Validating username password with LexikJWTAuthenticationBundle before authentication












1















I want to perform traditional validation of username( character count and valid email) and password (character count) before authentication is performed.



The users are in database and I don't want to hit the database before this validation gives a go.



I have LexikJWTAuthenticationBundle set up with Symfony 4.1 and it is working. There is no controller as the authentication is completely being handled by the bundle.



I am not sure how can I perform above mentioned validation. Please help.



Find below my security config to get some idea what I already have set up. 



security:

    role_hierarchy:

        ROLE_ADMIN:       ROLE_USER

        ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]

    encoders:

        AppEntityUser:

            id: app.bcrypt_plus_encoder

    providers:

        db_user_provider:

            entity:

                class: AppEntityUser

                # the property to query by - e.g. username, email, etc

                property: email

                # if you're using multiple entity managers

                # manager_name: customer

    firewalls:

        guest:

            pattern: ^/api/guest

            stateless: true

            anonymous: true

        login:

            pattern:  ^/api/login

            user_checker: AppSecurityUserChecker

            stateless: true

            anonymous: true

            provider: db_user_provider

            json_login:

                check_path: /api/login_check

                success_handler: lexik_jwt_authentication.handler.authentication_success

                failure_handler: AppSecurityHttpAuthenticationAuthenticationFailureHandler

                require_previous_session: false

                username_path: email

                password_path: passw



        api:

            pattern:   ^/api

            stateless: true

            guard:

                provider: db_user_provider

                authenticators:

                    - lexik_jwt_authentication.jwt_token_authenticator



    access_control:

        - { path: ^/api/guest, roles: IS_AUTHENTICATED_ANONYMOUSLY }

        - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }

        - { path: ^/api,       roles: IS_AUTHENTICATED_FULLY }





symfony validation jwt symfony4 lexikjwtauthbundle







share|improve this question

























  • i seems like you need to create a EventListener onKernelRequest before the authentication

    – Puya Sarmidani
    Nov 21 '18 at 20:34











  • Did you try annotation validation, my be it will be fired?

    – Ahmed bhs
    Nov 21 '18 at 21:00











  • @AhmedEBENHASSINE I didn't try annotation but i tried YAML. It is not fired.

    – Himal
    Nov 21 '18 at 23:02











  • @PuyaSarmidani I am not a huge fan of events, I think they just add extra burden and makes architecture less organized, but I think there is no other way either.

    – Himal
    Nov 21 '18 at 23:04











  • I think my first idea was wrong, anyway I tried to override the SymfonyComponentSecurityHttpFirewallUsernamePasswordFormAuthenticationListener but It throws an exception ...

    – Ahmed bhs
    Nov 23 '18 at 18:51
















1















I want to perform traditional validation of username( character count and valid email) and password (character count) before authentication is performed.



The users are in database and I don't want to hit the database before this validation gives a go.



I have LexikJWTAuthenticationBundle set up with Symfony 4.1 and it is working. There is no controller as the authentication is completely being handled by the bundle.



I am not sure how can I perform above mentioned validation. Please help.



Find below my security config to get some idea what I already have set up. 



security:

    role_hierarchy:

        ROLE_ADMIN:       ROLE_USER

        ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]

    encoders:

        AppEntityUser:

            id: app.bcrypt_plus_encoder

    providers:

        db_user_provider:

            entity:

                class: AppEntityUser

                # the property to query by - e.g. username, email, etc

                property: email

                # if you're using multiple entity managers

                # manager_name: customer

    firewalls:

        guest:

            pattern: ^/api/guest

            stateless: true

            anonymous: true

        login:

            pattern:  ^/api/login

            user_checker: AppSecurityUserChecker

            stateless: true

            anonymous: true

            provider: db_user_provider

            json_login:

                check_path: /api/login_check

                success_handler: lexik_jwt_authentication.handler.authentication_success

                failure_handler: AppSecurityHttpAuthenticationAuthenticationFailureHandler

                require_previous_session: false

                username_path: email

                password_path: passw



        api:

            pattern:   ^/api

            stateless: true

            guard:

                provider: db_user_provider

                authenticators:

                    - lexik_jwt_authentication.jwt_token_authenticator



    access_control:

        - { path: ^/api/guest, roles: IS_AUTHENTICATED_ANONYMOUSLY }

        - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }

        - { path: ^/api,       roles: IS_AUTHENTICATED_FULLY }





symfony validation jwt symfony4 lexikjwtauthbundle







share|improve this question

























  • i seems like you need to create a EventListener onKernelRequest before the authentication

    – Puya Sarmidani
    Nov 21 '18 at 20:34











  • Did you try annotation validation, my be it will be fired?

