Now my web is used this provider and its working. But i need api token authentication. i need more user provider.
security:
providers:
SecurityUserProvider:
id: App\Security\SecurityUserProvider
Asked
Active
Viewed 263 times
-1
symfony newbee
- 1
- 1
-
are the api user other then the web user? If the are the same you need only a other Authenticator – alessandro_podo Apr 10 '21 at 09:35
-
I created new App\Security\ApiTokenAuthenticator. But 1 problem occurred me. Api can't use username and password. – symfony newbee Apr 10 '21 at 16:22
-
in my case: If then the username and password are correct, create and return a token. i wanna do this. But i can't check username and password by api. – symfony newbee Apr 10 '21 at 16:22
1 Answers
0
Try following Workflow
Make an API Endpoint for getting a JWT-Token. Store this Token in the User Entity. If you want with a timestamp to expire that Token.
In the App\Security\ApiTokenAuthenticator you Check if the given Token is stored. If yes => You know the User and you can check if token is valid with the Timestamp If no => the Token invalid
alessandro_podo
- 94
- 4