如何解决在Siteground登录后,代码401无效的JWT令牌
我仅在Siteground(使用Nginx)的生产环境中遇到此问题。
项目划分如下:
rest: symfony
front: angular
当我登录(调用login_check.json)时正确接收令牌后,在对需要身份验证的路由进行调用并验证标头之后,正确使用生成的令牌。
但是返回:
代码401无效的JWT令牌
详细信息:
Response Header:
HTTP/1.1 401 Unauthorized
Server: Nginx
Date: Wed,26 Aug 2020 07:29:06 GMT
Content-Type: application/json
transfer-encoding: chunked
Connection: keep-alive
WWW-Authenticate: Bearer
Cache-Control: private,must-revalidate
pragma: no-cache
expires: -1
vary: Authorization,Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *
Access-Control-Allow-Headers: Origin,X-Requested-With,Content-Type,Accept,Authorization
Request Header:
Accept: application/json,text/plain,*/*
Accept-Encoding: gzip,deflate
Accept-Language: it-IT,it;q=0.9,en-US;q=0.8,en;q=0.7
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE1OTg0MjY5MzUsImV4cCI6MTU5OTAzMTczNSwicm9sZXMiOlsiUk9MRV9VU0VSIl0sInVzZXJuYW1lIjoiYWRtaW4ifQ.jriHlUxB6lbD8WZPR_-2XH1uAqRO4NEkkQiwTNUfgRPhNP63Y1tKFIK8hWAnr9CNECD-0hiuyD_Q-Ltlc7g5R4Xio3C0rkXwnpSAfktxag1C1rS1-gDSroHhEMhsiosrbiEtZeCXy154f7-1oAmGyLFxTnKeS8Vj09VWX2rpYBOdKLeTQKHxupul5gIqOyKaVE8sYbiVtCt6EAOWH72esdrwgSZy5sdNmcX4wqzLKKPPLRFiUdZ0EjZzZb7MreMY-w1qoPoqjyFTkT0sjxkPp6s1XSrkskwpklWvZGw2fZoRaapx31RVC7m_ws8TayvAOFcJbTgyZtKc9fZ90poPC0K0Y_pih-sXh2U40bq9N5gkCVkmpxA8t6YqLupl41B1E1urrtHf7dsIDaRkel73BCZc-s8HqYoOpNV9ZsutLMofCu55fEljSzK-EcSXdm7iZYgAtRTeZbBuiU4b6iBEyTncjOKg0tl35bCnoAHsg6yDVLWx6tIZIKl4gHKKqXR9ajI-JNhke23oFauVxxswR8T4WJ7nfQ8bxB2H-vmz31BbGcU1VKiqUGufsuh_2-GlaH8gWIqooxrfd-yA5__ispAVQ4Rab60uJgbQ2L36e2PGtmP7hIAplMTsDW4hjekZyir1GGxt-gVEN8p6FBIERMOiCcXWPlncB-T5OZ8JuLo
Connection: keep-alive
Host: example.com
Referer: http://example.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML,like Gecko) Chrome/84.0.4147.135 Safari/537.36
我在这方面寻找了各种解决方案,例如在CLI上通过curl尝试过:
curl -X POST -H "Content-Type: application / json" etc ..
但什么也没有,始终是相同的401错误。
有人在使用JWT的网站上遇到问题吗?
我给你留了一些symfony配置文件,也许我忘了一些东西
security.yaml
security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
encoders:
App\Entity\User: bcrypt
providers:
fos_userbundle:
id: fos_user.user_provider.username
# providers:
# in_memory: { memory: ~ }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/login
stateless: true
anonymous: true
json_login:
check_path: /login_check.json
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_prevIoUs_session: false
username_path: username
password_path: password
refresh:
pattern: ^/token_refresh.json
stateless: true
anonymous: true
api:
pattern: ^/
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
#main:
# anonymous: true
# activate different ways to authenticate
# http_basic: true
# https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
# form_login: true
# https://symfony.com/doc/current/security/form_login_setup.html
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/login,roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/token_refresh.json,roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/,roles: IS_AUTHENTICATED_FULLY }
lexik_jwt_authentication.yaml
lexik_jwt_authentication:
secret_key: '%env(resolve:JWT_SECRET_KEY)%'
public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
pass_phrase: '%env(JWT_PAsspHRASE)%'
token_ttl: 3600 # 1 Hour
更新
我试图在refresh_token.json上进行调用,我期望出现相同的错误,但实际上该调用始终具有授权Bearer +令牌有效……它生成了一个新令牌,我再次将其用于其他调用相同的问题代码401无效的JWT令牌。 在这一点上,我认为问题不在于Nginx,而在于symfony JWT管理...
解决方法
解决方案:
像往常一样,这太平庸了...我没有在 security.yaml 中输入此信息:
pattern: ^/api
代替:
pattern: ^/
该死...我的眼睛不好。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。