Home > Software engineering >  SF4: multi authenticators with default authenticator
SF4: multi authenticators with default authenticator

Time:01-19

I hope that it will be clear. I have a very old application that was upgraded to SF4.4 some time ago and all time is maintained and developed. Unfortunately has a lot of old code. I have to create a firewall that will be supported an old authenticator solution (form_login) and a new one - LexikJWTAuthenticationBundle at the same time. It means that users can get access pages when they have a session or JWT token in headers.

I had this configuration and it works fine:

 main:
        pattern: '^/'
        anonymous: ~
        logout_on_user_change: true
        form_login:
            provider: main
            ##
        remember_me:
            ##
        logout:
           ##
        guard:
            provider: main
            authenticators:
                - lexik_jwt_authentication.jwt_token_authenticator

This solution supported the session and JWT token for all endpoints/pages. But unfortunately, I found in /^ places where is used Authorization: Bearer <token> and JWTTokenAuthenticator create some problems and complicate everything. The next thing - it could be dangerous.

So I had to create this solution:

    react-api:
        pattern: '^/react-api'
        anonymous: ~
        guard:
            provider: main
            authenticators:
                - lexik_jwt_authentication.jwt_token_authenticator

    main:
        pattern: '^/'
        anonymous: ~
        logout_on_user_change: true
        form_login:
            provider: main
            #
        remember_me:
            #
        logout:
            ##

In the current solution for /react-api - I can't authorize via session. Of course, the pattern blocks it. I think it can resolve the problem when I added the default authenticator before/after lexik_jwt_authentication.jwt_token_authenticator which will support the session. Does Symfony have something? Or is another solution?

CodePudding user response:

I found the solution. Symfony docs: https://symfony.com/doc/current/reference/configuration/security.html#firewall-context

I have to change the context for the first firewall:

react-api:
    pattern: '^/react-api'
    anonymous: ~
    context: main
    guard:
        provider: main
        authenticators:
            - lexik_jwt_authentication.jwt_token_authenticator
main:
    pattern: '^/'
    anonymous: ~
  • Related