    – Ahmed bhs
    Nov 21 '18 at 21:00











  • @AhmedEBENHASSINE I didn't try annotation but i tried YAML. It is not fired.

    – Himal
    Nov 21 '18 at 23:02











  • @PuyaSarmidani I am not a huge fan of events, I think they just add extra burden and makes architecture less organized, but I think there is no other way either.

    – Himal
    Nov 21 '18 at 23:04











  • I think my first idea was wrong, anyway I tried to override the SymfonyComponentSecurityHttpFirewallUsernamePasswordFormAuthenticationListener but It throws an exception ...

    – Ahmed bhs
    Nov 23 '18 at 18:51














1












1








1








I want to perform traditional validation of username( character count and valid email) and password (character count) before authentication is performed.



The users are in database and I don't want to hit the database before this validation gives a go.



I have LexikJWTAuthenticationBundle set up with Symfony 4.1 and it is working. There is no controller as the authentication is completely being handled by the bundle.



I am not sure how can I perform above mentioned validation. Please help.



Find below my security config to get some idea what I already have set up. 



security:

    role_hierarchy:

        ROLE_ADMIN:       ROLE_USER

        ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]

    encoders:

        AppEntityUser:

            id: app.bcrypt_plus_encoder

    providers:

        db_user_provider:

            entity:

                class: AppEntityUser

                # the property to query by - e.g. username, email, etc

                property: email

                # if you're using multiple entity managers

                # manager_name: customer

    firewalls:

        guest:

            pattern: ^/api/guest

            stateless: true

            anonymous: true

        login:

            pattern:  ^/api/login

            user_checker: AppSecurityUserChecker

            stateless: true

            anonymous: true

            provider: db_user_provider

            json_login:

                check_path: /api/login_check

                success_handler: lexik_jwt_authentication.handler.authentication_success

                failure_handler: AppSecurityHttpAuthenticationAuthenticationFailureHandler

                require_previous_session: false

                username_path: email

                password_path: passw



        api:

            pattern:   ^/api

            stateless: true

            guard:

                provider: db_user_provider

                authenticators:

                    - lexik_jwt_authentication.jwt_token_authenticator



    access_control:

        - { path: ^/api/guest, roles: IS_AUTHENTICATED_ANONYMOUSLY }

        - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }

        - { path: ^/api,       roles: IS_AUTHENTICATED_FULLY }





symfony validation jwt symfony4 lexikjwtauthbundle







share|improve this question
















I want to perform traditional validation of username( character count and valid email) and password (character count) before authentication is performed.



The users are in database and I don't want to hit the database before this validation gives a go.



I have LexikJWTAuthenticationBundle set up with Symfony 4.1 and it is working. There is no controller as the authentication is completely being handled by the bundle.



I am not sure how can I perform above mentioned validation. Please help.



Find below my security config to get some idea what I already have set up. 



security:

    role_hierarchy:

        ROLE_ADMIN:       ROLE_USER

        ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]

    encoders:

        AppEntityUser:

            id: app.bcrypt_plus_encoder

    providers:

        db_user_provider:

            entity:

                class: AppEntityUser

                # the property to query by - e.g. username, email, etc

                property: email

                # if you're using multiple entity managers

                # manager_name: customer

    firewalls:

        guest:

            pattern: ^/api/guest

            stateless: true

            anonymous: true

        login:

            pattern:  ^/api/login

            user_checker: AppSecurityUserChecker

            stateless: true

            anonymous: true

            provider: db_user_provider

            json_login:

                check_path: /api/login_check

                success_handler: lexik_jwt_authentication.handler.authentication_success

                failure_handler: AppSecurityHttpAuthenticationAuthenticationFailureHandler

                require_previous_session: false

                username_path: email

                password_path: passw



        api:

            pattern:   ^/api

            stateless: true

            guard:

                provider: db_user_provider

                authenticators:

                    - lexik_jwt_authentication.jwt_token_authenticator



    access_control:

        - { path: ^/api/guest, roles: IS_AUTHENTICATED_ANONYMOUSLY }

        - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }

        - { path: ^/api,       roles: IS_AUTHENTICATED_FULLY }





symfony validation jwt symfony4 lexikjwtauthbundle




symfony validation jwt symfony4 lexikjwtauthbundle






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 22 '18 at 8:18









Ahmed bhs

9111521




9111521










asked Nov 21 '18 at 20:16









HimalHimal

61




61













  • i seems like you need to create a EventListener onKernelRequest before the authentication

    – Puya Sarmidani
    Nov 21 '18 at 20:34











  • Did you try annotation validation, my be it will be fired?

