Lexikjwtauthenticationbundle: Using id field instead of username for finding users in database

Created on 14 Aug 2017  路  9Comments  路  Source: lexik/LexikJWTAuthenticationBundle

I don't use any username. User login is made by email / password. Email can change so it's not suitable to store it in the JWT token as the identifying field.
User id seems to be the only field I can rely on for both JWT payload identitfying field and for the lookup in database.
How can I configure the bundle to do it ?

Most helpful comment

@bartoll7 yes it works well with the solution I mentioned :

  • add user_identity_field: id to your lexik_jwt_authentication config
  • create a class with the following code extending AbstractGuardAuthenticator and use it in your security.firewall.[your_firewall_name].guard.authenticators config
protected function loadUser(UserProviderInterface $userProvider, array $payload, $identity)
{
    if (!$identity) {
        throw new AuthenticationException('Invalid JWT Token');
    }
    return $this->userRepository->findOneById($identity);
}

All 9 comments

Hi any solution for your issue ? I have exactly the same ;)

@Luckystrike561 It seems ok with :

  • id as user_identity_field (config.yml)
  • a custom JWTTokenAuthenticator using findOneById (userRepository)

Is that a good / recommended way ?

@pdoreau I think it can be simpler:

1) id as user_identity_field
2) the symfony built-in entity provider configured to use id as property to load users
yaml security: providers: db_provider: entity: class: AppBundle:User property: id

Note: 2) can be replaced by a custom user provider, while it is able to load users based on the configured user_identity_field.

(Apologies for the delay)

Hi thank for reply but I'm working in NoSQL (mogodb) and after some research I didn't find any configuration like you for "Document base" I will look for @pdoreau solution.

Closing due to the lack of feedback, feel free to reopen.

I have the same problem. Do you have any working solution or code example?

@bartoll7 yes it works well with the solution I mentioned :

  • add user_identity_field: id to your lexik_jwt_authentication config
  • create a class with the following code extending AbstractGuardAuthenticator and use it in your security.firewall.[your_firewall_name].guard.authenticators config
protected function loadUser(UserProviderInterface $userProvider, array $payload, $identity)
{
    if (!$identity) {
        throw new AuthenticationException('Invalid JWT Token');
    }
    return $this->userRepository->findOneById($identity);
}
Was this page helpful?
0 / 5 - 0 ratings

Related issues

reducio picture reducio  路  4Comments

AlexDupreWeb picture AlexDupreWeb  路  4Comments

ghost picture ghost  路  5Comments

kemicofa picture kemicofa  路  5Comments

christophe-mailfert picture christophe-mailfert  路  5Comments