v1.8.4
TO v1.8.6
Api is disabled by default, to enable it you need to set flag sylius_api.enabled
to true
in config/packages/_sylius.yaml
.
Change configuration of new ApiBundle in your config/packages/security.yaml
file:
security:
firewalls:
new_api_admin_user:
json_login:
- check_path: "%sylius.security.new_api_route%/admin/authentication-token"
+ check_path: "%sylius.security.new_api_admin_route%/authentication-token"
new_api_shop_user:
json_login:
- check_path: "%sylius.security.new_api_route%/shop/authentication-token"
+ check_path: "%sylius.security.new_api_shop_route%/authentication-token"
access_control:
- - { path: "%sylius.security.new_api_route%/admin/authentication-token", role: IS_AUTHENTICATED_ANONYMOUSLY }
+ - { path: "%sylius.security.new_api_admin_route%/authentication-token", role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: "%sylius.security.new_api_route%/shop/authentication-token", role: IS_AUTHENTICATED_ANONYMOUSLY }
+ - { path: "%sylius.security.new_api_shop_route%/authentication-token", role: IS_AUTHENTICATED_ANONYMOUSLY }
v1.8.0
TO v1.8.1
Change configuration of new ApiBundle in your config/packages/security.yaml
file:
security:
providers:
- sylius_api_chain_provider:
- chain:
- providers: [sylius_api_shop_user_provider, sylius_api_admin_user_provider]
firewalls:
new_api_admin_user:
- pattern: "%sylius.security.new_api_route%/admin-user-authentication-token"
- provider: sylius_admin_user_provider
+ pattern: "%sylius.security.new_api_admin_regex%/.*"
+ provider: sylius_api_admin_user_provider
json_login:
- check_path: "%sylius.security.new_api_route%/admin-user-authentication-token"
+ check_path: "%sylius.security.new_api_route%/admin/authentication-token"
new_api_shop_user:
- pattern: "%sylius.security.new_api_route%/shop-user-authentication-token"
- provider: sylius_shop_user_provider
+ pattern: "%sylius.security.new_api_shop_regex%/.*"
+ provider: sylius_api_shop_user_provider
json_login:
- check_path: "%sylius.security.new_api_route%/shop-user-authentication-token"
+ check_path: "%sylius.security.new_api_route%/shop/authentication-token"
- new_api:
- pattern: "%sylius.security.new_api_regex%/*"
- provider: sylius_api_chain_provider
- stateless: true
- anonymous: lazy
- guard:
- authenticators:
- - lexik_jwt_authentication.jwt_token_authenticator
access_control:
+ - { path: "%sylius.security.new_api_route%/admin/authentication-token", role: IS_AUTHENTICATED_ANONYMOUSLY }
+ - { path: "%sylius.security.new_api_route%/shop/authentication-token", role: IS_AUTHENTICATED_ANONYMOUSLY }
v1.7.X
TO v1.8.0
Add new bundles to your list of used bundles in config/bundles.php
if you are not using it apart from Sylius:
+ ApiPlatform\Core\Bridge\Symfony\Bundle\ApiPlatformBundle::class => ['all' => true],
+ Sylius\Bundle\ApiBundle\SyliusApiBundle::class => ['all' => true],
+ Lexik\Bundle\JWTAuthenticationBundle\LexikJWTAuthenticationBundle::class => ['all' => true],
+ SyliusLabs\DoctrineMigrationsExtraBundle\SyliusLabsDoctrineMigrationsExtraBundle::class => ['all' => true],
Add configuration of new ApiBundle in your config/packages/_sylius.yaml
file:
imports:
+ - { resource: "@SyliusApiBundle/Resources/config/app/config.yaml" }
Add configuration of new ApiBundle in your config/packages/security.yaml
file:
parameters:
- sylius.security.admin_regex: "^/admin"
- sylius.security.shop_regex: "^/(?!admin|api/.*|api$|media/.*)[^/]++"
+ sylius.security.admin_regex: "^/%sylius_admin.path_name%"
+ sylius.security.shop_regex: "^/(?!%sylius_admin.path_name%|new-api|api/.*|api$|media/.*)[^/]++"
+ sylius.security.new_api_route: "/new-api"
+ sylius.security.new_api_regex: "^%sylius.security.new_api_route%"
