External/domain-watchdog
1
0
Fork 0
mirror of https://github.com/maelgangloff/domain-watchdog.git synced 2025-12-29 16:15:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add API cookie auth

Browse Source
This commit is contained in:
Maël Gangloff
2024-07-23 13:21:50 +02:00
parent 857a978402
commit 0e82229121
3 changed files with 14 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
config/packages/lexik_jwt_authentication.yaml
View File

@@ -3,7 +3,15 @@ lexik_jwt_authentication:
public_key: '%env(resolve:JWT_PUBLIC_KEY)%' public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
pass_phrase: '%env(JWT_PASSPHRASE)%' pass_phrase: '%env(JWT_PASSPHRASE)%'
token_ttl: 3600 # in seconds, default is 3600 token_ttl: 3600 # in seconds, default is 3600
token_extractors:
authorization_header:
enabled: true
cookie:
enabled: true
name: BEARER
set_cookies:
BEARER: ~
remove_token_from_body_when_cookies_used: false
api_platform: api_platform:
check_path: /api/login check_path: /api/login
username_path: email username_path: email

10
config/packages/security.yaml
View File

@@ -43,6 +43,7 @@ security:
stateless: true stateless: true
json_login: json_login:
check_path: api_login check_path: api_login
username_path: email
success_handler: lexik_jwt_authentication.handler.authentication_success success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure failure_handler: lexik_jwt_authentication.handler.authentication_failure
login_throttling: login_throttling:
@@ -59,7 +60,6 @@ security:
logout: logout:
path: /logout path: /logout
target: / target: /
# activate different ways to authenticate # activate different ways to authenticate
# https://symfony.com/doc/current/security.html#the-firewall # https://symfony.com/doc/current/security.html#the-firewall
@@ -69,11 +69,9 @@ security:
# Easy way to control access for large sections of your site # Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used # Note: Only the *first* access control that matches will be used
access_control: access_control:
- { path: ^/api/login$, roles: PUBLIC_ACCESS } - { path: ^/api, roles: PUBLIC_ACCESS }
- { path: ^/api$, roles: PUBLIC_ACCESS } - { path: ^/api/docs, roles: PUBLIC_ACCESS }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY } - { path: ^/api/, roles: IS_AUTHENTICATED_FULLY }
# - { path: ^/admin, roles: ROLE_ADMIN }
# - { path: ^/profile, roles: ROLE_USER }
when@test: when@test:
security: security:

2
config/routes.yaml
View File

@@ -6,7 +6,7 @@ controllers:
api_login: api_login:
path: /api/login path: /api/login
methods: [ 'POST' ] # methods: [ 'POST' ]
oauth_connect_check: oauth_connect_check:
path: /login/oauth/check path: /login/oauth/check