    – Ahmed bhs
    Nov 21 '18 at 21:00











  • @AhmedEBENHASSINE I didn't try annotation but i tried YAML. It is not fired.

    – Himal
    Nov 21 '18 at 23:02











  • @PuyaSarmidani I am not a huge fan of events, I think they just add extra burden and makes architecture less organized, but I think there is no other way either.

    – Himal
    Nov 21 '18 at 23:04











  • I think my first idea was wrong, anyway I tried to override the SymfonyComponentSecurityHttpFirewallUsernamePasswordFormAuthenticationListener but It throws an exception ...

    – Ahmed bhs
    Nov 23 '18 at 18:51



















  • i seems like you need to create a EventListener onKernelRequest before the authentication

    – Puya Sarmidani
    Nov 21 '18 at 20:34











  • Did you try annotation validation, my be it will be fired?

    – Ahmed bhs
    Nov 21 '18 at 21:00











  • @AhmedEBENHASSINE I didn't try annotation but i tried YAML. It is not fired.

    – Himal
    Nov 21 '18 at 23:02











  • @PuyaSarmidani I am not a huge fan of events, I think they just add extra burden and makes architecture less organized, but I think there is no other way either.

    – Himal
    Nov 21 '18 at 23:04











  • I think my first idea was wrong, anyway I tried to override the SymfonyComponentSecurityHttpFirewallUsernamePasswordFormAuthenticationListener but It throws an exception ...

    – Ahmed bhs
    Nov 23 '18 at 18:51

















i seems like you need to create a EventListener onKernelRequest before the authentication

– Puya Sarmidani
Nov 21 '18 at 20:34





i seems like you need to create a EventListener onKernelRequest before the authentication

– Puya Sarmidani
Nov 21 '18 at 20:34













Did you try annotation validation, my be it will be fired?

– Ahmed bhs
Nov 21 '18 at 21:00





Did you try annotation validation, my be it will be fired?

– Ahmed bhs
Nov 21 '18 at 21:00













@AhmedEBENHASSINE I didn't try annotation but i tried YAML. It is not fired.

– Himal
Nov 21 '18 at 23:02





@AhmedEBENHASSINE I didn't try annotation but i tried YAML. It is not fired.

– Himal
Nov 21 '18 at 23:02













@PuyaSarmidani I am not a huge fan of events, I think they just add extra burden and makes architecture less organized, but I think there is no other way either.

– Himal
Nov 21 '18 at 23:04





@PuyaSarmidani I am not a huge fan of events, I think they just add extra burden and makes architecture less organized, but I think there is no other way either.

– Himal
Nov 21 '18 at 23:04













I think my first idea was wrong, anyway I tried to override the SymfonyComponentSecurityHttpFirewallUsernamePasswordFormAuthenticationListener but It throws an exception ...

– Ahmed bhs
Nov 23 '18 at 18:51





I think my first idea was wrong, anyway I tried to override the SymfonyComponentSecurityHttpFirewallUsernamePasswordFormAuthenticationListener but It throws an exception ...

– Ahmed bhs
Nov 23 '18 at 18:51












1 Answer
1






active

oldest

votes


















0














Hello if you want to handle request username and password, you can just add Guard Authenticator and add your logical condition in << supports >> function like this : 






<?php



namespace AppSecurity;



use SymfonyComponentHttpFoundationRequest;

use SymfonyComponentHttpFoundationJsonResponse;

use SymfonyComponentHttpFoundationResponse;

use SymfonyComponentSecurityCoreUserUserInterface;

use SymfonyComponentSecurityGuardAbstractGuardAuthenticator;

use SymfonyComponentSecurityCoreAuthenticationTokenTokenInterface;

use SymfonyComponentSecurityCoreExceptionAuthenticationException;

use SymfonyComponentSecurityCoreUserUserProviderInterface;

use SymfonyComponentSecurityCoreExceptionUsernameNotFoundException;



class UserAuthenticator extends AbstractGuardAuthenticator

{

    public function supports(Request $request)

    {

        // here you can handle your request an throw exception if not valid





        // throw new UsernameNotFoundException(

        //     sprintf('Username "%s" does not exist.', 'test')

        // );

        // dump($request->getContent());die;

        

        return $request->headers->has('X-AUTH-TOKEN');

    }



    public function getCredentials(Request $request)

