jwt installed nad configured

02547a82 · Lech Sawon · a4c41b3f · 02547a82 · 02547a82 · 02547a82
Commit 02547a82 authored Oct 28, 2021 by Lech Sawon
Showing with 18 additions and 15 deletions

composer.json composer.json +1 -0

lexik_jwt_authentication.yaml config/packages/lexik_jwt_authentication.yaml +3 -2

security.yaml config/packages/security.yaml +14 -13

routes.yaml config/routes.yaml +0 -0

No files found.
--- a/composer.json
+++ b/composer.json
@@ -11,6 +11,7 @@
        "doctrine/doctrine-bundle": "^2.4",
        "doctrine/doctrine-migrations-bundle": "^3.2",
        "doctrine/orm": "^2.10",
+        "lexik/jwt-authentication-bundle": "^2.13",
        "phpdocumentor/reflection-docblock": "^5.3",
        "sensio/framework-extra-bundle": "^5.1",
        "symfony/asset": "4.4.*",

--- a/config/packages/lexik_jwt_authentication.yaml
+++ b/config/packages/lexik_jwt_authentication.yaml
 lexik_jwt_authentication:
-    secret_key: '%env(resolve:JWT_SECRET_KEY)%'
-    public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
+    secret_key: '%kernel.project_dir%/config/jwt/private.pem'
+    public_key: '%kernel.project_dir%/config/jwt/public.pem'
    pass_phrase: '%env(JWT_PASSPHRASE)%'
+    token_ttl: 3600 # in seconds, default is 3600
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -11,19 +11,6 @@ security:
                class: App\Entity\User
                property: email
    firewalls:
-        dev:
-            pattern: ^/(_(profiler|wdt)|css|images|js)/
-            security: false
-        main:
-            anonymous: lazy
-            provider: app_user_provider
-            guard:
-                authenticators:
-                    - App\Security\AppLoginFormAuthenticator
-            logout:
-                path: app_logout
-                # where to redirect after logout
-                # target: app_any_route
        login:
            pattern: ^/api/login
            stateless: true
@@ -31,12 +18,26 @@ security:
                check_path: /api/login_check # or api_login_check as defined in config/routes.yaml
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure
+
        api:
            pattern:   ^/api
            stateless: true
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator
+        dev:
+            pattern: ^/(_(profiler|wdt)|css|images|js)/
+            security: false
+        main:
+            anonymous: lazy
+            provider: app_user_provider
+            guard:
+                authenticators:
+                    - App\Security\AppLoginFormAuthenticator
+            logout:
+                path: app_logout
+                # where to redirect after logout
+                # target: app_any_route

            # activate different ways to authenticate
            # https://symfony.com/doc/current/security.html#firewalls-authentication

--- a/config/routes.yaml
+++ b/config/routes.yaml