Hi,
You must enabled the api login_check route:
#in app/config/routing.yml:
api_login_check:
path: /api/login_check
and config firewalls:
#in app/config/security.yml
firewalls:
sysadmin:
pattern: ^/sysadmin
...
api_login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
require_previous_session: false
username_parameter: username
password_parameter: password
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
api:
pattern: ^/api
stateless: true
# advanced configuration
lexik_jwt:
authorization_header: # check token in Authorization Header
enabled: true
prefix: Bearer
query_parameter: # check token in query string parameter
enabled: true
name: bearer
throw_exceptions: false # When an authentication failure occurs, return a 401 response immediately
create_entry_point: true # When no authentication details are provided, create a default entry point that returns a 401 response
access_control:
- { path: ^/
sysadmin/login$, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/
sysadmin$, role: ROLE_ADMIN } - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: ROLE_API }
To finish you can test with curl in cli:
$ curl -X POST -d '{"username": "my-user", "password": "my-password"}'
http://my-url.com/api/login_check
Your user must be promoted with ROLE_API to be able to login in my example.