我使用LexikJWT和Schab2FA Bundle,我配置了我的安全如下:
firewalls:
login:
pattern: ^/login
stateless: true
provider: fos_userbundle
json_login:
check_path: /login_check
username_path: _username
password_path: _password
success_handler: App\Application\Module\User\EventHandler\Security\AuthenticationSuccessHandler
failure_handler: App\Application\Module\User\EventHandler\Security\AuthenticationFailureHandler
user_checker: App\Application\Module\User\EventListener\Security\UserChecker
two_factor:
prepare_on_login: true
main:
pattern: ^/
provider: fos_userbundle
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
two_factor:
check_path: 2fa_login_check
auth_code_parameter_name: _auth_code
authentication_required_handler: App\Application\Module\User\EventHandler\Security\TwoFactorAuthenticationRequiredHandler
failure_handler: App\Application\Module\User\EventHandler\Security\TwoFactorAuthenticationFailureHandler
success_handler: App\Application\Module\User\EventHandler\Security\TwoFactorAuthenticationSuccessHandler
方案_2fa:
# See the configuration reference at https://symfony.com/bundles/SchebTwoFactorBundle/6.x/configuration.html
scheb_two_factor:
security_tokens:
- Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken
email:
enabled: true
digits: 6
mailer: App\Application\Module\User\Service\Auth\AuthCodeMailer
lexik_jwt_身份验证:
lexik_jwt_authentication:
private_key_path: '%jwt_private_key_path%'
public_key_path: '%jwt_public_key_path%'
pass_phrase: '%jwt_key_pass_phrase%'
token_ttl: '%jwt_token_ttl%'
token_extractors:
cookie:
enabled: true
name: shbee
问题是,因为当我想确认我的授权码时,我得到了一个错误,如:
User is not in a two-factor authentication process.
因为对象令牌是
Lexik\Bundle\JWTAuthenticationBundle\Security\Authentication\Token\JWTUserToken
不适用
use Scheb\TwoFactorBundle\Security\Authentication\Token\TwoFactorTokenInterface;
我转储了对象令牌类,我试图更改2schab
的配置。可能我必须配置一些通过令牌授权用户的东西,但我真的不知道是什么
1条答案
按热度按时间s5a0g9ez1#
我有同样的问题,我修复了它,这是我的代码
我的防火墙
2fa_check和api_login_check必须与您的模式匹配。
接下来,您将自定义lexik身份验证处理程序success,以中断登录过程。
最后,自定义双因素身份验证处理程序success以在2fa完成时返回令牌。
更多信息请阅读scheb two factor Api integration文档