我正在开发一个Symfony 4 API平台项目,并有一个Symfony 4客户端项目,我想要在API上登录。我正在使用guzzle来访问API上的资源。
以下是我实施的GuzzleTrait
:
<?php
/**
* Created by PhpStorm.
* User: simslay
* Date: 15/12/2018
* Time: 15:29
*/
namespace App\Controller;
use GuzzleHttp\Client;
trait GuzzleTrait
{
private $client;
public function __construct()
{
$this->client = new Client([
'base_uri' => 'http://127.0.0.1:8001'
]);
}
private function getContent(string $finUri) {
$content = null;
try {
$dataContent = $this->client->request('GET', 'api/'.$finUri);
$content = json_decode($dataContent->getBody()->getContents(), true);
} catch(\GuzzleHttp\Exception\GuzzleException $e) {
$this->addFlash(
'danger',
$e->getMessage()
);
}
return $content;
}
}
我正在编写本教程:Implementing JWT Authentication to your API Platform application
并在我的API上使用相同的逻辑。
另外,这是我的客户端security.yaml:
security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
encoders:
App\Entity\User: bcrypt
providers:
in_memory: { memory: ~ }
user_provider:
entity:
class: App\Entity\User
property: surnom
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: true
# activate different ways to authenticate
# http_basic: true
# https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
# form_login: true
# https://symfony.com/doc/current/security/form_login_setup.html
form_login:
login_path: security_connexion
check_path: security_connexion
username_parameter: _surnom
password_parameter: _password
default_target_path: index
provider: user_provider
logout:
path: /deconnexion
target: /
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/admin, roles: [ROLE_ADMIN, ROLE_SUPER_ADMIN] }
# - { path: ^/profile, roles: ROLE_USER }
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
我有一个带有User实体的API数据库。
是否有必要在客户端也有用户实体?
在curl中,登录时我有命令:
curl -X POST -H "Content-Type: application/json" http://localhost:8000/login_check -d '{"username":"johndoe","password":"test"}'
如何从Symfony 4客户端登录到API?
我能够在此code example的tutorial: 之后实现客户端身份验证。