How to implement multiple authentication in Symfony?

How to implement multiple authentication in Symfony?

I am following following tutorial about Backend API AUthentication using JWT.
https://rojas.io/building-a-jwt-authenticator-in-symfony-4/

I have two authentication in my API.

  • LoginAuthenticator
  • JwtAuthenticator.

Below is my security.yaml file.

security:
    encoders:
        AppEntityUser:
            algorithm: auto
    providers:
        app_user_provider:
            entity:
                class: AppEntityUser
                property: email
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            anonymous: true
            guard:
                authenticators:
                    - AppSecurityLoginAuthenticator
                    - AppSecurityJwtAuthenticator
                entry_point: AppSecurityLoginAuthenticator
            logout:
                path: api_logout
                success_handler: AppSecurityJwtLogoutHandler
            stateless: true

    access_control:
        # - { path: ^/admin, roles: ROLE_ADMIN }
        # - { path: ^/profile, roles: ROLE_USER }

UserController

/**
     * @Route("/profile", name="api_profile")
     * @IsGranted("ROLE_USER")
     */
    public function profile()
    {
        return $this->json(
            [
                "user" => $this->getUser(),
            ],
            Response::HTTP_OK,
            [],
            [
                "groups" => ["api"]
            ]
        );
    }

After I make the guard stateless I am not being able to access the profile page.

OnAuthenticationSucess of loginAuthenticator, it will create a cookie named jwt But when I try to access the profile page. It gives access denied.

Can anybody please tell why I am not being able to access profile page?

Source: Symfony Questions

Leave a Reply

Your email address will not be published. Required fields are marked *