    {

        return array(

            'token' => $request->headers->get('X-AUTH-TOKEN'),

        );

    }



    public function getUser($credentials, UserProviderInterface $userProvider)

    {

        $apiKey = $credentials['token'];



        if (null === $apiKey) {

            return;

        }

        return $userProvider->loadUserByUsername($apiKey);

    }



    public function checkCredentials($credentials, UserInterface $user)

    {

        return true;

    }



    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)

    {

        return null;

    }



    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)

    {

        $data = array(

            'message' => strtr($exception->getMessageKey(), $exception->getMessageData())

        );



        return new JsonResponse($data, Response::HTTP_FORBIDDEN);

    }



    public function start(Request $request, AuthenticationException $authException = null)

    {

        $data = array(

            // you might translate this message

            'message' => 'Authentication Required'

        );



        return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);

    }



    public function supportsRememberMe()

    {

        return false;

    }

}





and just add your Guard in security.yml like this : 






security:

    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers

    encoders:

        AppEntityUser: bcrypt

    providers:

        jwt:

            lexik_jwt: ~

        user_provider:

            entity:

                class: AppEntityUser

                property: username



    firewalls:

        dev:

            pattern: ^/(_(profiler|wdt)|css|images|js)/

            security: false

        login:

            pattern:  ^/api/login

            stateless: true

            anonymous: true

            provider: user_provider

            json_login:

                check_path:               /api/login_check

                success_handler:          lexik_jwt_authentication.handler.authentication_success

                failure_handler:          lexik_jwt_authentication.handler.authentication_failure

            guard:

                authenticators:

                    - AppSecurityUserAuthenticator








share|improve this answer
























  • Could you explain why support and nit checkCredentials() function ?

    – Ahmed bhs
    Nov 24 '18 at 11:34











  • you can see it in this url: symfony.com/doc/current/security/guard_authentication.html

    – rapaelec
    Nov 25 '18 at 8:22











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53419857%2fvalidating-username-password-with-lexikjwtauthenticationbundle-before-authentica%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









0














Hello if you want to handle request username and password, you can just add Guard Authenticator and add your logical condition in << supports >> function like this : 






<?php



namespace AppSecurity;



use SymfonyComponentHttpFoundationRequest;

use SymfonyComponentHttpFoundationJsonResponse;

use SymfonyComponentHttpFoundationResponse;

use SymfonyComponentSecurityCoreUserUserInterface;

use SymfonyComponentSecurityGuardAbstractGuardAuthenticator;

use SymfonyComponentSecurityCoreAuthenticationTokenTokenInterface;

use SymfonyComponentSecurityCoreExceptionAuthenticationException;

use SymfonyComponentSecurityCoreUserUserProviderInterface;

use SymfonyComponentSecurityCoreExceptionUsernameNotFoundException;



class UserAuthenticator extends AbstractGuardAuthenticator

{

    public function supports(Request $request)

    {

        // here you can handle your request an throw exception if not valid





        // throw new UsernameNotFoundException(

        //     sprintf('Username "%s" does not exist.', 'test')

        // );

        // dump($request->getContent());die;

        

        return $request->headers->has('X-AUTH-TOKEN');

    }



    public function getCredentials(Request $request)

    {

        return array(

            'token' => $request->headers->get('X-AUTH-TOKEN'),

        );

    }



    public function getUser($credentials, UserProviderInterface $userProvider)

    {

        $apiKey = $credentials['token'];



        if (null === $apiKey) {

            return;

        }

        return $userProvider->loadUserByUsername($apiKey);

    }



    public function checkCredentials($credentials, UserInterface $user)

    {

        return true;

    }



    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)

    {

        return null;

    }



    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)

    {

        $data = array(

            'message' => strtr($exception->getMessageKey(), $exception->getMessageData())

        );



        return new JsonResponse($data, Response::HTTP_FORBIDDEN);

    }



    public function start(Request $request, AuthenticationException $authException = null)

    {

        $data = array(

            // you might translate this message

            'message' => 'Authentication Required'

        );



        return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);

    }



    public function supportsRememberMe()

    {

        return false;

    }

}





and just add your Guard in security.yml like this : 






security:

    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers

    encoders:

        AppEntityUser: bcrypt

    providers:

        jwt:

            lexik_jwt: ~

        user_provider:

            entity:

                class: AppEntityUser

                property: username



    firewalls:

        dev:

            pattern: ^/(_(profiler|wdt)|css|images|js)/

            security: false

        login:

            pattern:  ^/api/login

            stateless: true

            anonymous: true

            provider: user_provider

            json_login:

                check_path:               /api/login_check

                success_handler:          lexik_jwt_authentication.handler.authentication_success

                failure_handler:          lexik_jwt_authentication.handler.authentication_failure

            guard:

                authenticators:

                    - AppSecurityUserAuthenticator








share|improve this answer
























  • Could you explain why support and nit checkCredentials() function ?

