search

markitosgv / JWTRefreshTokenBundle

Implements a Refresh Token system over Json Web Tokens in Symfony
MIT License
663 stars 159 forks source link

JWTRefreshTokenBundle change user_identity_field #91

Open shubaivan opened 6 years ago

shubaivan commented 6 years ago

I use jwt token for auth and I had to change user_identity_field to email. And after that when I try call /api/token/refresh I have 401 status code. Because for refresh token entity in username property saved username data from user

my config 

lexik_jwt_authentication:
private_key_path: '%jwt_private_key_path%'
public_key_path:  '%jwt_public_key_path%'
pass_phrase:      '%jwt_key_pass_phrase%'
token_ttl:        '%jwt_token_ttl%'
user_identity_field: email

gesdinet_jwt_refresh_token:
ttl: '%jwt_refresh_token_ttl%'
ttl_update: true
user_provider: security.user.provider.concrete.chain_provider

and my security 

security:
encoders:
    AppBundle\Entity\User:
        algorithm: bcrypt

    AppBundle\Entity\Admin:
        algorithm: bcrypt

providers:
    chain_provider:
        chain:
            providers: [admins, entity_provider]

    admins:
        entity:
            class: AppBundle:Admin
            property: email

    entity_provider:
        entity:
            class: AppBundle:User
            property: email

firewalls:
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false

    refresh:
        pattern:  ^/api/token/refresh
        stateless: true
        anonymous: true

    api_admin:
        pattern:   ^/api/admin
        stateless: true
        anonymous: false
        provider: chain_provider
        guard:
            authenticators:
                - app.jwt_token_authenticator

    login:
        pattern:  ^/api/login
        stateless: true
        anonymous: true
        form_login:
            check_path: /api/login_check
            require_previous_session: false
            username_parameter: _email
            password_parameter: _password
            success_handler: custom
            failure_handler: lexik_jwt_authentication.handler.authentication_failure

now /api/token/refresh I have response 

{
  "code": 401,
  "message": "Bad credentials"
}

because \Gesdinet\JWTRefreshTokenBundle\Entity\RefreshToken have username data from user, but in my config for lexik_jwt_authentication I changed it 

user_identity_field: email

How to apply user_identity_field: email to refresh token ?

Psiiirus commented 6 years ago

Hi, did u maybe miss to add :

`` access_control:

into your security.yml?