添加身份验证路由以在OpenApi 3中生成JWT

问题描述 投票:0回答:1

我想通过ApiPlatform和OpenApi V3实现这种结果:screenchot of an old swagger displaying an auth route

我在一个旧的SO问题上发现了这个问题:How to add Login to swagger UI with API PLATFORM (symfony 4)?

该路由从security.yaml插入我防火墙中的LexikJWT处理程序。我设法在我的resources.yaml的ItemOperations键中添加了一个自定义内容,但是该内容似乎无法正确映射到OpenApi。

我误解了吗?

我应该放弃Lexik JWT捆绑包并以其他方式进行身份验证吗?

我是否缺少方案或Yaml配置周围的内容?

感谢您的帮助!

swagger symfony4 openapi api-platform.com
1个回答
0
投票
我认为您config/routes.yaml文件有问题。我的配置看起来像:

api_login_check: path: /api/users/login methods: [POST] 

因为您可能需要输入path: /authentication
以防万一,我在这里写了我项目的完整JWT配置。
config / packages / lexik_jwt_authentication.yaml:
lexik_jwt_authentication:
    secret_key: '%env(resolve:JWT_SECRET_KEY)%'
    public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
    pass_phrase: '%env(JWT_PASSPHRASE)%'
    user_identity_field: phone <-- for auth user (username/login)
    token_ttl: 3600


config / packages / security.yaml:
security:
    encoders:
        App\Entity\User:
            algorithm: auto

    providers:
        app_user_provider:
            entity:
                class: App\Entity\User
                property: phone <-- it's my property that i use as username

    firewalls:

        login:
            pattern:  ^/api/
            stateless: true
            anonymous: true
            provider: app_user_provider
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator
            json_login:
                check_path: ~
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure


src / Entity / User.php
<?php
declare(strict_types=1);

namespace App\Entity;

// use ...

/**
 * @ApiResource(
 *     security="is_granted('ROLE_USER')",
 *     itemOperations={
 *         "get" = {"security" = "is_granted('ROLE_USER') and object == user"},
 *         // other operations ...
 *     },
 *     collectionOperations={
 *         "get",
 *         "post" = {
 *             "security" = "is_granted('IS_AUTHENTICATED_ANONYMOUSLY')"
 *         },
 *         "login" = {
 *             "security" = "is_granted('IS_AUTHENTICATED_ANONYMOUSLY')",
 *             "route_name" = "api_login_check",
 *             "method" = "POST",
 *             "openapi_context" = {
 *                 "summary" = "Login method",
 *                 "requestBody" = {
 *                     "description" = "Get token",
 *                     "content" = {
 *                         "application/json" = {
 *                             "schema" = {
 *                                 "type" = "object",
 *                                 "required" = {
 *                                     "username",
 *                                     "password"
 *                                 },
 *                                 "properties" = {
 *                                     "username" = {
 *                                         "type" = "string"
 *                                     },
 *                                     "password" = {
 *                                         "type" = "string"
 *                                     }
 *                                 }
 *                             }
 *                         }
 *                     }
 *                 }
 *             }
 *         },
 *         // other operations ...
 *     },
 *     // ...
 * )
 * // ...
 */
class User implements UserInterface
{
    // ...
}

P.S。我正在使用Symfony V5,但我认为没有什么不同
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.