Kann nicht Symfony API Auth bekommen arbeiten

Question

Ich versuche, aus http://symfony.com/doc/current/security/api_key_authentication.html API Auth zu meinem Symfony Projekt nach dem Tutorial hinzufügen

Ich habe alles aus, hinzugefügt, um die ApiKeyAuthenticator und ApiKeyUserProvider Dateien in das Projekt genauso wie sie sind da und konfigurierten die services und security Direktiven aber jedes Mal, wenn ich versuche, gegen die API zu authentifizieren, leitet es mich auf meine Anmeldeseite um.

Lassen Sie mich die Dateien zeigen, die aus dem Tutorial unterschiedlich sind

security.yml

security: 
    encoders: 
     AppBundle\Entity\User: 
      algorithm: bcrypt 

    # http://symfony.com/doc/current/security.html#b-configuring-how-users-are-loaded 
    providers: 
     mysql_provider: 
      entity: 
       class: AppBundle:User 
     api_key_user_provider: 
      id: api_key_user_provider 

    firewalls: 
     # disables authentication for assets and the profiler, adapt it according to your needs 
     dev: 
      pattern: ^/(_(profiler|wdt)|css|images|js)/ 
      security: false 

     main: 
      pattern: ^/ 
      http_basic: ~ 
      provider: mysql_provider 
      anonymous: ~ 
      http_basic: ~ 
      form_login: 
       login_path: login 
       check_path: login 
       csrf_token_generator: security.csrf.token_manager 
       default_target_path: home 
       target_path_parameter: redirect_url 
       always_use_default_target_path: true 
       use_referer: true 
      logout: 
       path: /logout 
       target:/
     secured_area: 
      pattern: ^/api 
      stateless: true 
      simple_preauth: 
       authenticator: api_key_authenticator 
      provider: api_key_user_provider 

    access_control: 
     - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } 
     - { path: ^/, roles: ROLE_USER } 
     - { path: ^/user/*, roles: ROLE_USER } 
     - { path: ^/job/*, roles: ROLE_USER } 
     - { path: ^/home, roles: ROLE_USER } 
     - { path: ^/api/*, roles: ROLE_API } 

services.yml

parameters: 
services: 
    app.locale_listener: 
     class: AppBundle\EventListener\LocaleListener 
     arguments: ['%kernel.default_locale%'] 
     tags: 
      - { name: kernel.event_subscriber } 

    app.login_service: 
     class:  AppBundle\EventListener\LoginListener 
     arguments: ["@doctrine.orm.entity_manager"] 
     tags: 
      - { name: kernel.event_listener, event: security.authentication.success, method: onSuccessfulLogin } 

    api_key_authenticator: 
     class: AppBundle\Security\ApiKeyAuthenticator 
     public: false 

    api_key_user_provider: 
     class: AppBundle\Security\ApiKeyUserProvider 

config.yml

imports: 
    - { resource: parameters.yml } 
    - { resource: security.yml } 
    - { resource: services.yml } 

# Put parameters here that don't need to change on each machine where the app is deployed 
# http://symfony.com/doc/current/best_practices/configuration.html#application-related-configuration 
parameters: 
    locale: en 

framework: 
    #esi:    ~ 
    #translator:  { fallbacks: ["%locale%"] } 
    translator: { fallbacks: [en, es] } 
    secret:   "%secret%" 
    router: 
     resource: "%kernel.root_dir%/config/routing.yml" 
     strict_requirements: ~ 
    form:   ~ 
    csrf_protection: ~ 
    validation:  { enable_annotations: true } 
    templating: 
     engines: ['twig'] 
    default_locale: "%locale%" 
    trusted_hosts: ~ 
    trusted_proxies: ~ 
    session: 
     # http://symfony.com/doc/current/reference/configuration/framework.html#handler-id 
     handler_id: session.handler.native_file 
     save_path: "%kernel.root_dir%/../var/sessions/%kernel.environment%" 
    fragments:  ~ 
    http_method_override: true 
    assets: ~ 
    php_errors: 
     log: true 

# Twig Configuration 
twig: 
    debug:   "%kernel.debug%" 
    strict_variables: "%kernel.debug%" 
    form_themes: ['bootstrap_3_layout.html.twig'] 

# Doctrine Configuration 
doctrine: 
    dbal: 
     driver: pdo_mysql 
     host:  "%database_host%" 
     port:  "%database_port%" 
     dbname: "%database_name%" 
     user:  "%database_user%" 
     password: "%database_password%" 
     charset: UTF8 

    orm: 
     auto_generate_proxy_classes: "%kernel.debug%" 
     naming_strategy: doctrine.orm.naming_strategy.underscore 
     auto_mapping: true 

# Swiftmailer Configuration 
swiftmailer: 
    transport: "%mailer_transport%" 
    host:  "%mailer_host%" 
    username: "%mailer_user%" 
    password: "%mailer_password%" 
    spool:  { type: memory } 

ApiKeyAuthenticator und ApiKeyUserProvider sind die gleichen wie die Dateien im Tutorial.

Kann mir jemand helfen, es zu lösen?

Answer 1

Ich löste es schließlich, das Problem war mit der Reihenfolge der Anweisungen in der Firewall innerhalb der security Konfigurationsdatei.

Ich musste es ändern: es funktioniert

... 
    firewalls: 
     # disables authentication for assets and the profiler, adapt it according to your needs 
     dev: 
      pattern: ^/(_(profiler|wdt)|css|images|js)/ 
      security: false 
     secured_area: 
      pattern: ^/api 
      stateless: true 
      simple_preauth: 
       authenticator: api_key_authenticator 
      provider: api_key_user_provider 
     main: 
      pattern: ^/ 
      http_basic: ~ 
      provider: mysql_provider 
      anonymous: ~ 
      http_basic: ~ 
      form_login: 
       login_path: login 
       check_path: login 
       csrf_token_generator: security.csrf.token_manager 
       default_target_path: home 
       target_path_parameter: redirect_url 
       always_use_default_target_path: true 
       use_referer: true 
      logout: 
       path: /logout 
       target:/
... 

Jetzt als