0

I get no current User by requests from websocket to symfony backend.

i authenticate my User through route /authapi/v1/applogin manual with following:

if($passwordEncoder->isPasswordValid($user, $content->password)){
  $token = new UsernamePasswordToken($user, null, 'main', $user->getRoles());
  $this->get('security.token_storage')->setToken($token);
  //$session = $this->requestStack->getSession();
  $this->session->set('_security_main', serialize($token));
  $event = new InteractiveLoginEvent($request, $token);
        
  $this->tokenStorage->setToken($token); //UsernamePasswordToken

  //$JWTManager = 
  return new JsonResponse(['jwt' => $JWTManager->create($user)]);
}

at this point, the user is logged in and $tokenStorage has the User Object by requests using postman.

now i want to sent a request from a websocket subdomain with authorization header Bearer myjwt token using axios. Here, the $tokenStorage is null. This means that jwt isnt authenticated fully? what is missing in the auth part?

Daniel Richter
  • 768
  • 5
  • 23
  • 1
    Are you using CORS or other security mechanism? Any errors in the javascript console? What's your firewall configuration? Is it stateful? – msg Jan 02 '22 at 16:19
  • its going through the main firewall. i added stateless: true and now some things work. Others not. I test around it but maybe thats do the trick. Its so, i need to add a new firewall with stateless true and own url pattern for requests from node server? – Daniel Richter Jan 02 '22 at 19:13
  • 1
    As you can see in [the documentation](https://symfony.com/doc/current/reference/configuration/security.html#firewall-context), a stateful firewall relies on the user session, while `stateless` do not, they re-authenticate each request. Depending on your `framework.session` configuration, the different subdomains can be preventing your browser from sending session information. That could be a way to do it, maybe you can tweak the config, add another authenticator... Depends on the app, but I'd say yes, you can start by splitting the firewalls. – msg Jan 02 '22 at 19:29
  • I tested the whole night and thats exactly the problem. I have splitted the firewall and now all worked as expected. Many Thx for your ideas and help. For People who have the same problem i create an example here later. – Daniel Richter Jan 03 '22 at 13:53

0 Answers0