LexikJWTAuthenticationBundle icon indicating copy to clipboard operation
LexikJWTAuthenticationBundle copied to clipboard

Published 20 hours ago verified publisher icon lexik

login_check bad credentials

Open dany33code opened this issue 5 years ago • 4 comments

Hello,

I am trying to use a custom UserProvider for login_check. I always get this error: {"code":401,"message":"Bad credentials"}

I have the impression that he does not even go into the userProvider to know that without the custom UserProvider everything works well

i want:

  • for login: -> provider: main
  • for api: -> provider: entity_manager
POST http://localhost:8000/login_check
{
    "username": "reader",
    "password": "reader"
}

security:
    encoders:
        App\Entity\User:
            algorithm: bcrypt

    role_hierarchy:    
        ROLE_ADMIN: ROLE_USER
            
    providers:
        entity_provider:
            entity:
                class: App\Entity\User
                property: username
        main:
            id: App\Security\UserProvider

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        login:
            pattern:  ^/login
            stateless: true
            anonymous: true
            provider: main
            json_login:
                check_path: /login_check
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure

        register:
            pattern:  ^/register
            stateless: true
            anonymous: true

        api:
            pattern:  ^/api
            stateless: true
            anonymous: false
            provider: entity_provider
            guard:
                authenticators:
                    - App\Security\JwtAuthenticator


    access_control:

<?php

namespace App\Security;

use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;

class UserProvider implements UserProviderInterface
{

    public function loadUserByUsername($username)
    {

        $user = new User('reader', 'reader', '', ['ROLE_USER']);   // for testing

        return $user;         
    }

    public function refreshUser(UserInterface $user)
    {
        if (!$user instanceof User) {
            throw new UnsupportedUserException(sprintf('Invalid user class "%s".', get_class($user)));
        }
        throw new \Exception('TODO: fill in refreshUser() inside '.__FILE__);
    }
    public function supportsClass($class)
    {
        return User::class === $class;
    }
}

API PLATFORM, JWT, Symfony 4, LexikJWTAuthenticationBundle

dany33code avatar Jan 19 '19 08:01 dany33code

same error message after deploying to a host, got that thing fixed on your own?

devalanche avatar Feb 10 '19 19:02 devalanche

Same problem... with symfony 4.2.4,

{"username":"jota","password":"test"}

{ "code": 401, "message": "Bad credentials" }

juanantoniomosquera avatar Mar 14 '19 09:03 juanantoniomosquera

That helped me in my case

TsvirenkoSweet avatar Mar 14 '19 15:03 TsvirenkoSweet

@dany33code Did you manage to solve the issue by your own?

fd6130 avatar Sep 17 '21 14:09 fd6130