    – Ahmed bhs
    Nov 24 '18 at 11:34











  • you can see it in this url: symfony.com/doc/current/security/guard_authentication.html

    – rapaelec
    Nov 25 '18 at 8:22
















0














Hello if you want to handle request username and password, you can just add Guard Authenticator and add your logical condition in << supports >> function like this : 






<?php



namespace AppSecurity;



use SymfonyComponentHttpFoundationRequest;

use SymfonyComponentHttpFoundationJsonResponse;

use SymfonyComponentHttpFoundationResponse;

use SymfonyComponentSecurityCoreUserUserInterface;

use SymfonyComponentSecurityGuardAbstractGuardAuthenticator;

use SymfonyComponentSecurityCoreAuthenticationTokenTokenInterface;

use SymfonyComponentSecurityCoreExceptionAuthenticationException;

use SymfonyComponentSecurityCoreUserUserProviderInterface;

use SymfonyComponentSecurityCoreExceptionUsernameNotFoundException;



class UserAuthenticator extends AbstractGuardAuthenticator

{

    public function supports(Request $request)

    {

        // here you can handle your request an throw exception if not valid





        // throw new UsernameNotFoundException(

        //     sprintf('Username "%s" does not exist.', 'test')

        // );

        // dump($request->getContent());die;

        

        return $request->headers->has('X-AUTH-TOKEN');

    }



    public function getCredentials(Request $request)

    {

        return array(

            'token' => $request->headers->get('X-AUTH-TOKEN'),

        );

    }



    public function getUser($credentials, UserProviderInterface $userProvider)

    {

        $apiKey = $credentials['token'];



        if (null === $apiKey) {

            return;

        }

        return $userProvider->loadUserByUsername($apiKey);

    }



    public function checkCredentials($credentials, UserInterface $user)

    {

        return true;

    }



    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)

    {

        return null;

    }



    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)

    {

        $data = array(

            'message' => strtr($exception->getMessageKey(), $exception->getMessageData())

        );



        return new JsonResponse($data, Response::HTTP_FORBIDDEN);

    }



    public function start(Request $request, AuthenticationException $authException = null)

    {

        $data = array(

            // you might translate this message

            'message' => 'Authentication Required'

        );



        return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);

    }



    public function supportsRememberMe()

    {

        return false;

    }

}





and just add your Guard in security.yml like this : 






security:

    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers

    encoders:

        AppEntityUser: bcrypt

    providers:

        jwt:

            lexik_jwt: ~

        user_provider:

            entity:

                class: AppEntityUser

                property: username



    firewalls:

        dev:

            pattern: ^/(_(profiler|wdt)|css|images|js)/

            security: false

        login:

            pattern:  ^/api/login

            stateless: true

            anonymous: true

            provider: user_provider

            json_login:

                check_path:               /api/login_check

                success_handler:          lexik_jwt_authentication.handler.authentication_success

                failure_handler:          lexik_jwt_authentication.handler.authentication_failure

            guard:

                authenticators:

                    - AppSecurityUserAuthenticator








share|improve this answer
























  • Could you explain why support and nit checkCredentials() function ?

    – Ahmed bhs
    Nov 24 '18 at 11:34











  • you can see it in this url: symfony.com/doc/current/security/guard_authentication.html

    – rapaelec
    Nov 25 '18 at 8:22














0












0








0







Hello if you want to handle request username and password, you can just add Guard Authenticator and add your logical condition in << supports >> function like this : 






<?php



namespace AppSecurity;



use SymfonyComponentHttpFoundationRequest;

use SymfonyComponentHttpFoundationJsonResponse;

use SymfonyComponentHttpFoundationResponse;

use SymfonyComponentSecurityCoreUserUserInterface;

use SymfonyComponentSecurityGuardAbstractGuardAuthenticator;

use SymfonyComponentSecurityCoreAuthenticationTokenTokenInterface;

use SymfonyComponentSecurityCoreExceptionAuthenticationException;

use SymfonyComponentSecurityCoreUserUserProviderInterface;

use SymfonyComponentSecurityCoreExceptionUsernameNotFoundException;



class UserAuthenticator extends AbstractGuardAuthenticator

{

    public function supports(Request $request)

