2

My token login works fine, but if I try to know if I am fully logged in by my route:

UserController.php

/**
  * @Route("/auth/me", name="userIsAuthenticated")
  */
public function authenticated()
{
    return new Response(':-)', Response::HTTP_OK);
}

it just shows

Symfony\Component\HttpKernel\Exception\HttpException: Full authentication is required to access this resource.

I found out that in the StackTrace only "symfony\security-http\Firewall" appears and nothing with Lexik?

I tried also the jwt.io if the token works and it works its all valid.

security.yaml

security:
    encoders:
        App\Entity\User:
            algorithm: auto

    providers:
        app_user_provider:
            entity:
                class: App\Entity\User
                property: email

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false


        login:
            pattern:  ^/auth
            stateless: true
            anonymous: true
            json_login:
                check_path:               /auth
                success_handler:          lexik_jwt_authentication.handler.authentication_success
                failure_handler:          lexik_jwt_authentication.handler.authentication_failure


        api:
            pattern:   ^/
            stateless: true
            provider: app_user_provider
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator

    access_control:
         - { path: ^/auth/me, roles: IS_AUTHENTICATED_FULLY }
Daniel
  • 87
  • 9
  • "IS_AUTHENTICATED_FULLY isn't a role, but it kind of acts like one, and every user that has logged in will have this." Symfony says "IS_AUTHENTICATED_FULLY" acts like a role and you can use it if you want to know if the User is logged in – Daniel Jan 11 '20 at 15:41
  • But its not the issue. I tried that already. You can use the IS_AUTHENTICATED_FULLY role anywhere to check if the user is logged in. If you use a role like "ROLE_USER" you just check if the user have the current role and if its logged in. But for me it doesnt matter I just need to know if the dude is logged in. So I asked for IS_AUTHENTICATED_FULLY. – Daniel Jan 11 '20 at 16:51
  • I still get the same – Daniel Jan 11 '20 at 16:59
  • Your configuration defines the provider for api routes to use the entity provider. I don't think this provider is payload aware like the one defined in [lexik_jwt_authentication](https://github.com/lexik/LexikJWTAuthenticationBundle/blob/master/Security/User/JWTUserProvider.php) package. – Oluwafemi Sule Jan 11 '20 at 17:47
  • If I remove the provider to let (cause on lexik there is in the example security conf no provider aswell) its just doing the same – Daniel Jan 11 '20 at 17:58

1 Answers1

4

The issue was that my /auth/me route was going to use the /auth firewall. The /auth firewall has no lexik authenticator in the configuration.

I just needed to change ^/auth to ^/auth$ and all is fine.

The $ sign prevents the firewall for working for eveything like

/auth/me
/auth/example
/auth/anotherexample
...

It only uses the exact match /auth route :-)

Daniel
  • 87
  • 9