Symfony 7 JSON Web Token(JWT) Authentication - Binaryboxtuts (2024)

Contents

• Prerequisite:
• Step 1: Install Symfony 7
• Step 2: Install Packages
• Step 3: Set Database Configuration
• Step 4: Configure FOSRest Bundle
• Step 5: Create User Class
• Step 6: Create Migration
• Step 7: Configure JWT Bundle
• Step 8: Create Controllers
• Step 9: Configure Security.yaml
• Step 10: Run the Application
• Screenshots:

composer create-project symfony/skeleton:"7.0.*" symfony-7-jwt

symfony new symfony-7-jwt --version="7.0.*"

composer require jms/serializer-bundlecomposer require friendsofsymfony/rest-bundlecomposer require --dev symfony/maker-bundle composer require symfony/orm-packcomposer require lexik/jwt-authentication-bundle

# In all environments, the following files are loaded if they exist,# the latter taking precedence over the former:## * .env contains default values for the environment variables needed by the app# * .env.local uncommitted file with local overrides# * .env.$APP_ENV committed environment-specific defaults# * .env.$APP_ENV.local uncommitted environment-specific overrides## Real environment variables win over .env files.## DO NOT DEFINE PRODUCTION SECRETS IN THIS FILE NOR IN ANY OTHER COMMITTED FILES.## Run "composer dump-env prod" to compile .env files for production use (requires symfony/flex >=1.2).# https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration ###> symfony/framework-bundle ###APP_ENV=devAPP_SECRET=e0710317861221371d185cc932acd15b###< symfony/framework-bundle ### ###> doctrine/doctrine-bundle #### Format described at https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url# IMPORTANT: You MUST configure your server version, either here or in config/packages/doctrine.yaml## DATABASE_URL="sqlite:///%kernel.project_dir%/var/data.db"# DATABASE_URL="mysql://db_user:db_password@127.0.0.1:3306/db_name?serverVersion=5.7"DATABASE_URL="postgresql://db_user:db_password@127.0.0.1:5432/db_name?serverVersion=13&charset=utf8"###< doctrine/doctrine-bundle ###

php bin/console doctrine:database:create

fos_rest: format_listener: rules: - { path: ^/api, prefer_extension: true, fallback_format: json, priorities: [ json, html ] }

php bin/console make:user The name of the security user class (e.g. User) [User]: > Do you want to store user data in the database (via Doctrine)? (yes/no) [yes]: > Enter a property name that will be the unique "display" name for the user (e.g. email, username, uuid) [email]: > Will this app need to hash/check user passwords? Choose No if passwords are not needed or will be checked/hashed by some other system (e.g. a single sign-on server). Does this app need to hash/check user passwords? (yes/no) [yes]: > created: src/Entity/User.php created: src/Repository/UserRepository.php updated: src/Entity/User.php updated: config/packages/security.yaml Success! Next Steps: - Review your new App\Entity\User class. - Use make:entity to add more fields to your User entity and then run make:migration. - Create a way to authenticate! See https://symfony.com/doc/current/security.html

<?phpnamespace App\Entity;use App\Repository\UserRepository;use Doctrine\ORM\Mapping as ORM;use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;use Symfony\Component\Security\Core\User\UserInterface;#[ORM\Entity(repositoryClass: UserRepository::class)]class User implements UserInterface, PasswordAuthenticatedUserInterface{ #[ORM\Id] #[ORM\GeneratedValue] #[ORM\Column] private ?int $id = null; #[ORM\Column(length: 180, unique: true)] private ?string $email = null; #[ORM\Column(length: 180, unique: true)] private ?string $username = null; #[ORM\Column] private array $roles = []; /** * @var string The hashed password */ #[ORM\Column] private ?string $password = null; public function getId(): ?int { return $this->id; } public function getEmail(): ?string { return $this->email; } public function setEmail(string $email): static { $this->email = $email; return $this; } public function getUsername(): string { return $this->username; } public function setUsername(string $username): self { $this->username = $username; return $this; } /** * A visual identifier that represents this user. * * @see UserInterface */ public function getUserIdentifier(): string { return (string) $this->email; } /** * @see UserInterface */ public function getRoles(): array { $roles = $this->roles; // guarantee every user at least has ROLE_USER $roles[] = 'ROLE_USER'; return array_unique($roles); } public function setRoles(array $roles): static { $this->roles = $roles; return $this; } /** * @see PasswordAuthenticatedUserInterface */ public function getPassword(): string { return $this->password; } public function setPassword(string $password): static { $this->password = $password; return $this; } /** * @see UserInterface */ public function eraseCredentials(): void { // If you store any temporary, sensitive data on the user, clear it here // $this->plainPassword = null; }}

php bin/console make:migration

php bin/console doctrine:migrations:migrate

php bin/console lexik:jwt:generate-keypair

mkdir config/jwtopenssl genrsa -out config/jwt/private.pem -aes256 4096openssl rsa -pubout -in config/jwt/private.pem -out config/jwt/public.pem

api_login_check: path: /api/login_check

php bin\console make:controller RegistrationController

<?php namespace App\Controller; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;use Symfony\Component\HttpFoundation\JsonResponse;use Symfony\Component\Routing\Attribute\Route;use Symfony\Component\HttpFoundation\Request;use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;use Doctrine\Persistence\ManagerRegistry;use App\Entity\User; #[Route('/api', name: 'api_')]class RegistrationController extends AbstractController{ #[Route('/register', name: 'register', methods: 'post')] public function index(ManagerRegistry $doctrine, Request $request, UserPasswordHasherInterface $passwordHasher): JsonResponse { $em = $doctrine->getManager(); $decoded = json_decode($request->getContent()); $email = $decoded->email; $plaintextPassword = $decoded->password; $user = new User(); $hashedPassword = $passwordHasher->hashPassword( $user, $plaintextPassword ); $user->setPassword($hashedPassword); $user->setEmail($email); $user->setUsername($email); $em->persist($user); $em->flush(); return $this->json(['message' => 'Registered Successfully']); }}

php bin/console make:controller DashboardController 

<?php namespace App\Controller; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;use Symfony\Component\HttpFoundation\JsonResponse;use Symfony\Component\Routing\Attribute\Route; #[Route('/api', name: 'api_')]class DashboardController extends AbstractController{ #[Route('/dashboard', name: 'app_dashboard')] public function index(): JsonResponse { return $this->json([ 'message' => 'Welcome to your new controller!', 'path' => 'src/Controller/DashboardController.php', ]); }}

security: password_hashers: App\Entity\User: 'auto' Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: algorithm: 'auto' cost: 15 providers: app_user_provider: entity: class: App\Entity\User property: username firewalls: login: pattern: ^/api/login stateless: true json_login: check_path: /api/login_check success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure api: pattern: ^/api stateless: true jwt: ~ dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: lazy: true provider: app_user_provider access_control: - { path: ^/api/register, roles: PUBLIC_ACCESS } - { path: ^/api/login, roles: PUBLIC_ACCESS } - { path: ^/api, roles: IS_AUTHENTICATED_FULLY }

symfony server:start