Saturday, March 12, 2022

[FIXED] Unable to auth to api platform with token

      , ,      No comments   

Issue

I set up an api with symfony api platform, when log in with user credentials (username and password) the api returns me token, but when i want to get list of users using this token i get following error :

{
    "code": 401,
    "message": "Invalid credentials."
}

Below is my security.yaml :

security:
enable_authenticator_manager: true
# https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
password_hashers:
    Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
    App\Entity\User:
        algorithm: auto

# https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
providers:
    # used to reload user from session & other features (e.g. switch_user)
    app_user_provider:
        entity:
            class: App\Entity\User
            property: email
firewalls:
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false
    login:
        pattern: ^/api/login
        stateless: true
        json_login:
            check_path: /api/login
            username_path: username
            password_path: password
            success_handler: lexik_jwt_authentication.handler.authentication_success
            failure_handler: lexik_jwt_authentication.handler.authentication_failure
    api:
        pattern: ^/api/
        stateless: true
        provider: app_user_provider
        jwt: ~
    main:
        lazy: true
        provider: app_user_provider

        # activate different ways to authenticate
        # https://symfony.com/doc/current/security.html#the-firewall

        # https://symfony.com/doc/current/security/impersonating_user.html
        # switch_user: true

# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
    # - { path: ^/admin, roles: ROLE_ADMIN }
    # - { path: ^/profile, roles: ROLE_USER }
    - { path: ^/api/docs, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY}
    # { path: ^/api/users, roles: IS_AUTHENTICATED_FULLY}

when@test:
    security:
        password_hashers: 
            Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
                algorithm: auto
                cost: 4 # Lowest possible value for bcrypt
                time_cost: 3 # Lowest possible value for argon
                memory_cost: 10 # Lowest possible value for argon

Someone knows why i cannot log in with valid token ?

*** update *** what i send :

curl -X 'GET' \
  'https://127.0.0.1:8001/api/users?page=1' \
  -H 'accept: application/ld+json' \
  -H 'Authorization: Bearer HERE_IS_MY_TOKEN'

Thanks for your help


Solution

You wrongly configured your app_user_provider with the property email but in your firewall you use the username field. You have to switch your provider property like this :

providers:
  # used to reload user from session & other features (e.g. switch_user)
  app_user_provider:
    entity:
      class: App\Entity\User
      property: username # and not email


Answered By - jean-max

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...