1

I have next code:

security.yaml

security:
enable_authenticator_manager: true
password_hashers:
    Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
providers:
    app_user_provider:
        entity:
            class: App\Entity\User
            property: login
firewalls:
    login:
        pattern: ~/api/user/login
        stateless: true
        json_login:
            check_path: api_login_check
            success_handler: lexik_jwt_authentication.handler.authentication_success
            failure_handler: lexik_jwt_authentication.handler.authentication_failure
    api:
        pattern: ~/api
        stateless: true
        jwt: ~

access_control:
    - { path: ~/api/user, roles: PUBLIC_ACCESS }
    - { path: ~/api,       roles: IS_AUTHENTICATED_FULLY }

UserController.php

...
/**
 * @Route("/api/user")
 * @OA\Tag(name="[User] User Controller")
 */
class UserController extends AbstractController
{
...
    #[Route('/login', name: 'api_login_check', methods: 'POST')]
    public function getTokenUser(#[CurrentUser] ?User $user, JWTTokenManagerInterface $JWTManager): JsonResponse
    {
        if (null === $user) {
            return $this->json([
                'message' => 'missing credentials',
            ], Response::HTTP_UNAUTHORIZED);
        }

          return $this->json([
              'user'  => $user->getUserIdentifier(),
              'token' => $JWTManager->create($user),
          ]);
    }
}

User.php

<?php

namespace App\Entity;

use App\Repository\UserRepository;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
use Symfony\Component\Security\Core\User\UserInterface;

#[ORM\Entity(repositoryClass: UserRepository::class)]
#[ORM\Table(name: '`user`')]
class User implements UserInterface, PasswordAuthenticatedUserInterface
{
    #[ORM\Id]
    #[ORM\GeneratedValue]
    #[ORM\Column(type: 'integer')]
    private $id;

    #[ORM\Column(type: 'string', length: 64)]
    private $login;

    #[ORM\Column(type: 'string', length: 255)]
    private $password;

    #[ORM\Column(type: 'boolean')]
    private $teacher;

    #[ORM\Column(type: 'string', length: 128, nullable: true)]
    private $lessonStudy;

    #[ORM\Column(type: 'integer', nullable: true)]
    private $classNumber;

    #[ORM\Column(type: 'string', length: 8, nullable: true)]
    private $classChar;

    #[ORM\Column(type: 'datetime')]
    private $created_at;

    public function __construct()
    {
        $this->created_at = new \DateTime();
        $this->teacher = false;
    }

    public function getId(): ?int
    {
        return $this->id;
    }

    public function getLogin(): ?string
    {
        return $this->login;
    }

    public function setLogin(string $login): self
    {
        $this->login = $login;

        return $this;
    }

    /**
     * @see PasswordAuthenticatedUserInterface
     */
    public function getPassword(): string
    {
        return $this->password;
    }

    public function setPassword(string $password): self
    {
        $this->password = $password;

        return $this;
    }

    public function getTeacher(): ?bool
    {
        return $this->teacher;
    }

    public function setTeacher(bool $teacher): self
    {
        $this->teacher = $teacher;

        return $this;
    }

    public function getLessonStudy(): ?string
    {
        return $this->lessonStudy;
    }

    public function setLessonStudy(?string $lessonStudy): self
    {
        $this->lessonStudy = $lessonStudy;

        return $this;
    }

    public function getClassNumber(): ?int
    {
        return $this->classNumber;
    }

    public function setClassNumber(?int $classNumber): self
    {
        $this->classNumber = $classNumber;

        return $this;
    }

    public function getClassChar(): ?string
    {
        return $this->classChar;
    }

    public function setClassChar(?string $classChar): self
    {
        $this->classChar = $classChar;

        return $this;
    }

    public function getCreatedAt(): ?\DateTimeInterface
    {
        return $this->created_at;
    }

    public function setCreatedAt(\DateTimeInterface $created_at): self
    {
        $this->created_at = $created_at;

        return $this;
    }

    /**
     * @return array
     */
    public function getRoles(): array
    {
        return array('ROLE_USER');
    }

    /**
     * @see UserInterface
     */
    public function eraseCredentials()
    {

    }

    /**
     * @return string
     */
    public function getUserIdentifier(): string
    {
        return (string) $this->login;
    }

    /**
     * Returning a salt is only needed, if you are not using a modern
     * hashing algorithm (e.g. bcrypt or sodium) in your security.yaml.
     *
     * @see UserInterface
     */
    public function getSalt(): ?string
    {
        return null;
    }
}

When I try make request to /api/user/login -> get error from controller about bad creds.

curl --location --request POST 'http://127.0.0.1:8000/api/user/login' \
--header 'Content-Type: application/json' \
--data-raw '{
    "username": "cruiservlad",
    "password": "pro100cruiser"
}'

What I did wrong?

chalasr
  • 12,971
  • 4
  • 40
  • 82
Vladislav Pisarev
  • 19
  • 2

0 Answers0