How to ignore some routes when defining an authenticationFailure?

In the services.yaml file there is this config :

services:
    # ...
    pulsekb_api.event.authentication_failure_listener:
        class: AppEventListenerAuthentificationEventListener
        arguments: [ '@translator','@service_container' ]
        tags:
            - { name: kernel.event_listener, event: lexik_jwt_authentication.on_authentication_failure, method: onAuthenticationFailureResponse
      
use LexikBundleJWTAuthenticationBundleEventAuthenticationFailureEvent;
use LexikBundleJWTAuthenticationBundleEventAuthenticationSuccessEvent;
use LexikBundleJWTAuthenticationBundleEventJWTCreatedEvent;
use PsrContainerContainerInterface;
use SymfonyComponentConsoleInputInputInterface;
use SymfonyComponentHttpFoundationJsonResponse;
use SymfonyComponentHttpFoundationRequest;
use SymfonyComponentDependencyInjectionContainer;
use AppUtilsConstantSrv;
use SymfonyContractsTranslationTranslatorInterface;    
    /**
     * Class AuthentificationEventListener
     * @package ParasolCommunBundleEventListener
     */
    class AuthentificationEventListener
    {
    
        protected $container;
        private $trans;
    
        public function __construct(TranslatorInterface $translator,Container $container)
        {
            $this->container = $container;
            $this->trans = $translator;
        }
        ...
        /**
         * @param AuthenticationFailureEvent $event
         *
         * @throws Exception
         * @return JsonResponse
         */
        public function onAuthenticationFailureResponse(AuthenticationFailureEvent $event)
        {
            $response = new JsonResponse();
            $response->setData(
                array(
                    'code' => ConstantSrv::CODE_UNAUTHORIZED,
                    'message' => $this->trans->trans('login_failed'),
                    'http_message' => $this->trans->trans('http_message_failed')
                )
            );
            $event->setResponse($response);
        }

There is a route which does not need any authentication mechanism :

    class IteropController extends AbstractController
    {
       ...
       /**
         * @RestPost("/api/indexerExternalLinkIteropToElastic", name="idx_ext_lnk_iterop_to_elastic")
         * @RestRequestParam(name="url", nullable=false)
         * @RestRequestParam(name="titre", nullable=false)
         * @RestRequestParam(name="descr", nullable=false)
         * @RestRequestParam(name="soumetteur", nullable=false)
         * @RestRequestParam(name="tags", nullable=true)
         *
         * @return JsonResponse
         */
        public function indexerExternalLinkIteropToElastic(ParamFetcher $paramFetcher, DataIndexService $dataIndexService, UserService $userService, SearchService $searchService) {
           ...
        }
    }

For example this route /api/indexerExternalLinkIteropToElastic is to be independent of any authentication.

So how to modify the configuration in the services.yaml file to exclude this route about the authentication checking ?

Source: Symfony Questions

Was this helpful?

0 / 0

Leave a Reply 0

Your email address will not be published. Required fields are marked *