Clever Geek Handbook

Symfony 2: manual login and Json Web Token

I have a problem with my current project. I am using Symfony 2.6, this project is an API called my frontend. The authentication and login protocol is very specific, it uses middleware (different website).

I am adding a package called JWTAuthenticationWebToken So I need to manually log in due to using middleware. I installed the package correctly and added the correct settings, but this custom provider is never called.

How do I implement it with a user manual?

My controller:

<?php $token = new UsernamePasswordToken($user, null, "login", $user->getRoles());
            $this->get("security.context")->setToken($token); //now the user is logged in
            //now dispatch the login event
            $request = $this->get("request");
            $event = new InteractiveLoginEvent($request, $token);
            $this->get("event_dispatcher")->dispatch("security.interactive_login", $event); ?>

security.yml

firewalls:
    # disables authentication for assets and the profiler, adapt it according to your needs
    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false
    # the login page has to be accessible for everybody
    demo_login:
        pattern:  ^/demo/secured/login$
        security: false
    login:
        pattern:   /api/user/uber/f6d75c949cda2517b826cacba5523792
        stateless: true
        anonymous: true
        form_login:
            check_path:               /api/user/uber/f6d75c949cda2517b826cacba5523792
            success_handler:          lexik_jwt_authentication.handler.authentication_success
            failure_handler:          lexik_jwt_authentication.handler.authentication_failure
            require_previous_session: false

    api:
        pattern:   ^/(api)
        stateless: true
        lexik_jwt: ~

I also wrote two files "ApiKeyAuthenticator" and "ApiKeyUserProvider" as specified here for manual authorization. http://symfony.com/doc/current/cookbook/security/api_key_authentication.html

EDIT: I also created the listeners mentioned in LexikJWTAuthenticationBundle doc '

what's wrong?:(

thanks for the help

+3


source to share


1 answer


After a lot of searching (google, stackoverflow, sample applications, bundle doc, ...) it seems that there was no suggested solution for manually authenticating users from a controller.

Also, I had to open source, find which method is called to generate a token on a successful authentication event ( source code ), and finally adapt the code to my need (register / Login user to API from Facebook login response in mobile app ).

My alternative:



// SecurityController.php

protected function generateToken($user, $statusCode = 200)
{
    // Call jwt_manager service & create the token
    $token = $this->get('lexik_jwt_authentication.jwt_manager')->create($user);

    // If you want, add some user informations
    $userInformations = array(
        'id'         => $user->getId(),
        'username'   => $user->getUsername(),
        'email'      => $user->getEmail(),
        'roles'      => $user->getRoles(),
    );

    // Build your response
    $response = array(
        'token' => $token,
        'user'  => $user,   
    );

    // Return the response in JSON format
    return new JsonResponse($response, $statusCode);
}

The token will be returned just like the classic login_check handler and will have the same time before expiration.

Hope this help for the following users.

+1


source






More articles:


All Articles