Skip to content

Navigation Menu

Sign in

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

strange "invalid credentials" with basic Symfony 7 + API Platform 4 and JWT lexik bundle #2798

Unanswered
darkomenx asked this question in Q&A
strange "invalid credentials" with basic Symfony 7 + API Platform 4 and JWT lexik bundle #2798
@darkomenx darkomenx
Nov 14, 2024 · 2 comments
Return to top
Discussion options

darkomenx
Nov 14, 2024

Hello everyone go that way,

error : "Invalid Credentials" 401
basic error for lot of trying to resolve this without solutions. Very strange because I already use API-Platform and Lexik JWT Bundle and I never had this before. Perhaps can I just sharing my config and anyone viewing for some strange thinks...

security.yaml

security:
    password_hashers:
        App\Entity\Users: 'auto'
#        Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
        Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
            algorithm: 'auto'
            cost: 15

    providers:
        users:
            entity:
                class: App\Entity\Users
                property: email

    firewalls:

        dev:
            pattern: ^/_(profiler|wdt)
            security: false

        main:
            stateless: true
            provider: users
            json_login:
                check_path: auth # The name in routes.yaml is enough for mapping
                username_path: email
                password_path: password
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure
            jwt: ~

    access_control:
        - { path: ^/$, roles: PUBLIC_ACCESS }
        - { path: ^/auth, roles: PUBLIC_ACCESS }
        - { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
        - { path: ^/docs, roles: PUBLIC_ACCESS }
        - { path: ^/, roles: IS_AUTHENTICATED_FULLY }

routes.yaml

auth:
  path: /auth
#  methods: ['POST']

#controllers:
#    resource:
#        path: ../src/Controller/
#        namespace: App\Controller
#    type: attribute

routes/api_platform.yaml

api_platform: 
    resource: .
    type: api_platform
    prefix: /api

config/packages/lexik_jwt_authentication.yaml


lexik_jwt_authentication:

    secret_key: '%env(resolve:JWT_SECRET_KEY)%'
    public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
    pass_phrase: '%env(resolve:JWT_PASSPHRASE)%'
    token_ttl: 3600
#    user_identity_field: username

#    encoder:
#      service: Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface

#    api_platform:
#        check_path: /auth
#        username_path: email
#        password_path: security.credentials.password

SSL keys project

image

User fixtures process creation :

<?php

namespace App\DataFixtures;

use App\Entity\Users;
use App\Factory\UsersFactory;
use Doctrine\Bundle\FixturesBundle\Fixture;
use Doctrine\Persistence\ObjectManager;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;

class UsersFixtures extends Fixture
{
	private UserPasswordHasherInterface $hasher;

	public function __construct(UserPasswordHasherInterface $hasher)
	{
		$this->hasher = $hasher;
	}
	public function load(ObjectManager $manager)
	{
		UsersFactory::createMany(3);

		$user1 = new Users();
		$user1->setCivility('mr');
		$user1->setEmail('xxxx@xxxx.com');
		$user1->setRoles(['ROLE_SUPER_ADMIN']);
		$hashedPassword = $this->hasher->hashPassword($user1, 'toto-fifi');
		$user1->setPassword($hashedPassword);
		$user1->setUsername('punisher');
		$user1->setFirstName('john');
		$user1->setLastName('smith');

		$manager->persist($user1);
		$manager->flush();
	}
}

Users.php (Entity)


<?php

namespace App\Entity;

use ApiPlatform\Metadata\ApiResource;
use App\Repository\UsersRepository;
use Doctrine\ORM\Mapping as ORM;
use Doctrine\ORM\Mapping\JoinColumn;
use Doctrine\ORM\Mapping\ManyToOne;
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
use Symfony\Component\Security\Core\User\UserInterface;

