The LexikJWTAuthenticationBundle provides authentication via Json Web Token for Symfony2+ REST API .
Questions tagged [lexikjwtauthbundle]
221 questions
-1
votes
1 answer
Lexik JWT, how to allow only user's infrmations
I wonder how can I configure JWT Lexik to authorize the user who is connected to have access only to his informations, and not all informations of all API like it's the case for me now.
My JWT is functional
thanks
Laurie
Laurie97275
- 75
- 6
-1
votes
1 answer
How to implement roles with JWT in Symfony 4
I did to implement JWT authentication with the extension lexik_jwt_authentication, but I want to implement different roles, for creation, editing and modification, but I don't know how to do it, could someone help me?
Guillermo Rodríguez
- 20
- 8
-1
votes
1 answer
isGranted returns false for logged in user JWT - Symfony API-Platform AWS-EB
I have deployed an API-Platform app using JWT token to ElasticBeanstalk which, as usual, works fine in my local server.
On EB though it is denying access to logged in users despite the correct BearerToken being provided.
This is the error thrown:…
BernardA
- 1,391
- 19
- 48
-1
votes
1 answer
Token becomes invalid after closing the browser
I am using Symfony for the back end and this for authenticating the user. When I close the browser, and open the application and make a call to web service, the token is invalid.
How do I make the token remain valid even after closing the browser.
Dwigh
- 441
- 5
- 19
-1
votes
1 answer
Is it neccessary to renew CSRF token in JWT token for every request/response?
I'm developing a web application using symfony and JWT token for authentication. For preventing XSS, JWT token is stored in cookies with HttpOnly attribute. And for preventing CSRF, I used random csrf token. This token are stored in cookie and JWT…
dewi suci
- 19
- 6
-1
votes
1 answer
How to banned a token in LexikJWTAuthenticationBundle?
When a user wants to quit the application, it is required to ban his token, since it is still valid.
aimboss
- 92
- 6
-1
votes
1 answer
change login behaviour in FOSUserBundle & LexikJWTAuthenticationBundle
I'm using FOSUserBundle with LexikJWTAuthenticationBundle to access data from and API.
The users login with username & password. A token is generated and then is used in every request as credentials.
Is it possible to use another field to perform a…
RandomUser
- 1
- 1
-2
votes
1 answer
Restricting HTTP Method in security.yaml doesn't work (Symfony, LexikJwk)
I'm trying to allow only to register (POST method) a new user (route: /api/users), I tried to follow the documentation (https://symfony.com/doc/current/security/firewall_restriction.html#restricting-by-http-methods), but when I test with Postman, I…
Ryan Loche
- 51
- 6
-2
votes
1 answer
How to use LexikJWTAuthenticationBundle as identity provider in many projects?
I am planning a new microservice project. Single microservices are REST-APIs, the user should authenticate himself with JWT. I want to use the LexikJWTAuthenticationBundle for implementing JWT.
How can I make sure that the token is validated…
user4144415
-2
votes
1 answer
How to allow path without login on ApiPlatform?
I have the following path:
api_inventories_create_inventory_listing_collection POST ANY ANY /api/inventory/{type}
Its defined in my entity as follows:
@ApiResource(
* …
TDawg
- 833
- 2
- 8
- 24
-2
votes
1 answer
How to test a lexik_jwt_authentication protected API using http_client?
I am writing some functional test and looks like the client can't find the controller for the route, this is the code for my test:
$response = static::createClient()->request(
'POST',
'/api/login_check',
[
'body' => [
'username' =>…
user3174311
- 1,714
- 5
- 28
- 66