我正在构建一个API。当我创建用户时,我会收到一个令牌。但是当我更改用户的信息时无法重新连接,并且我收到带有消息"凭据错误"的 401 错误代码。请问如何解决问题?
我使用 FOSRestBundle、lexikJWTAuthenticator 和 NelmioCORSBundle
# security.yaml
security:
encoders:
AppEntityUser:
algorithm: argon2i
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
# used to reload user from session & other features (e.g. switch_user)
app_user_provider:
entity:
class: AppEntityUser
property: email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
signup:
pattern: ^/api/signup
stateless: true
anonymous: true
signin:
pattern: ^/api/signin
stateless: true
anonymous: true
json_login:
check_path: /api/signin
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
api:
pattern: ^/api
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
main:
anonymous: true
# activate different ways to authenticate
# https://symfony.com/doc/current/security.html#firewalls-authentication
# https://symfony.com/doc/current/security/impersonating_user.html
# switch_user: true
role_hierarchy:
ROLE_ADMIN: ROLE_USER
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/api/signin, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/signup, roles: IS_AUTHENTICATED_ANONYMOUSLY }
# - { path: ^/api, roles: IS_AUTHENTICATED_ANONYMOUSLY, methods: GET }
# - { path: ^/api, roles: IS_AUTHENTICATED_FULLY, methods: [PUT, DELETE, POST] }
# - { path: ^/admin, roles: ROLE_ADMIN }
# - { path: ^/profile, roles: ROLE_USER }
# lexik_jwt_authentication.yaml
lexik_jwt_authentication:
secret_key: '%env(resolve:JWT_SECRET_KEY)%'
public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
pass_phrase: '%env(JWT_PASSPHRASE)%'
token_ttl: 3600
谢谢
尝试再次重新生成 SSH 密钥
这是链接 词典JWT 生成 SSH 密钥
并确保在配置中具有pass_phrase
您是否尝试过重新生成令牌,或者使用新令牌获得 401。如果您更改了用户信息,则应重新连接并获取新令牌