我想将身份验证登录集成到我的 REST Api 的后端。
我按照本教程在 REST-API 后端安装并配置了 LexikJWTAuthenticationBundle: https://www.youtube.com/watch?v=XT4oy1d1j-g
后端运行在 ngnix docker 容器中。
但是当我尝试使用
生成令牌时curl -X POST -H "Content-Type: application/json" docker-backend.test/api/login_check -d '{"username":"[email protected]","password":"1111"}'
我得到:
{"code":500,"message":"Unable to create a signed JWT from the given configuration."}
用户的数据库条目是通过Fixtures创建的:
$user = new User();
$user->setEmail('[email protected]');
$user->setRoles(['ROLE_USER']);
$user->setPassword(
//encode the password
$this->encoder->encodePassword($user, '1111')
);
$manager->persist($user);
$manager->flush();
密码的数据库条目是:
$argon2i$v=19$m=1024,t=2,p=2$b2hSY2pVYkc0Ym53V09Ucg$LBfYYmXE9/9h3VKkcdxHXwHNOIMgw/G6W89H7SU58Ns
我的 docker-compose.yaml:
version: "3.1"
services:
mysql:
image: mysql:5.7
#5.7 weil 8.0 eine unbekannte authentifizierungsmethode bei symfony4 hat
container_name: docker-symfony4-mysql
working_dir: /backend
volumes:
- ./backend:/backend
environment:
- MYSQL_ROOT_PASSWORD=secret
- MYSQL_DATABASE=rest-backend
- MYSQL_USER=homestead
- MYSQL_PASSWORD=secret
ports:
- "127.0.3.3:8002:3306"
backend-server:
image: nginx:alpine
container_name: docker-rest-backend-server
working_dir: /backend
volumes:
- ./backend:/backend
- ./phpdocker/nginx/nginx.conf:/etc/nginx/conf.d/default.conf
ports:
- "127.0.3.2:80:80"
depends_on:
- mysql
php-fpm:
build: phpdocker/php-fpm
container_name: docker-rest-php-fpm
working_dir: /backend
volumes:
- ./backend:/backend
- ./phpdocker/php-fpm/php-ini-overrides.ini:/etc/php/7.2/fpm/conf.d/99-overrides.ini
depends_on:
- mysql
frontend-server:
image: nginx:alpine
container_name: docker-rest-frontend-server
working_dir: /frontend
volumes:
- ./frontend:/frontend
- ./phpdocker/nginx-frontend/nginx.conf:/etc/nginx/conf.d/default.conf
ports:
- "127.0.3.1:80:80"
depends_on:
- mysql
安全.yaml
security:
encoders:
App\Entity\User:
algorithm: argon2i
providers:
app_user_provider:
entity:
class: App\Entity\User
property: email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/api/login
stateless: true
anonymous: true
json_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
api:
pattern: ^/api
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
main:
anonymous: true
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
lexik_jwt_authentication.yaml
lexik_jwt_authentication:
secret_key: '%kernel.project_dir%/config/jwt/private.pem'
public_key: '%kernel.project_dir%/config/jwt/public.pem'
pass_phrase: '%env(JWT_PASSPHRASE)%'
token_ttl: 3600
routes.yaml
api_login_check:
path: /api/login_check
.env
[...]
JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem
JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem
JWT_PASSPHRASE=8e5433ff410b05fe7dbb26ef6cdf9bae
如果您需要查看此处未发布的其他代码,请查看我的存储库: https://github.com/beerfekt/REST-API-Backend-Docker
我尝试了很多解决方案并搜索了很多网站,但没有任何效果。
我用给出的解决方案解决了这个问题 https://github.com/lexik/LexikJWTAuthenticationBundle/issues/532:
.env 文件中的我的密码与(验证 - 输入 config/jwt/private.pem 的密码:)中生成的密钥的短语不同。
现在Token已成功生成。