    {

        // here you can handle your request an throw exception if not valid





        // throw new UsernameNotFoundException(

        //     sprintf('Username "%s" does not exist.', 'test')

        // );

        // dump($request->getContent());die;

        

        return $request->headers->has('X-AUTH-TOKEN');

    }



    public function getCredentials(Request $request)

    {

        return array(

            'token' => $request->headers->get('X-AUTH-TOKEN'),

        );

    }



    public function getUser($credentials, UserProviderInterface $userProvider)

    {

        $apiKey = $credentials['token'];



        if (null === $apiKey) {

            return;

        }

        return $userProvider->loadUserByUsername($apiKey);

    }



    public function checkCredentials($credentials, UserInterface $user)

    {

        return true;

    }



    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)

    {

        return null;

    }



    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)

    {

        $data = array(

            'message' => strtr($exception->getMessageKey(), $exception->getMessageData())

        );



        return new JsonResponse($data, Response::HTTP_FORBIDDEN);

    }



    public function start(Request $request, AuthenticationException $authException = null)

    {

        $data = array(

            // you might translate this message

            'message' => 'Authentication Required'

        );



        return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);

    }



    public function supportsRememberMe()

    {

        return false;

    }

}





and just add your Guard in security.yml like this : 






security:

    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers

    encoders:

        AppEntityUser: bcrypt

    providers:

        jwt:

            lexik_jwt: ~

        user_provider:

            entity:

                class: AppEntityUser

                property: username



    firewalls:

        dev:

            pattern: ^/(_(profiler|wdt)|css|images|js)/

            security: false

        login:

            pattern:  ^/api/login

            stateless: true

            anonymous: true

            provider: user_provider

            json_login:

                check_path:               /api/login_check

                success_handler:          lexik_jwt_authentication.handler.authentication_success

                failure_handler:          lexik_jwt_authentication.handler.authentication_failure

            guard:

                authenticators:

                    - AppSecurityUserAuthenticator








share|improve this answer













Hello if you want to handle request username and password, you can just add Guard Authenticator and add your logical condition in << supports >> function like this : 






<?php



namespace AppSecurity;



use SymfonyComponentHttpFoundationRequest;

use SymfonyComponentHttpFoundationJsonResponse;

use SymfonyComponentHttpFoundationResponse;

use SymfonyComponentSecurityCoreUserUserInterface;

use SymfonyComponentSecurityGuardAbstractGuardAuthenticator;

use SymfonyComponentSecurityCoreAuthenticationTokenTokenInterface;

use SymfonyComponentSecurityCoreExceptionAuthenticationException;

use SymfonyComponentSecurityCoreUserUserProviderInterface;

use SymfonyComponentSecurityCoreExceptionUsernameNotFoundException;



class UserAuthenticator extends AbstractGuardAuthenticator

{

    public function supports(Request $request)

    {

        // here you can handle your request an throw exception if not valid





        // throw new UsernameNotFoundException(

        //     sprintf('Username "%s" does not exist.', 'test')

        // );

        // dump($request->getContent());die;

        

        return $request->headers->has('X-AUTH-TOKEN');

    }



    public function getCredentials(Request $request)

    {

        return array(

            'token' => $request->headers->get('X-AUTH-TOKEN'),

        );

    }



    public function getUser($credentials, UserProviderInterface $userProvider)

    {

        $apiKey = $credentials['token'];



        if (null === $apiKey) {

            return;

        }

        return $userProvider->loadUserByUsername($apiKey);

    }



    public function checkCredentials($credentials, UserInterface $user)

    {

        return true;

    }



    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)

    {

        return null;

    }



    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)

    {

        $data = array(

            'message' => strtr($exception->getMessageKey(), $exception->getMessageData())

        );



        return new JsonResponse($data, Response::HTTP_FORBIDDEN);

    }



    public function start(Request $request, AuthenticationException $authException = null)

    {

        $data = array(

            // you might translate this message

            'message' => 'Authentication Required'

        );



        return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);

    }



    public function supportsRememberMe()

    {

        return false;

    }

}





and just add your Guard in security.yml like this : 






security:

    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers

    encoders:

