5
votes

I try to implement LexikJWT authentication to my symfony/mongodb project, I succeeded to authenticate through a static users (in_memory), but I have no idea how to exploit it with my own user class, here's my code-lines:

Security.yml

security:
    encoders:
        Symfony\Component\Security\Core\User\User: plaintext
#
#    role_hierarchy:
#        ROLE_USER:        ROLE_USER
#        ROLE_CLIENT:      ROLE_CLIENT
#        ROLE_ADMIN:       ROLE_ADMIN

    providers:
        in_memory:
            memory:
                users:
                    wajdi:
                        password: wajdi
                        roles: 'ROLE_USER'
                    aymen:
                        password: aymen
                        roles: 'ROLE_ADMIN'

    firewalls:

        login:
            pattern:  ^/api/login
            stateless: true
            anonymous: true
            form_login:
                check_path:               /api/login_check
                success_handler:          lexik_jwt_authentication.handler.authentication_success
                failure_handler:          lexik_jwt_authentication.handler.authentication_failure
                require_previous_session: false

        api:
            pattern:   ^/api
            stateless: true
            anonymous: true
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator

    access_control:
        - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api,       roles: IS_AUTHENTICATED_ANONYMOUSLY }

I can get the token successfully after running the following command line:

curl -X POST http://192.168.1.13:8000/api/login_check -d _username=wajdi -d _password=wajdi

Now I want to set my User document as provider, so I updated to be like this:

security:
    encoders:
        Symfony\Component\Security\Core\User\User: plaintext

    providers:
        jwt:
            lexik_jwt:
                class: ApiBundle\Security\User

    firewalls:
        login:
            pattern:  ^/api/login
            stateless: true
            anonymous: true
            form_login:
                check_path:               /api/login_check
                success_handler:          lexik_jwt_authentication.handler.authentication_success
                failure_handler:          lexik_jwt_authentication.handler.authentication_failure
                require_previous_session: false

        api:
            pattern:   ^/api
            stateless: true
            anonymous: true
            provider: jwt
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator

    access_control:
        - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api,       roles: IS_AUTHENTICATED_ANONYMOUSLY }

And that's it my User document:

<?php

namespace ApiBundle\Document;

use Doctrine\ODM\MongoDB\Mapping\Annotations as MongoDB;

/**
 * @MongoDB\Document
 * @MongoDB\InheritanceType("COLLECTION_PER_CLASS")
 */
class User
{
    /**
     * @MongoDB\Id
     */

    protected $id;

    /**
     * @MongoDB\Field(type="string")
     */

    protected $username;

    /**
     * @MongoDB\Field(type="string")
     */

    protected $email;

    /**
     * @MongoDB\Field(type="string")
     */

    protected $password;

    /**
     * Get id
     *
     * @return id $id
     */
    public function getId()
    {
        return $this->id;
    }

    /**
     * Set username
     *
     * @param string $username
     * @return self
     */
    public function setUsername($username)
    {
        $this->username = $username;
        return $this;
    }

    /**
     * Get username
     *
     * @return string $username
     */
    public function getUsername()
    {
        return $this->username;
    }

    /**
     * Set email
     *
     * @param string $email
     * @return self
     */
    public function setEmail($email)
    {
        $this->email = $email;
        return $this;
    }

    /**
     * Get email
     *
     * @return string $email
     */
    public function getEmail()
    {
        return $this->email;
    }

    /**
     * Set password
     *
     * @param string $password
     * @return self
     */
    public function setPassword($password)
    {
        $this->password = $password;
        return $this;
    }

    /**
     * Get password
     *
     * @return string $password
     */
    public function getPassword()
    {
        return $this->password;
    }
}

And I added the JWTUserInterface, I'm following that link https://github.com/lexik/LexikJWTAuthenticationBundle/blob/master/Resources/doc/8-jwt-user-provider.md

But it's not clear, there's no examples, I need to know more details, in other words how to set my User as provider (connection by username or email/password).

Keywords

  • Symfony 3.2
  • MongoDB 3.4.4
  • LexikJWTAuthenticationBundle

Thank you.

2

2 Answers

0
votes

Use this link .https://github.com/m0uj/symfony4-mongodb-jwt-starter It is really helpful . check the security.yaml file configurations and the User document if possible use mongodb provider as below: our_db_provider: mongodb: class: App\Document\ERPUserMaster property: username

0
votes

There's an example here:

https://symfony.com/doc/current/security/custom_provider.html

Assign a repository in the constructor of you webservice provider and then fetch the user using the repository.

In security.yml:

  • Your encoders needs to be your webserviceuser.
  • Your provider needs a webservice
  • The provider for the firewalled paths is webservice