我有这个security.yml文件
# config/packages/security.yaml
security:
encoders:
FOSUserBundleModelUserInterface: bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/api/login
stateless: true
anonymous: true
json_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
api:
pattern: ^/api
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
oauth:
resource_owners:
facebook: "/secured/login_facebook"
google: "/secured/login_google"
login_path: fos_user_security_login
failure_path: fos_user_security_login
oauth_user_provider:
service: app.provider.oauth
logout: true
anonymous: true
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/, roles: IS_AUTHENTICATED_FULLY }
我的项目中有 2 个子应用程序:带有登录表单的管理面板 + 登录后的访问权限和 api。问题是登录工作正常,但是当我尝试访问/api/register时,出现错误:
"找不到 JWT 令牌">
你对此有想法吗?并且是否有可能有一个可以在非身份验证模式下访问的 API 列表?提前谢谢。
尽管您已经为access_control
下^/api/register
路径定义了IS_AUTHENTICATED_ANONYMOUSLY
,但您需要设置一个防火墙,允许匿名访问该路径。
下面的代码是如何实现这一点的示例。不幸的是,我现在无法测试它,因此,您可能需要根据需要对其进行调整。
示例 1:创建新防火墙:
firewalls:
// ... the other firewalls you have
register:
pattern: ^/api/register
anonymous: true
// ... other configs you might need
示例 2:将规则添加到现有防火墙条目:
firewalls:
// ... the other firewalls you have
login_register:
pattern: ^/api/
stateless: true
anonymous: true
json_login:
check_path: login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
register:
check_path: register
// ... other configs you might need