I have a rest api, developed in symfony 5 using JWT. Locally it works correctly but when I upload it to productive it fails. The login that returns the token works (when authenticated) but then any query to the api fails, returning JWT NOT FOUND 401
The strange thing is that the token is sent in the header and it works correctly locally.
In my security.yaml I have the following:
firewalls:
login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api/v1
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
access_control:
- { path: ^/api/login_check, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/ingresar, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/v1, roles: IS_AUTHENTICATED_FULLY }
Then in my lexik_jwt_authentication.yaml file I have the following:
lexik_jwt_authentication:
secret_key: '/home12/eisenluk/symfony/config/jwt/private.pem' #required for token creation
public_key: '/home12/eisenluk/symfony/config/jwt/public.pem' #required for token verification
pass_phrase: '' # required for token creation, usage of an environment variable is recommended
token_ttl: '3600'
If you can guide me how to solve it, thank you very much!!!!!
I found the error and it was due in two parts to the following:
On the first part, you must enter the cpanel of your site (with the user and password that they provided), go to Select Php or Select Php as appropriate. In this place, you must verify that the version of php is the same that you need and that you have associated with your domain (url). As you can see in the following image:
As you can see, the current version of php matches the one associated with the url domain .
Regarding the second part in the security.yaml change the following:
For this:
You can see that the user provider was added and it is set that the api cannot be accessed as anonymous.
In the other lexik_jwt_authentication bundle configuration file, I change the following:
By the following:
You can see that the encoder was added and how the data is associated with the %kernel_root%%env()% was changed.