strange "invalid credentials" with Symfony 7 and API Platform 4 and JWT Lexik #1254

darkomenx · 2024-11-14T12:53:35Z

darkomenx
Nov 14, 2024

Hello everyone go that way,

error : "Invalid Credentials" 401
basic error for lot of trying to resolve this without solutions. Very strange because I already use API-Platform and Lexik JWT Bundle and I never had this before. Perhaps can I just sharing my config and anyone viewing for some strange thinks...

security.yaml

security:
    password_hashers:
        App\Entity\Users: 'auto'
#        Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
        Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
            algorithm: 'auto'
            cost: 15

    providers:
        users:
            entity:
                class: App\Entity\Users
                property: email

    firewalls:

        dev:
            pattern: ^/_(profiler|wdt)
            security: false

        main:
            stateless: true
            provider: users
            json_login:
                check_path: auth # The name in routes.yaml is enough for mapping
                username_path: email
                password_path: password
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure
            jwt: ~

    access_control:
        - { path: ^/$, roles: PUBLIC_ACCESS }
        - { path: ^/auth, roles: PUBLIC_ACCESS }
        - { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
        - { path: ^/docs, roles: PUBLIC_ACCESS }
        - { path: ^/, roles: IS_AUTHENTICATED_FULLY }

routes.yaml

auth:
  path: /auth
#  methods: ['POST']

#controllers:
#    resource:
#        path: ../src/Controller/
#        namespace: App\Controller
#    type: attribute

routes/api_platform.yaml

api_platform: 
    resource: .
    type: api_platform
    prefix: /api

config/packages/lexik_jwt_authentication.yaml


lexik_jwt_authentication:

    secret_key: '%env(resolve:JWT_SECRET_KEY)%'
    public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
    pass_phrase: '%env(resolve:JWT_PASSPHRASE)%'
    token_ttl: 3600
#    user_identity_field: username

#    encoder:
#      service: Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface

#    api_platform:
#        check_path: /auth
#        username_path: email
#        password_path: security.credentials.password

SSL keys project

User fixtures process creation :

<?php

namespace App\DataFixtures;

use App\Entity\Users;
use App\Factory\UsersFactory;
use Doctrine\Bundle\FixturesBundle\Fixture;
use Doctrine\Persistence\ObjectManager;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;

class UsersFixtures extends Fixture
{
	private UserPasswordHasherInterface $hasher;

	public function __construct(UserPasswordHasherInterface $hasher)
	{
		$this->hasher = $hasher;
	}
	public function load(ObjectManager $manager)
	{
		UsersFactory::createMany(3);

		$user1 = new Users();
		$user1->setCivility('mr');
		$user1->setEmail('xxxx@xxxx.com');
		$user1->setRoles(['ROLE_SUPER_ADMIN']);
		$hashedPassword = $this->hasher->hashPassword($user1, 'toto-fifi');
		$user1->setPassword($hashedPassword);
		$user1->setUsername('punisher');
		$user1->setFirstName('john');
		$user1->setLastName('smith');

		$manager->persist($user1);
		$manager->flush();
	}
}

Users.php (Entity)


<?php

namespace App\Entity;

use ApiPlatform\Metadata\ApiResource;
use App\Repository\UsersRepository;
use Doctrine\ORM\Mapping as ORM;
use Doctrine\ORM\Mapping\JoinColumn;
use Doctrine\ORM\Mapping\ManyToOne;
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
use Symfony\Component\Security\Core\User\UserInterface;

#[ORM\Entity(repositoryClass: UsersRepository::class)]
#[ORM\UniqueConstraint(name: 'UNIQ_IDENTIFIER_EMAIL', fields: ['email'])]
#[UniqueEntity(fields: ['email'], message: 'There is already an account with this email')]
#[ApiResource]
class Users implements UserInterface, PasswordAuthenticatedUserInterface
{
	#[ORM\Id]
	#[ORM\GeneratedValue]
	#[ORM\Column]
	private ?int $id = null;

	#[ORM\Column(length: 180)]
	private ?string $email = null;

	#[ORM\Column]
	private array $roles = [];

	#[ORM\Column(type: 'string')]
	private ?string $password = null;

	#[ORM\Column(type: 'boolean')]
	private bool $isVerified = false;

	#[ORM\Column(type: 'string')]
	private string $civility;

	#[ORM\Column(type: 'string')]
	private string $firstName;

	#[ORM\Column(type: 'string')]
	private string $lastName;

	#[ORM\Column(type: 'string')]
	private string $username;

	#[ORM\Column(type: 'blob', nullable: true)]
	private string $picture;

	#[ORM\Column(type: 'string', length: 2)]
	private string $locale = 'fr';

	#[ORM\Column(type: 'boolean', nullable: false)]
	private bool $isSubscriptionActivate = false;

	public function getId(): ?int
	{
		return $this->id;
	}

	public function getEmail(): ?string
	{
		return $this->email;
	}

	public function setEmail(string $email): static
	{
		$this->email = $email;

		return $this;
	}

	public function getUserIdentifier(): string
	{
		return (string) $this->email;
	}

	public function getRoles(): array
	{
		$roles = $this->roles;
		// guarantee every user at least has ROLE_USER
		$roles[] = 'ROLE_USER';

		return array_unique($roles);
	}

	public function setRoles(array $roles): static
	{
		$this->roles = $roles;

		return $this;
	}

	public function getPassword(): string
	{
		return $this->password;
	}

	public function setPassword(string $password): static
	{
		$this->password = $password;

		return $this;
	}

	public function getCivility(): string
	{
		return $this->civility;
	}

	public function setCivility(string $civility): void
	{
		$this->civility = $civility;
	}

	public function getFirstName(): string
	{
		return $this->firstName;
	}

	public function setFirstName(string $firstName): void
	{
		$this->firstName = $firstName;
	}

	public function getLastName(): string
	{
		return $this->lastName;
	}

	public function setLastName(string $lastName): void
	{
		$this->lastName = $lastName;
	}

	public function getUsername(): string
	{
		return $this->username;
//		return $this->email;
	}

	public function setUsername(string $username): void
	{
		$this->username = $username;
	}

	public function getLocale(): string
	{
		return $this->locale;
	}

	public function setLocale(string $locale): void
	{
		$this->locale = $locale;
	}

	public function eraseCredentials(): void
	{
		// If you store any temporary, sensitive data on the user, clear it here
		// $this->plainPassword = null;
	}

	public function getIsVerified(): bool
	{
		return $this->isVerified;
	}

	public function setIsVerified(bool $isVerified): static
	{
		$this->isVerified = $isVerified;

		return $this;
	}

	public function getPicture(): string
	{
		return $this->picture;
	}

	public function setPicture(string $picture): void
	{
		$this->picture = $picture;
	}
}

Very appreciate your feedback because lot of time lost just for configuring access on API Platform project :(

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

strange "invalid credentials" with Symfony 7 and API Platform 4 and JWT Lexik #1254

{{title}}

Replies: 0 comments

Select a reply

strange "invalid credentials" with Symfony 7 and API Platform 4 and JWT Lexik #1254

darkomenx Nov 14, 2024

Replies: 0 comments

darkomenx
Nov 14, 2024