搜索由 
提供
提供php-solution / jwt-security-bundle
Symfony 扩展包,用于在应用中使用 JWT 进行授权和认证。
v5.1.5
2018-08-03 11:20 UTC
Requires
- php: >=7.1
- php-solution/jwt-bundle: ~0.3
- symfony/config: >=4.0
- symfony/dependency-injection: >=4.0
- symfony/http-foundation: >=4.0
- symfony/http-kernel: >=4.0
- symfony/security-core: >=4.0
- symfony/security-guard: >=4.0
- symfony/security-http: >=4.0
README
此扩展包允许开发者在使用 API 应用时使用 JWT 进行授权/认证。
配置
在 config.yaml 中配置 JWT
jwt: default_configuration: 'common' configurations: common: asymmetric: true signer: class: 'Lcobucci\JWT\Signer\Rsa\Sha512' signing_key: content: 'file://%kernel.project_dir%/etc/jwt/keys/private.pem' pass: 'test' verification_key: content: 'file://%kernel.project_dir%/etc/jwt/keys/public.pub' types: authentication: configuration: 'common' exp: 3600
在 config.yaml 中配置授权 JWT
jwt_security: auth_header: name: 'Authorization' prefix: 'Bearer ' token_provider: token_type: 'authentication' claim_user: 'user' auth_success_response_builder: 'Core\User\AuthResponseBuilder' auth_failure_exceptions: - { exception: 'Symfony\Component\Security\Core\Exception\AuthenticationException', message: 'Please check your email and password.' }
在 security.yaml 中配置安全设置
security: providers: your_user_provider: # provider name ... firewalls: api_login: pattern: '^/login' stateless: true anonymous: true json_login: check_path: '/login' success_handler: 'jwt_security.security.authorization_handler' failure_handler: 'jwt_security.security.authorization_handler' api_secured: pattern: '^/' stateless: true provider: 'in_memory_users' guard: authenticators: ['jwt_security.security.authenticator'] access_control: - { path: '^/login', roles: 'IS_AUTHENTICATED_ANONYMOUSLY' } - { path: '^/', roles: 'IS_AUTHENTICATED_FULLY' }
添加检查登录的路由
api_security: resource: '@JwtSecurityBundle/Resources/config/routing.yml'
或
_jwt_security_login: path: '/login' defaults: { _controller: 'PhpSolution\JwtSecurityBundle\Controller\SecurityController::loginAction', _format: 'json' }