+ sylius.security.new_api_admin_route: "%sylius.security.new_api_route%/admin"
+ sylius.security.new_api_admin_regex: "^%sylius.security.new_api_admin_route%"
+ sylius.security.new_api_shop_route: "%sylius.security.new_api_route%/shop"
+ sylius.security.new_api_shop_regex: "^%sylius.security.new_api_shop_route%"
security:
providers:
+ sylius_api_admin_user_provider:
+ id: sylius.admin_user_provider.email_or_name_based
+ sylius_api_shop_user_provider:
+ id: sylius.shop_user_provider.email_or_name_based
+ sylius_api_chain_provider:
+ chain:
+ providers: [sylius_api_shop_user_provider, sylius_api_admin_user_provider]
firewalls:
admin:
remember_me:
- path: /admin
+ path: "/%sylius_admin.path_name%"
+ new_api_admin_user:
+ pattern: "%sylius.security.new_api_route%/admin-user-authentication-token"
+ provider: sylius_admin_user_provider
+ stateless: true
+ anonymous: true
+ json_login:
+ check_path: "%sylius.security.new_api_route%/admin-user-authentication-token"
+ username_path: email
+ password_path: password
+ success_handler: lexik_jwt_authentication.handler.authentication_success
+ failure_handler: lexik_jwt_authentication.handler.authentication_failure
+ guard:
+ authenticators:
+ - lexik_jwt_authentication.jwt_token_authenticator
+
+ new_api_shop_user:
+ pattern: "%sylius.security.new_api_route%/shop-user-authentication-token"
+ provider: sylius_shop_user_provider
+ stateless: true
+ anonymous: true
+ json_login:
+ check_path: "%sylius.security.new_api_route%/shop-user-authentication-token"
+ username_path: email
+ password_path: password
+ success_handler: lexik_jwt_authentication.handler.authentication_success
+ failure_handler: lexik_jwt_authentication.handler.authentication_failure
+ guard:
+ authenticators:
+ - lexik_jwt_authentication.jwt_token_authenticator
+
+ new_api:
+ pattern: "%sylius.security.new_api_regex%/*"
+ provider: sylius_api_chain_provider
+ stateless: true
+ anonymous: lazy
+ guard:
+ authenticators:
+ - lexik_jwt_authentication.jwt_token_authenticator
+
access_control:
+ - { path: "%sylius.security.new_api_admin_regex%/.*", role: ROLE_API_ACCESS }
+ - { path: "%sylius.security.new_api_shop_regex%/.*", role: IS_AUTHENTICATED_ANONYMOUSLY }
Add sylius_api.yaml
file to config/routes/
directory:
sylius_api:
resource: "@SyliusApiBundle/Resources/config/routing.yml"
prefix: "%sylius.security.new_api_route%"
Add lexik_jwt_authentication.yaml
file to config/packages/
directory:
lexik_jwt_authentication:
secret_key: '%env(resolve:JWT_SECRET_KEY)%'
public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
pass_phrase: '%env(JWT_PASSPHRASE)%'
Add configuration in your .env
file:
+ ###> lexik/jwt-authentication-bundle ###
+ JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem
+ JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem
+ JWT_PASSPHRASE=YOUR_SECRET_PASSPHRASE
+ ###< lexik/jwt-authentication-bundle ###
Add configuration in your .env.test
file:
+ ###> lexik/jwt-authentication-bundle ###
+ JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private-test.pem
+ JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public-test.pem
+ JWT_PASSPHRASE=ALL_THAT_IS_GOLD_DOES_NOT_GLITTER_NOT_ALL_THOSE_WHO_WANDER_ARE_LOST
+ ###< lexik/jwt-authentication-bundle ###
Add configuration in your .env.test_cached
file:
+ ###> lexik/jwt-authentication-bundle ###
+ JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private-test.pem
+ JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public-test.pem
+ JWT_PASSPHRASE=ALL_THAT_IS_GOLD_DOES_NOT_GLITTER_NOT_ALL_THOSE_WHO_WANDER_ARE_LOST
+ ###< lexik/jwt-authentication-bundle ###
Sample JWT token generation is available here
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。