        AppEntityUser: bcrypt

    providers:

        jwt:

            lexik_jwt: ~

        user_provider:

            entity:

                class: AppEntityUser

                property: username



    firewalls:

        dev:

            pattern: ^/(_(profiler|wdt)|css|images|js)/

            security: false

        login:

            pattern:  ^/api/login

            stateless: true

            anonymous: true

            provider: user_provider

            json_login:

                check_path:               /api/login_check

                success_handler:          lexik_jwt_authentication.handler.authentication_success

                failure_handler:          lexik_jwt_authentication.handler.authentication_failure

            guard:

                authenticators:

                    - AppSecurityUserAuthenticator








<?php



namespace AppSecurity;



use SymfonyComponentHttpFoundationRequest;

use SymfonyComponentHttpFoundationJsonResponse;

use SymfonyComponentHttpFoundationResponse;

use SymfonyComponentSecurityCoreUserUserInterface;

use SymfonyComponentSecurityGuardAbstractGuardAuthenticator;

use SymfonyComponentSecurityCoreAuthenticationTokenTokenInterface;

use SymfonyComponentSecurityCoreExceptionAuthenticationException;

use SymfonyComponentSecurityCoreUserUserProviderInterface;

use SymfonyComponentSecurityCoreExceptionUsernameNotFoundException;



class UserAuthenticator extends AbstractGuardAuthenticator

{

    public function supports(Request $request)

    {

        // here you can handle your request an throw exception if not valid





        // throw new UsernameNotFoundException(

        //     sprintf('Username "%s" does not exist.', 'test')

        // );

        // dump($request->getContent());die;

        

        return $request->headers->has('X-AUTH-TOKEN');

    }



    public function getCredentials(Request $request)

    {

        return array(

            'token' => $request->headers->get('X-AUTH-TOKEN'),

        );

    }



    public function getUser($credentials, UserProviderInterface $userProvider)

    {

        $apiKey = $credentials['token'];



        if (null === $apiKey) {

            return;

        }

        return $userProvider->loadUserByUsername($apiKey);

    }



    public function checkCredentials($credentials, UserInterface $user)

    {

        return true;

    }



    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)

    {

        return null;

    }



    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)

    {

        $data = array(

            'message' => strtr($exception->getMessageKey(), $exception->getMessageData())

        );



        return new JsonResponse($data, Response::HTTP_FORBIDDEN);

    }



    public function start(Request $request, AuthenticationException $authException = null)

    {

        $data = array(

            // you might translate this message

            'message' => 'Authentication Required'

        );



        return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);

    }



    public function supportsRememberMe()

    {

        return false;

    }

}





<?php



namespace AppSecurity;



use SymfonyComponentHttpFoundationRequest;

use SymfonyComponentHttpFoundationJsonResponse;

use SymfonyComponentHttpFoundationResponse;

use SymfonyComponentSecurityCoreUserUserInterface;

use SymfonyComponentSecurityGuardAbstractGuardAuthenticator;

use SymfonyComponentSecurityCoreAuthenticationTokenTokenInterface;

use SymfonyComponentSecurityCoreExceptionAuthenticationException;

use SymfonyComponentSecurityCoreUserUserProviderInterface;

use SymfonyComponentSecurityCoreExceptionUsernameNotFoundException;



class UserAuthenticator extends AbstractGuardAuthenticator

{

    public function supports(Request $request)

    {

        // here you can handle your request an throw exception if not valid





        // throw new UsernameNotFoundException(

        //     sprintf('Username "%s" does not exist.', 'test')

        // );

        // dump($request->getContent());die;

        

        return $request->headers->has('X-AUTH-TOKEN');

    }



    public function getCredentials(Request $request)

    {

        return array(

            'token' => $request->headers->get('X-AUTH-TOKEN'),

        );

    }



    public function getUser($credentials, UserProviderInterface $userProvider)

    {

        $apiKey = $credentials['token'];



        if (null === $apiKey) {

            return;

        }

        return $userProvider->loadUserByUsername($apiKey);

    }



    public function checkCredentials($credentials, UserInterface $user)

    {

        return true;

    }



    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)

    {

        return null;

    }



    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)

    {

        $data = array(

            'message' => strtr($exception->getMessageKey(), $exception->getMessageData())

        );



        return new JsonResponse($data, Response::HTTP_FORBIDDEN);

    }



    public function start(Request $request, AuthenticationException $authException = null)

    {

        $data = array(

            // you might translate this message

            'message' => 'Authentication Required'

        );



        return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);

    }



    public function supportsRememberMe()

    {

        return false;

    }

}





security:

    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers

    encoders:

