### Install LexikJWTAuthenticationBundle Source: https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/index.html Use Composer to add the bundle to your Symfony project dependencies. ```bash $ php composer.phar require "lexik/jwt-authentication-bundle" ``` -------------------------------- ### Example JWT Response Source: https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/index.html The expected JSON response format containing the JWT token after a successful authentication request. ```json { "token" : "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJleHAiOjE0MzQ3Mjc1MzYsInVzZXJuYW1lIjoia29ybGVvbiIsImlhdCI6IjE0MzQ2NDExMzYifQ.nh0L_wuJy6ZKIQWh6OrW5hdLkviTs1_bau2GqYdDCB0Yqy_RplkFghsuqMpsFls8zKEErdX5TYCOR7muX0aQvQxGQ4mpBkvMDhJ4-pE4ct2obeMTr_s4X8nC00rBYPofrOONUOR4utbzvbd4d2xT_tj4TdR_0tsr91Y7VskCRFnoXAnNT-qQb7ci7HIBTbutb9zVStOFejrb4aLbr7Fl4byeIEYgp2Gd7gY" } ``` -------------------------------- ### Decode JWT Token Source: https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/9-access-authenticated-jwt-token.html Call the `decode()` method on the injected `JWTTokenManagerInterface` and pass the token obtained from `TokenStorageInterface` to get the decoded JWT payload. This method returns the decoded information of the JWT token sent in the current request. ```php $decodedJwtToken = $this->jwtManager->decode($this->tokenStorageInterface->getToken()); ``` -------------------------------- ### Configure Environment Variables Source: https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/index.html Define the paths to your SSL keys and the passphrase in your .env file. ```text JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem JWT_PASSPHRASE= ``` -------------------------------- ### Configure Bundle Parameters Source: https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/index.html Set the key paths, passphrase, and token TTL in the bundle configuration file. ```yaml # config/packages/lexik_jwt_authentication.yaml lexik_jwt_authentication: secret_key: '%env(resolve:JWT_SECRET_KEY)%' # required for token creation public_key: '%env(resolve:JWT_PUBLIC_KEY)%' # required for token verification pass_phrase: '%env(JWT_PASSPHRASE)%' # required for token creation token_ttl: 3600 # in seconds, default is 3600 ``` -------------------------------- ### Register the Bundle Source: https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/index.html Add the bundle class to your application's bundle configuration file. ```php return [ //... Lexik\Bundle\JWTAuthenticationBundle\LexikJWTAuthenticationBundle::class => ['all' => true], ]; ``` -------------------------------- ### Configure API Platform Integration Source: https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/index.html Override default parameters for API Platform integration if necessary. ```yaml # config/packages/lexik_jwt_authentication.yaml lexik_jwt_authentication: # ... api_platform: check_path: /api/login_check username_path: email password_path: security.credentials.password ``` -------------------------------- ### Configure Security Firewalls Source: https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/index.html Define the login and API firewalls to handle JWT authentication. Ensure the login firewall is placed before the API firewall. ```yaml # config/packages/security.yaml security: enable_authenticator_manager: true # Only for Symfony 5.4 # ... firewalls: login: pattern: ^/api/login stateless: true json_login: check_path: /api/login_check success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure api: pattern: ^/api stateless: true jwt: ~ access_control: - { path: ^/api/login, roles: PUBLIC_ACCESS } - { path: ^/api, roles: IS_AUTHENTICATED_FULLY } ``` -------------------------------- ### Configure Routing Source: https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/index.html Define the route for the login check endpoint. ```yaml # config/routes.yaml api_login_check: path: /api/login_check ``` -------------------------------- ### Generate SSL Keypair Source: https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/index.html Generate the private and public keys required for JWT signing and verification. ```bash $ php bin/console lexik:jwt:generate-keypair ``` -------------------------------- ### Obtain JWT Token via cURL Source: https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/index.html Use these commands to authenticate a user and retrieve a JWT token. Ensure the host and port are adapted to your environment. ```bash $ curl -X POST -H "Content-Type: application/json" https://localhost/api/login_check -d '{"username":"johndoe","password":"test"}' ``` ```bash C:\> curl -X POST -H "Content-Type: application/json" https://localhost/api/login_check --data {"username":"johndoe","password":"test"} ``` -------------------------------- ### Apache VirtualHost Authorization Header Configuration Source: https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/index.html Required configuration for Apache to prevent it from stripping the Authorization header when using JWT authentication. ```apache SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 ``` -------------------------------- ### Inject TokenStorageInterface and JWTTokenManagerInterface Source: https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/9-access-authenticated-jwt-token.html Inject these interfaces into your controller or service constructor to gain access to JWT token functionalities. Ensure these services are available in your dependency injection container. ```php use Lexik\Bundle\JWTAuthenticationBundle\Services\JWTTokenManagerInterface; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; public function __construct(TokenStorageInterface $tokenStorageInterface, JWTTokenManagerInterface $jwtManager) { $this->jwtManager = $jwtManager; $this->tokenStorageInterface = $tokenStorageInterface; } ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.