问题
I am following following tutorial about Backend API AUthentication using JWT. https://rojas.io/building-a-jwt-authenticator-in-symfony-4/
I have two authentication in my API.
- LoginAuthenticator
- JwtAuthenticator.
Below is my security.yaml file.
security:
encoders:
App\Entity\User:
algorithm: auto
providers:
app_user_provider:
entity:
class: App\Entity\User
property: email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: true
guard:
authenticators:
- App\Security\LoginAuthenticator
- App\Security\JwtAuthenticator
entry_point: App\Security\LoginAuthenticator
logout:
path: api_logout
success_handler: App\Security\JwtLogoutHandler
stateless: true
access_control:
# - { path: ^/admin, roles: ROLE_ADMIN }
# - { path: ^/profile, roles: ROLE_USER }
UserController
/**
* @Route("/profile", name="api_profile")
* @IsGranted("ROLE_USER")
*/
public function profile()
{
return $this->json(
[
"user" => $this->getUser(),
],
Response::HTTP_OK,
[],
[
"groups" => ["api"]
]
);
}
After I make the guard stateless I am not being able to access the profile page.
OnAuthenticationSucess of loginAuthenticator, it will create a cookie named jwt But when I try to access the profile page. It gives access denied.
Can anybody please tell why I am not being able to access profile page?
来源:https://stackoverflow.com/questions/60027486/how-to-implement-multiple-authentication-in-symfony