-
-
Notifications
You must be signed in to change notification settings - Fork 609
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
API Full authentication is required to access this resource. #489
Comments
Doesn't your security miss a role hierarchy? Your Try adding: role_hierarchy:
ROLE_ADMIN: [ROLE_USER] |
Hello, Would you have a solution please? Thanks you security:
role_hierarchy:
ROLE_ADMIN: [ROLE_USER]
encoders:
App\Entity\Client:
algorithm: bcrypt
providers:
our_db_provider:
entity:
class: App\Entity\Client
property: username
firewalls:
main:
#pattern: ^/login
stateless: true
anonymous: true
provider: our_db_provider
json_login:
check_path: login
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
api:
pattern: ^/api
stateless: true
anonymous: true
provider: our_db_provider
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/clients, roles: IS_AUTHENTICATED_FULLY } |
Sorry guys, I need a full reproducer in order to help. Please share us a sample app with enough code to reproduce the bug + the steps needed to reproduce it |
Same problem here using api platfrom src/Entity/Customer.php:
I can see that "Guard autentication suceful", but later "Guard authenticator set no success response" Steps:
And debuging see onAuthenticationSuccess return null when Guard expects a Response. vendor/lexik/jwt-authentication-bundle/Security/Guard/JWTTokenAuthenticator.php:
|
@Ogek i can see "admin/api" here, "api/admin" there. Are you sure this config is ok? @castorinop, return null from that means request will continue, just no redirect etc. If it is still actuall, bring some code & config or reproducer as chalasr said before |
Closing due to the lack of feedback. Feel free to reopen (providing enough code to reproduce). |
I have the same issue on my api platform project. You can find way to reproduce the error on this link : https://github.com/ButterCorp/Backr-api/issues/6 |
I can reproduce this issue, but am not in a position to explain why.
|
I can confirm @NCS-Thomas , it's necessary to have
|
Hi guys,
I've just started using this bundle. I'm using Symfony 4. My problem is that once I authenticate and save the token in cookies when I make a request to my api routes, I get a 500 error caused by a double exception in Symfony. I based this skeleton to build the application: https://github.com/Limenius/symfony-react-sandbox/tree/symfony4. The errors I receive are these:
I think my problems are that I'm logged in as anonymous even if the login request returns me the token.
Below my
security
configuration:Thank you.
The text was updated successfully, but these errors were encountered: