Goddamn it where were when I was trying to use postman . Lol . Thanks man . I will pin this for anyone using postman . Cheers mate :)

I resolve this issue with change tha security.yaml at he firewalls proparty from data_login to json_login.

wanted to write the same :D

Aye mate you're really welcome, of you ever get stuck and need help directly please let me know, I know what is like to be stuck and frustrated by a deadline and I'm willing to help when possible :)) Cheers :))

Thank you man I really appreciate the great feedback. Cheers :)

Thank you mate, I appreciate the nice comment :) Cheers :)

You're most welcome, the password can be generated using a command, just type php bin/console security: encode-password and enter your pain text password and it will give you back the hashed password, and just enter it in the database manually :)

@@OverSeasMedia make sure to remove space between "security:" and "encode-password".

same question bro, did you already got an answer for that?

Did you find any solution for this?

+1

Sorry just got a notification about this, I can't remember exactly whether you can pass the extra data the way you did, or you'd need to add any additional data into the payload (the token) it self and then read the data from the token, it's one of those things I just can't remember exactly, sorry. xD

Yes that is indeed the case . You need to make sure the content type is of type json otherwise the authentication bundle won't know how to deal with your request . Cheers and thank you for sharing this with us :)

Hey again, I know this might sound stupid, but make sure that your MySQL server or whatever you're using is up and working (Check yourself for that), also make sure that the information that you have in the database is correct, specifically the password, if you have a registration page then that would be fine, if not then you can manually encode the password by using the following command "security:encode-password". If none of the above actually helped let me know, Good luck :)

@@OverSeasMedia Thank you for the reply. This might be interesting for others, too. I configured everything right (used XAMPP & phpMyAdmin) etc. I was able to set up the user via curl but always got errors when I wanted to generate the token, or an empty array; also Postman only returnerd an empty array instead of the token. In the end, I was able to read the token in the header on Postman. Thanks for the help tho -- your videos are awesome!

It's php bin/console security:encode-password

@@OverSeasMedia Merci !

Je t'en prie :)

The command does not need to be executed in any folder it's a good command in Ubuntu, if you have it installed and in the environment path them you can run it from anywhere

@@OverSeasMedia Ok thank you so if my API is in /Folder1/Folder2 i can run localhost:port/api/function :)

Yeah just need to see how the urls are setup , run the debug:router to see what commands you have available :)

@@OverSeasMedia thank you so much it works now i will continue your tutorial

There is a command that helps you generate the hash it's php bin/console security: encode-password

Lol mate thanks :)

You can use $this->getUser() . If no user is authenticated then this will return null .

Can you telle how did you encode the password ? Did you the security:password-encode command or just manually ?

@@OverSeasMedia i use security:encode-password. I'm using postman, my JSON is {"username":"test","password":"test"} sent in raw JSON, returning 401Bad credential

i'm creating directly my user in BDD using phpmyadmin.

Hello again Evan, Can you please give me you email or send me an email , i need your help to make a troubleshooting guide for this specific problem since i get asked this question a lot, I would appreciate if you could provide some more info on your environment and the code you have :)

si tu écris directement test données en BDD, utilise "plaintext" comme encoder.

You're most welcome mate :)

I think it was an extension called stylus or something like that

Can you please post your security files contents ? And how are you trying to access the login link ?

@@OverSeasMedia security: encoders: App\Entity\User: algorithm: 'auto' providers: in_memory: { memory: ~ } users: entity: class: App\Entity\User property: email firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false login: pattern: ^/api/login stateless: true anonymous: true json_login: check_path: /api/login_check success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure api: pattern: ^/api stateless: true guard: authenticators: - lexik_jwt_authentication.jwt_token_authenticator main: anonymous: true logout: path: /logout target: / invalidate_session: true access_control: - { path: ^/api/login, roles: IS_FULLY_ANONYMOUSLY } - { path: ^/api/, roles: IS_AUTHENTICATED_FULLY }

The configuration seems ok, can you please tel me how are you trying accessing this url? how are you testing it?