#[ORM\Entity(repositoryClass: UsersRepository::class)]
#[ORM\UniqueConstraint(name: 'UNIQ_IDENTIFIER_EMAIL', fields: ['email'])]
#[UniqueEntity(fields: ['email'], message: 'There is already an account with this email')]
#[ApiResource]
class Users implements UserInterface, PasswordAuthenticatedUserInterface
{
	#[ORM\Id]
	#[ORM\GeneratedValue]
	#[ORM\Column]
	private ?int $id = null;

	#[ORM\Column(length: 180)]
	private ?string $email = null;

	#[ORM\Column]
	private array $roles = [];

	#[ORM\Column(type: 'string')]
	private ?string $password = null;

	#[ORM\Column(type: 'boolean')]
	private bool $isVerified = false;

	#[ORM\Column(type: 'string')]
	private string $civility;

	#[ORM\Column(type: 'string')]
	private string $firstName;

	#[ORM\Column(type: 'string')]
	private string $lastName;

	#[ORM\Column(type: 'string')]
	private string $username;

	#[ORM\Column(type: 'blob', nullable: true)]
	private string $picture;

	#[ORM\Column(type: 'string', length: 2)]
	private string $locale = 'fr';

	#[ORM\Column(type: 'boolean', nullable: false)]
	private bool $isSubscriptionActivate = false;

	public function getId(): ?int
	{
		return $this->id;
	}

	public function getEmail(): ?string
	{
		return $this->email;
	}

	public function setEmail(string $email): static
	{
		$this->email = $email;

		return $this;
	}

	public function getUserIdentifier(): string
	{
		return (string) $this->email;
	}

	public function getRoles(): array
	{
		$roles = $this->roles;
		// guarantee every user at least has ROLE_USER
		$roles[] = 'ROLE_USER';

		return array_unique($roles);
	}

	public function setRoles(array $roles): static
	{
		$this->roles = $roles;

		return $this;
	}

	public function getPassword(): string
	{
		return $this->password;
	}

	public function setPassword(string $password): static
	{
		$this->password = $password;

		return $this;
	}

	public function getCivility(): string
	{
		return $this->civility;
	}

	public function setCivility(string $civility): void
	{
		$this->civility = $civility;
	}

	public function getFirstName(): string
	{
		return $this->firstName;
	}

	public function setFirstName(string $firstName): void
	{
		$this->firstName = $firstName;
	}

	public function getLastName(): string
	{
		return $this->lastName;
	}

	public function setLastName(string $lastName): void
	{
		$this->lastName = $lastName;
	}

	public function getUsername(): string
	{
		return $this->username;
//		return $this->email;
	}

	public function setUsername(string $username): void
	{
		$this->username = $username;
	}

	public function getLocale(): string
	{
		return $this->locale;
	}

	public function setLocale(string $locale): void
	{
		$this->locale = $locale;
	}

	public function eraseCredentials(): void
	{
		// If you store any temporary, sensitive data on the user, clear it here
		// $this->plainPassword = null;
	}

	public function getIsVerified(): bool
	{
		return $this->isVerified;
	}

	public function setIsVerified(bool $isVerified): static
	{
		$this->isVerified = $isVerified;

		return $this;
	}

	public function getPicture(): string
	{
		return $this->picture;
	}

	public function setPicture(string $picture): void
	{
		$this->picture = $picture;
	}
}

Very appreciate your feedback because lot of time lost just for configuring access on API Platform project :(
You must be logged in to vote

Replies: 2 comments

Comment options

cap270
Jan 30, 2025

do you find the problem ?
You must be logged in to vote
0 replies
Comment options

darkomenx
Jan 30, 2025
Author

Yes problem is on the new JWTLexikBundle version. The documentation of this bundle not notice about config of compare fields equality for confirm access with latest version. The configuration file options has been changed.

In my memory this issue dealing with this particular option : user_identity_field: email

Sync this option field with your User Entity field identity and after all run correctly.
You must be logged in to vote
0 replies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
🙏
Q&A
Labels
None yet
2 participants
@darkomenx @cap270
Morty Proxy This is a proxified and sanitized view of the page, visit original site.