        AppEntityUser: bcrypt

    providers:

        jwt:

            lexik_jwt: ~

        user_provider:

            entity:

                class: AppEntityUser

                property: username



    firewalls:

        dev:

            pattern: ^/(_(profiler|wdt)|css|images|js)/

            security: false

        login:

            pattern:  ^/api/login

            stateless: true

            anonymous: true

            provider: user_provider

            json_login:

                check_path:               /api/login_check

                success_handler:          lexik_jwt_authentication.handler.authentication_success

                failure_handler:          lexik_jwt_authentication.handler.authentication_failure

            guard:

                authenticators:

                    - AppSecurityUserAuthenticator





security:

    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers

    encoders:

        AppEntityUser: bcrypt

    providers:

        jwt:

            lexik_jwt: ~

        user_provider:

            entity:

                class: AppEntityUser

                property: username



    firewalls:

        dev:

            pattern: ^/(_(profiler|wdt)|css|images|js)/

            security: false

        login:

            pattern:  ^/api/login

            stateless: true

            anonymous: true

            provider: user_provider

            json_login:

                check_path:               /api/login_check

                success_handler:          lexik_jwt_authentication.handler.authentication_success

                failure_handler:          lexik_jwt_authentication.handler.authentication_failure

            guard:

                authenticators:

                    - AppSecurityUserAuthenticator






share|improve this answer












share|improve this answer



share|improve this answer










answered Nov 24 '18 at 0:38









rapaelecrapaelec

18724




18724













  • Could you explain why support and nit checkCredentials() function ?

    – Ahmed bhs
    Nov 24 '18 at 11:34











  • you can see it in this url: symfony.com/doc/current/security/guard_authentication.html

    – rapaelec
    Nov 25 '18 at 8:22



















  • Could you explain why support and nit checkCredentials() function ?

    – Ahmed bhs
    Nov 24 '18 at 11:34











  • you can see it in this url: symfony.com/doc/current/security/guard_authentication.html

    – rapaelec
    Nov 25 '18 at 8:22

















Could you explain why support and nit checkCredentials() function ?

– Ahmed bhs
Nov 24 '18 at 11:34





Could you explain why support and nit checkCredentials() function ?

– Ahmed bhs
Nov 24 '18 at 11:34













you can see it in this url: symfony.com/doc/current/security/guard_authentication.html

– rapaelec
Nov 25 '18 at 8:22





you can see it in this url: symfony.com/doc/current/security/guard_authentication.html

– rapaelec
Nov 25 '18 at 8:22




















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53419857%2fvalidating-username-password-with-lexikjwtauthenticationbundle-before-authentica%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

MongoDB - Not Authorized To Execute Command

Image
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box; } 0 I have successfully enabled authorization on MongoDB and I have created an account on the admin database and then I created an account for my database called test. The following connection string to connect to my test database works successfully: mongo --host 192.168.17.52 --port 27017 -u user1 -p password --authenticationDatabase test Only problem I have now is, I cannot execute commands such as: show dbs. I get the following error when I try to do so: "errmsg" : "not authorized on admin to execute command { listDatabases: 1.0, lsid: { id: UUID("a1d5bc0d-bc58-485e-b232-270758a89455") }, $db: "admin...
Read more

How to fix TextFormField cause rebuild widget in Flutter

Image
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box; } 0 I've got the same issue at #9280. I tried all solutions from that topic with/without GlobalKey for Scaffold and Form but the problem wasn't fixed. I tried to build a authentication form with login and signup. But the keyboard doesn't show when I tap the TextFormField at the first time. Then I try to input some letter from physical keyboard, the widget is rebuilt. Like this: login screen Nothing to be log when I run flutter run --verbose, so I logged manually. Every tapping on field, the widget called dispose -> init -> build. [√] Flutter (Channel beta, v1.0.0, on Microsoft Windows [Version 10.0.17763.195], ...
Read more

in spring boot 2.1 many test slices are not allowed anymore due to multiple @BootstrapWith

Image
1 I tried to upgrade a yummy sandwich made of two test slices (@JsonTest and @JdbcTest in my case, crunchy test code in between) adding spring boot 2.1 flavour to it. But it seems it was not much of a success. I cannot annotate my tests with many @...Test since they are now each bringing their own XxxTestContextBootstrapper. It used to work when they all used same SpringBootTestContextBootstrapper. @RunWith(SpringRunner.class) @JdbcTest @JsonTest public class Test { @Test public void test() { System.out.printn("Hello, World !"); } } The error I get from BootstrapUtils is illegalStateException : Configuration error: found multiple declarations of @BootstrapWith for test class I understand I might be doing something wrong here but is there an easy way I could load both Json and Jdbc contex...
Read more