Code 401 Invalid JWT Token after login on Siteground

0
votes

I have this problem only in production, on Siteground (that use Nginx).

The project is divided as follows:

rest: symfony
front: angular

When i login (call login_check.json) receive correctly the token, after makes a call to a route that requires authentication and, verifying the header, correctly uses the generated token.

however return:

Code 401 Invalid JWT Token

this in details:

Response Header:
HTTP/1.1 401 Unauthorized
Server: nginx
Date: Wed, 26 Aug 2020 07:29:06 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
WWW-Authenticate: Bearer
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Vary: Authorization,Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

Request Header:
Accept: application/json, text/plain, */*
Accept-Encoding: gzip, deflate
Accept-Language: it-IT,it;q=0.9,en-US;q=0.8,en;q=0.7
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE1OTg0MjY5MzUsImV4cCI6MTU5OTAzMTczNSwicm9sZXMiOlsiUk9MRV9VU0VSIl0sInVzZXJuYW1lIjoiYWRtaW4ifQ.JriHlUxB6lbD8WZPR_-2XH1uAqRO4NEkkQiwTNUfgRPhNP63Y1tKFIK8hWAnr9CNECD-0hiuyD_Q-Ltlc7g5R4Xio3C0rkXwnpSAfktxag1C1rS1-gDSroHhEMhsiosrbiEtZeCXy154f7-1oAmGyLFxTnKeS8Vj09VWX2rpYBOdKLeTQKHxupul5gIqOyKaVE8sYbiVtCt6EAOWH72esdrwgSZy5sdNmcX4wqzLKKPPLRFiUdZ0EjZzZb7MreMY-w1qoPoqjyFTkT0sjxkPp6s1XSrkskwpklWvZGw2fZoRaapx31RVC7m_ws8TayvAOFcJbTgyZtKc9fZ90poPC0K0Y_pih-sXh2U40bq9N5gkCVkmpxA8t6YqLupl41B1E1urrtHf7dsIDaRkel73BCZc-s8HqYoOpNV9ZsutLMofCu55fEljSzK-EcSXdm7iZYgAtRTeZbBuiU4b6iBEyTncjOKg0tl35bCnoAHsg6yDVLWx6tIZIKl4gHKKqXR9ajI-JNhke23oFauVxxswR8T4WJ7nfQ8bxB2H-vmz31BbGcU1VKiqUGufsuh_2-GlaH8gWIqooxrfd-yA5__ispAVQ4Rab60uJgbQ2L36e2PGtmP7hIAplMTsDW4hjekZyir1GGxt-gVEN8p6FBIERMOiCcXWPlncB-T5OZ8JuLo
Connection: keep-alive
Host: example.com
Referer: http://example.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36

I looked for various solutions in this regard like tried via curl on CLI like:

curl -X POST -H "Content-Type: application / json" etc ..

but nothing, always the same 401 error.

Has anyone had problems on siteground with using JWT?

I leave you some symfony configuration files, maybe I forgot something

security.yaml

security:
    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
    encoders:
        App\Entity\User: bcrypt
    providers:
        fos_userbundle:
            id: fos_user.user_provider.username
#    providers:
#        in_memory: { memory: ~ }
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        login:
            pattern:  ^/login
            stateless: true
            anonymous: true
            json_login:
                check_path:               /login_check.json
                success_handler:          lexik_jwt_authentication.handler.authentication_success
                failure_handler:          lexik_jwt_authentication.handler.authentication_failure
                require_previous_session: false
                username_path: username
                password_path: password

        refresh:
            pattern:  ^/token_refresh.json
            stateless: true
            anonymous: true

        api:
            pattern:   ^/
            stateless: true
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator

        #main:
        #    anonymous: true
            # activate different ways to authenticate

            # http_basic: true
            # https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate

            # form_login: true
            # https://symfony.com/doc/current/security/form_login_setup.html

    # Easy way to control access for large sections of your site
    # Note: Only the *first* access control that matches will be used
    access_control:
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/token_refresh.json, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, roles: IS_AUTHENTICATED_FULLY }

lexik_jwt_authentication.yaml

lexik_jwt_authentication:
    secret_key: '%env(resolve:JWT_SECRET_KEY)%'
    public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
    pass_phrase: '%env(JWT_PASSPHRASE)%'
    token_ttl: 3600 # 1 Hour

UPDATE

I tried to make a call on the refresh_token.json, I expected the same error but in reality the call always with authorization Bearer + token works ... it generates a new token that I use again for the other calls but still the same problem code 401 Invalid JWT Token. At this point the problem I assume is not due to nginx but to the symfony JWT management ...

1
angularsymfonynginxjwtlexikjwtauthbundle
nginx does not use .htaccess files - yivi
Because the server is nginx? I don't know how that question is related to my comment, though. - yivi
No, it's not used. - yivi
That's only apache specific solution - Manoj Kumar
@ManojKumar in the afternoon I will be able to try, thanks for now. surely it is something like that, also because looking back in the angular project I have an authGuard that checks if jwtHelper.isTokenExpired then it throws me out but in reality I remain in the routes so the token is not expired but symfony deems it invalid ... damn I'll update you later, thanks again! - Nobady

1 Answers

0
votes

Solution:

as usual it was banal... I had not entered this in security.yaml:

pattern: ^/api

instead of:

pattern: ^/

damn...poor my eyes.