not able to authenticate with LexikJWTAuthenticationBundle on Symfony 3.4

Question

In my Symfony (3.4.24) project with FOSUserBundle (2.0.2) I installed LexikJWTAuthenticationBundle (2.6.3).

I installed and configured everything like said on the github page. When running the following suggested curl command

curl -X POST -H "Content-Type: application/json" http://127.0.0.1:8000/app_dev.php/api/login_check -d "{\"username\":\"johndoe\",\"password\":\"test\"}"

I allways get the following 401 response. The response is the same for a non existing user or wrong password as well as for an existing valid user with correct password.

{"code":401,"message":"Bad credentials"}

My setup is the following:

config.yml: (if I need to add more details let me know)

lexik_jwt_authentication:
    secret_key:       "%kernel.root_dir%/config/jwt/private.pem" # required for token creation
    public_key:       "%kernel.root_dir%/config/jwt/public.pem"  # required for token verification
    pass_phrase:      "%jwt_key_pass_phrase%" # required for token creation, usage of an environment variable is recommended
    token_ttl:        "%jwt_token_tll%"

security.yml:

    encoders:
        FOS\UserBundle\Model\UserInterface: bcrypt

    ...

    providers:
        in_memory:
            memory: ~
        fos_userbundle:
            id: fos_user.user_provider.username_email

    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        # Login for Lexik Json Web Token Authentication
        login:
            pattern:  ^/api/login
            stateless: true
            anonymous: true
            json_login:
                check_path:               /api/login_check
                success_handler:          lexik_jwt_authentication.handler.authentication_success
                failure_handler:          lexik_jwt_authentication.handler.authentication_failure
                require_previous_session: false

        # API for Lexik Json Web Token Authentication
        api:
            pattern:   ^/api
            stateless: true
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator

        main:
            pattern: ^/
            form_login:
                provider:                       fos_userbundle
                check_path:                     fos_user_security_check
                login_path:                     fos_user_security_login
                csrf_token_generator:           security.csrf.token_manager
                default_target_path:            fos_user_profile_show
                always_use_default_target_path: true
            logout:
                  path:                         fos_user_security_logout
                  target:                       default_loged_out_target
            logout_on_user_change: true
            anonymous:    true
            switch_user:
                role:       ROLE_ADMIN
                provider:   fos_userbundle
            remember_me:
                secret:   '%secret%'
                lifetime: 15552000
                path:     /

    access_control:
        ...
        - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api,       roles: IS_AUTHENTICATED_FULLY }

routing.yml:

...
api_login_check:
    path: /api/login_check

So - like said I allways get this response:

{"code":401,"message":"Bad credentials"}

Can anyone point into the right direction on how to fix this?

Answer 1

Everything seems to be OK but I suspect that since you have two providers (in_memory and fos_userbundle) from which of them does Lexik JWT looks for the credentials ? If you don't use the in_memory provider, you should try to remove it.