NaryaV February 2016

Lexik JWT Token not found

I've seen similar questions but still can't get this to work.

I'm new with Symfony and I'm using Lexik JWT bundle with symfony3 for API authentication, and a login form for web authentication.

I get the token ok but when I try to use it I get 401 - Bad authentication. I've read it can be an apache problem so I'm trying with PHP's built-in web server, but still no luck.

Here's my security.yml file:

security:

encoders:
    AppBundle\Entity\User:
        algorithm: bcrypt

# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
    in_memory:
        memory: ~
    our_db_provider:
        entity:
            class: AppBundle:User
            property: username

firewalls:
    # disables authentication for assets and the profiler, adapt it according to your needs
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false

    login:
        pattern:  ^/api/login
        stateless: true
        anonymous: true
        form_login:
            check_path:               /api/login_check
            success_handler:          lexik_jwt_authentication.handler.authentication_success
            failure_handler:          lexik_jwt_authentication.handler.authentication_failure
            require_previous_session: false
        provider: our_db_provider

    api:
        pattern:   ^/api
        stateless: true
        provider: our_db_provider
        lexik_jwt:
          authorization_header: # check token in Authorization Header
            enabled: true
            prefix:  Bearer
          throw_exceptions:        true     # When an authentication failure occurs, return a 401 response immediately
          create_entry_point:      true      # When no authentication details are provided, create a default entry point that returns a 401 response


    main:
        anonymous: ~
        form_login:
          login_path: /login
          check_path: /login_check
         

Answers


Spomky February 2016

The authorization header should be

Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9....9YR_D7N9E

Post Status

Asked in February 2016
Viewed 3,287 times
Voted 12
Answered 1 times

Search




Leave an answer