            anonymous: true
            provider: app_user_provider
            json_login:
                check_path: /authentication_token
                username_path: email
                password_path: password
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator
                    - App\Security\LoginFormAuthenticator
                entry_point: lexik_jwt_authentication.jwt_token_authenticator
            logout:
                path: app_logout
                # where to redirect after logout
                # target: app_any_route
        refresh:
            pattern:  ^/token/refresh
            ...
    access_control:
        ....
        - { path: ^/administrator, roles: IS_AUTHENTICATED_FULLY }

I want to use the both : jwt token and symfony authenticator to be able to manage admin role and add an administration system to handle data for my project . Now when i open the url :

http://my-project/administrator

I got this message :

{"code":401,"message":"JWT Token not found"}
Solution

  • The question is kind old but just for the record I run into a similar need and solved it by using the isGranted Annotation as the documentation suggests:

    After creating the roles property as the documentation suggests for the User Entity you can validate if the user has access or not be declaring trought annotation on the method or the entire class:

    use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;

...

 /**
  * Require ROLE_ADMIN for *every* controller method in this class.
  *
  * @IsGranted("ROLE_ADMIN")
  */

    There is no need to declare access_control section on the security.yaml.