As per the title, on local development machine all works as expected while on production I get a 404 error (not found).
I really don't understand why there is this difference in the behaviour as I double checked all what I can.
I'm on Symfony 4.1 and this is my configuration:
# config/routes.yaml
login_check:
path: /api/login_check
methods: [POST]
defaults:
_format: json
and the firewalls:
# config/packages/security
security:
...
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/api/login
stateless: true
anonymous: true
json_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
register:
pattern: ^/api/register
stateless: true
anonymous: true
api:
# Add the trailing slash to enable the Swagger UI (https://stackoverflow.com/a/49967251/1399706)
pattern: ^/api/
stateless: true
anonymous: false
provider: entity_provider
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
main:
pattern: ^/
anonymous: true
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
# Add the trailing slash to enable the Swagger UI (https://stackoverflow.com/a/49967251/1399706)
- { path: ^/api/, roles: IS_AUTHENTICATED_FULLY }
I have no different security.yaml in dev environment nor in the prod one.
Any idea is welcomed!
I've investigated further this issue...
The first thing I did was to check if the route is correctly registered:
$: bin/console debug:router
-------------- ---------- -------- ------ ------------------------------------------------
Name Method Scheme Host Path
-------------- ---------- -------- ------ ------------------------------------------------
homepage ANY ANY ANY /
...
login_check POST ANY ANY /api/login_check
-------------- ---------- -------- ------ ------------------------------------------------
As you can see the route is correctly set, so there MUST be another cause for this 404.
Now, searching on Google, I found that this might be caused by a preflight OPTIONS request that is misunderstood by Symfony that so returns a 404.
Read: Symfony2 JWT Authentication Returning 404 on Preflight
Honestly, I didn't think the error was this... Anyway, I investigated further but without success.
So I changed my search: instead of searching for problems related to LexikJWT, I started to search for problems related to missed (BUT REGISTERED) routes in Symfony itself.
And I came up with this: Route is in debug list but returns 404 in Symfony 4.
This is exactly the problem I had!
One of the comments says "Missing .htaccess file" and suggests installing composer req symfony/apache-pack.
This was really hilarious, as I deleted the .htaccess I added in development.
In fact, in development, I had the same issue and as told in the documentation, I added a .htaccess file to re-add the authorization headers.
_NOTE: You suggest to modify the VirtualHost but is way more easy to add a .htaccess file instead of editing the VirtualHost, especially if someone has to deal with servers like Heroku, where to edit the ViartualHost is really complex._
Unfortunately, in my production tests, I decided to remove the .htaccess thinking it was the cause of the error. And more, unfortunately, the development worked anyway, also without the .htaccess file: so I thought it wasn't required and forget about it.
But now I decided to give the symfony/apache-pack a try:
ALL WORKS AS EXPECTED!!!
The problem was exactly the .htaccess!
And the real problem I think was a misconfigured .htaccess file that I added.
But using the one provided by Symfony, now, all works well!
Excuse me for this long post, but I hope it will be higher indexed by Google hoping someone with this same issues will find it faster and will not spend 2 days in the darkness.
FINAL SUGGESTION
In Important note for Apache users, instead of suggesting to edit the VirtualHost this way:
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
Suggest, instead, of requiring symfony/apache-pack:
composer req symfony/apache-pack
This is way much faster and easier to do to fix this problem!
Thank you for this great bundle!
ping @chalasr
Most helpful comment
I've investigated further this issue...
The first thing I did was to check if the route is correctly registered:
As you can see the route is correctly set, so there MUST be another cause for this 404.
Now, searching on Google, I found that this might be caused by a preflight
OPTIONSrequest that is misunderstood by Symfony that so returns a 404.Read: Symfony2 JWT Authentication Returning 404 on Preflight
Honestly, I didn't think the error was this... Anyway, I investigated further but without success.
So I changed my search: instead of searching for problems related to
LexikJWT, I started to search for problems related to missed (BUT REGISTERED) routes in Symfony itself.And I came up with this: Route is in debug list but returns 404 in Symfony 4.
This is exactly the problem I had!
One of the comments says "Missing
.htaccessfile" and suggests installingcomposer req symfony/apache-pack.This was really hilarious, as I deleted the
.htaccessI added in development.In fact, in development, I had the same issue and as told in the documentation, I added a
.htaccessfile to re-add the authorization headers._NOTE: You suggest to modify the
VirtualHostbut is way more easy to add a.htaccessfile instead of editing theVirtualHost, especially if someone has to deal with servers like Heroku, where to edit theViartualHostis really complex._Unfortunately, in my production tests, I decided to remove the
.htaccessthinking it was the cause of the error. And more, unfortunately, the development worked anyway, also without the.htaccessfile: so I thought it wasn't required and forget about it.But now I decided to give the
symfony/apache-packa try:ALL WORKS AS EXPECTED!!!
The problem was exactly the
.htaccess!And the real problem I think was a misconfigured
.htaccessfile that I added.But using the one provided by Symfony, now, all works well!
Excuse me for this long post, but I hope it will be higher indexed by Google hoping someone with this same issues will find it faster and will not spend 2 days in the darkness.
FINAL SUGGESTION
In Important note for Apache users, instead of suggesting to edit the
VirtualHostthis way:Suggest, instead, of requiring
symfony/apache-pack:This is way much faster and easier to do to fix this problem!
Thank you for this great bundle!
ping @chalasr