@@OverSeasMedia it works with this security.yml security: encoders: App\Entity\User: algorithm: 'auto' # symfony.com/doc/current/security.html#where-do-users-come-from-user-providers providers: in_memory: memory: users: user: password: 'user-test' roles: 'ROLE_USER' admin: password: 'admin-test' roles: 'ROLE_ADMIN' my_own_provider: entity: class: App\Entity\User property: username # if you're using multiple entity managers # manager_name: customer # BEFORE # in_memory: { memory: ~ } # users: # entity: # class: App\Entity\User # property: email firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false login: pattern: ^/api/login stateless: true anonymous: true provider: my_own_provider json_login: check_path: /api/login_check success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure require_previous_session: false api: pattern: ^/api stateless: true provider: my_own_provider guard: authenticators: - lexik_jwt_authentication.jwt_token_authenticator main: anonymous: true logout: path: /logout target: / invalidate_session: true # provider: # entity: # class: App\Entity\User # property: email, username # activate different ways to authenticate # symfony.com/doc/current/security.html#firewalls-authentication # symfony.com/doc/current/security/impersonating_user.html # switch_user: true # Easy way to control access for large sections of your site # Note: Only the *first* access control that matches will be used access_control: - { path: ^/api/login, roles: IS_FULLY_ANONYMOUSLY } - { path: ^/api/, roles: IS_AUTHENTICATED_FULLY }

we can discuss it via skype(nick - evaeva927)

providers: # used to reload user from session & other features (e.g. switch_user) app_user_provider: entity: class: App\Entity\User property: email

@@MegaJuandelgado I have already done this still not working

You can get more info about your error in the log file . Go on your var folder at the root of your project and inside enter in log and open dev.log, If you don't have it use before : composer require symfony/monolog-bundle I found my error by using that

​@@amastou4634 Now a have a token ,but i have this [2020-04-07 15:19:33] security.INFO: Populated the TokenStorage with an anonymous Token. [] [] [2020-04-07 15:19:33] security.DEBUG: Access denied, the user is not fully authenticated; redirecting to authentication entry point. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException(code: 403): Access Denied. at C:\\laragon\\www\\projet\\vendor\\symfony\\security-http\\Firewall\\AccessListener.php:91)"} [] [2020-04-07 15:19:33] request.ERROR: Uncaught PHP Exception Symfony\Component\HttpKernel\Exception\HttpException: "Full authentication is required to access this resource." at C:\laragon\www\projet\vendor\symfony\security-http\Firewall\ExceptionListener.php line 194 {"exception":"[object] (Symfony\\Component\\HttpKernel\\Exception\\HttpException(code: 0): Full authentication is required to access this resource. at C:\\laragon\\www\\projet\\vendor\\symfony\\security-http\\Firewall\\ExceptionListener.php:194, Symfony\\Component\\Security\\Core\\Exception\\InsufficientAuthenticationException(code: 0): Full authentication is required to access this resource. at C:\\laragon\\www\\projet\\vendor\\symfony\\security-http\\Firewall\\ExceptionListener.php:146, Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException(code: 403): Access Denied. at C:\\laragon\\www\\projet\\vendor\\symfony\\security-http\\Firewall\\AccessListener.php:91)"} []

Did you try what the pinned comments says? it says that you need to use the raw format instead of "form-data", if that doesn't help, the github project in the description contains a working authentication system, you can clone it and try it out, if none of those two works, let me know so that we can investigate this further.

@@OverSeasMedia actually there isn't a link in the video description

its this one, github.com/konshensx16/symfony-todo-backend

@@OverSeasMedia i found it the problem was the password i entered i used bcrypt with the $2y$13 but when i changed to $2y$10 it worked fine but still didn't know why or how can i figure the rounds for the hash

@@1050king Did you use the command php bin/console security:encode-password to hash the password ? or some other website?

When that sort of thing happens . The first thing you need to do is make sure that in your security.yaml file the global pattern is the last thing in the list . If you have API/login and API/ , then make sure the login thing is before the API/, just as a first step .

@@OverSeasMedia Yes i'm doing it right but still have the problem :(

You're most welcome mate :)

Can you please post your log file ? It might contain helpful information

@@OverSeasMedia I´m already found the problem, thank you for answering my question. Your videos are helping to create my new project, thanks!

@@matheusvieira1873 can you share with us the solution maybe it can help me or others because i'am having the same problem

@@1050king I was using PostgreSQL and I forgot to define de schema of the user entity.

@Guilherme Rodrigo Teche I can't find your comment.

You're welcome mate :)