Lexikjwtauthenticationbundle: login_check returns 404 error on production while works well in development

Created on 4 Jun 2018  路  1Comment  路  Source: lexik/LexikJWTAuthenticationBundle

As per the title, on local development machine all works as expected while on production I get a 404 error (not found).

I really don't understand why there is this difference in the behaviour as I double checked all what I can.

I'm on Symfony 4.1 and this is my configuration:

# config/routes.yaml
login_check:
    path:     /api/login_check
    methods:  [POST]
    defaults:
        _format: json

and the firewalls:

# config/packages/security
security:
    ...
    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        login:
            pattern: ^/api/login
            stateless: true
            anonymous: true
            json_login:
                check_path: /api/login_check
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure
        register:
            pattern: ^/api/register
            stateless: true
            anonymous: true
        api:
            # Add the trailing slash to enable the Swagger UI (https://stackoverflow.com/a/49967251/1399706)
            pattern: ^/api/
            stateless: true
            anonymous: false
            provider: entity_provider
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator
        main:
            pattern: ^/
            anonymous: true
    access_control:
        - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        # Add the trailing slash to enable the Swagger UI (https://stackoverflow.com/a/49967251/1399706)
        - { path: ^/api/, roles: IS_AUTHENTICATED_FULLY }

I have no different security.yaml in dev environment nor in the prod one.

Any idea is welcomed!

Most helpful comment

I've investigated further this issue...

The first thing I did was to check if the route is correctly registered:

$: bin/console debug:router
-------------- ---------- -------- ------ ------------------------------------------------
 Name                                       Method     Scheme   Host   Path
-------------- ---------- -------- ------ ------------------------------------------------
homepage                                     ANY        ANY      ANY    /
...
login_check                                  POST       ANY      ANY    /api/login_check
-------------- ---------- -------- ------ ------------------------------------------------

As you can see the route is correctly set, so there MUST be another cause for this 404.

Now, searching on Google, I found that this might be caused by a preflight OPTIONS request that is misunderstood by Symfony that so returns a 404.

Read: Symfony2 JWT Authentication Returning 404 on Preflight

Honestly, I didn't think the error was this... Anyway, I investigated further but without success.

So I changed my search: instead of searching for problems related to LexikJWT, I started to search for problems related to missed (BUT REGISTERED) routes in Symfony itself.

And I came up with this: Route is in debug list but returns 404 in Symfony 4.

This is exactly the problem I had!

One of the comments says "Missing .htaccess file" and suggests installing composer req symfony/apache-pack.

This was really hilarious, as I deleted the .htaccess I added in development.

In fact, in development, I had the same issue and as told in the documentation, I added a .htaccess file to re-add the authorization headers.

_NOTE: You suggest to modify the VirtualHost but is way more easy to add a .htaccess file instead of editing the VirtualHost, especially if someone has to deal with servers like Heroku, where to edit the ViartualHost is really complex._

Unfortunately, in my production tests, I decided to remove the .htaccess thinking it was the cause of the error. And more, unfortunately, the development worked anyway, also without the .htaccess file: so I thought it wasn't required and forget about it.

But now I decided to give the symfony/apache-pack a try:

  1. I installed it
  2. Commit
  3. Push
  4. ... wait for CI to do its work... ... ... ... ... ...
  5. Test

ALL WORKS AS EXPECTED!!!

The problem was exactly the .htaccess!

And the real problem I think was a misconfigured .htaccess file that I added.

But using the one provided by Symfony, now, all works well!

Excuse me for this long post, but I hope it will be higher indexed by Google hoping someone with this same issues will find it faster and will not spend 2 days in the darkness.

FINAL SUGGESTION

In Important note for Apache users, instead of suggesting to edit the VirtualHost this way:

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

Suggest, instead, of requiring symfony/apache-pack:

composer req symfony/apache-pack

This is way much faster and easier to do to fix this problem!

Thank you for this great bundle!

ping @chalasr

>All comments

I've investigated further this issue...

The first thing I did was to check if the route is correctly registered:

$: bin/console debug:router
-------------- ---------- -------- ------ ------------------------------------------------
 Name                                       Method     Scheme   Host   Path
-------------- ---------- -------- ------ ------------------------------------------------
homepage                                     ANY        ANY      ANY    /
...
login_check                                  POST       ANY      ANY    /api/login_check
-------------- ---------- -------- ------ ------------------------------------------------

As you can see the route is correctly set, so there MUST be another cause for this 404.

Now, searching on Google, I found that this might be caused by a preflight OPTIONS request that is misunderstood by Symfony that so returns a 404.

Read: Symfony2 JWT Authentication Returning 404 on Preflight

Honestly, I didn't think the error was this... Anyway, I investigated further but without success.

So I changed my search: instead of searching for problems related to LexikJWT, I started to search for problems related to missed (BUT REGISTERED) routes in Symfony itself.

And I came up with this: Route is in debug list but returns 404 in Symfony 4.

This is exactly the problem I had!

One of the comments says "Missing .htaccess file" and suggests installing composer req symfony/apache-pack.

This was really hilarious, as I deleted the .htaccess I added in development.

In fact, in development, I had the same issue and as told in the documentation, I added a .htaccess file to re-add the authorization headers.

_NOTE: You suggest to modify the VirtualHost but is way more easy to add a .htaccess file instead of editing the VirtualHost, especially if someone has to deal with servers like Heroku, where to edit the ViartualHost is really complex._

Unfortunately, in my production tests, I decided to remove the .htaccess thinking it was the cause of the error. And more, unfortunately, the development worked anyway, also without the .htaccess file: so I thought it wasn't required and forget about it.

But now I decided to give the symfony/apache-pack a try:

  1. I installed it
  2. Commit
  3. Push
  4. ... wait for CI to do its work... ... ... ... ... ...
  5. Test

ALL WORKS AS EXPECTED!!!

The problem was exactly the .htaccess!

And the real problem I think was a misconfigured .htaccess file that I added.

But using the one provided by Symfony, now, all works well!

Excuse me for this long post, but I hope it will be higher indexed by Google hoping someone with this same issues will find it faster and will not spend 2 days in the darkness.

FINAL SUGGESTION

In Important note for Apache users, instead of suggesting to edit the VirtualHost this way:

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

Suggest, instead, of requiring symfony/apache-pack:

composer req symfony/apache-pack

This is way much faster and easier to do to fix this problem!

Thank you for this great bundle!

ping @chalasr

Was this page helpful?
0 / 5 - 0 ratings

Related issues

Walkoss picture Walkoss  路  5Comments

JuliusKoronci picture JuliusKoronci  路  4Comments

reducio picture reducio  路  4Comments

AlexDupreWeb picture AlexDupreWeb  路  4Comments

kemicofa picture kemicofa  路  5Comments