Reputation: 1315
401 error When sending incorrect credentials using JWT?
So I am working with JWT, When I insert a valid data ( username and password ) I get a response with 200 in status, but I insert an incorrect data I get 401 error with a message saying Bad credentials, Which is not good obviously, because I will always get a red beautiful error in the browser console.
I am working with Symfony 4 api platform, and here is files needed to do such task,
security.yaml :
security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
encoders:
App\Entity\User:
algorithm: bcrypt
providers:
#in_memory: { memory: ~ }
database:
entity:
class: App\Entity\User
property: username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
api:
pattern: ^/api
stateless: true
anonymous: true
json_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
# activate different ways to authenticate
# https://symfony.com/doc/current/security.html#firewalls-authentication
# https://symfony.com/doc/current/security/impersonating_user.html
# switch_user: true
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_ANONYMOUSLY }
# - { path: ^/admin, roles: ROLE_ADMIN }
# - { path: ^/profile, roles: ROLE_USER }
And the User entity :
<?php
namespace App\Entity;
use ApiPlatform\Core\Annotation\ApiResource;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Serializer\Annotation\Groups;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* @ApiResource(attributes={
* "force_eager"=false,
* "normalization_context"={"groups"={"read"}, "enable_max_depth"=true},
* },)
* @ORM\Entity(repositoryClass="App\Repository\UserRepository")
*/
class User implements UserInterface {
/*
Just Variables and getters and setters here
*/
public function getRoles(){
return ['ROLE_USER'];
}
public function getSalt(){
}
public function eraseCredentials(){
}
}
?>
So I don't know what is causing the problem, and any help would be much appreciated.
Upvotes: 0
Views: 309
Answers (1)
Reputation: 2601
In this case errors is normal. In REST, you use status codes to tell an frontend application what something went wrong. Example '200 response with a message of 'Not Ok"' bad idea, because status code 200 mean 'Everything okay' but in message you tell what went error. Often errors status codes 4** uses for this purpos, for example 400 - Bad request or 422 - you send not valid data to backend/
Upvotes: 1
Related Questions
- with symfony jwt, I get this "invalid credentials" error
- Trying to get a token not currently working
- Lexik JWT authentication problem "Invalid credentials"
- 401 JWT Token not found
- JWT Token not found 401 error when trying to access my api plateform?
- Symfony 4 JWT - Auth works only if i reset password
- Symfony 4 Restful API login with JWT and facebook
- JWTDecodeFailureException - Unable to verify the given JWT through the given configuration
- API PLATFORM jwt access ignored
- Symfony4 + jwt-auth rescipe always return {"code":401,"message":"Bad credentials"}