0

I have developed my api rest in symfony, and do some tests with postman, everything is ok, now i am working on the front part with ionic for the mobile application, and for the authentication part, i would like to know how to use my url login of my api rest. when I test my login form, there is an error in the console that shows me

POST http://localhost:8100/api/login_check 404 (Not Found)

Authentication Controller

     /**
 * @Rest\View(statusCode=Response::HTTP_CREATED, serializerGroups={"auth-token"})
 * @Rest\Post("/auth-tokens")
 */
public function postAuthTokensAction(Request $request)
{
    $credentials = new Credentials();
    $form = $this->createForm(CredentialsType::class, $credentials);

    $form->submit($request->request->all());

    if (!$form->isValid()) {
        return $form;
    }

     $em = $this->getDoctrine()->getManager();

    $user = $em->getRepository("DoctixUserBundle:User")
        ->findOneByUsername($credentials->getLogin());

    if (!$user) { // L'utilisateur n'existe pas
        return $this->invalidCredentials();
    }

    $encoder = $this->get('security.password_encoder');
    $isPasswordValid = $encoder->isPasswordValid($user, $credentials->getPassword());

    if (!$isPasswordValid) { // Le mot de passe n'est pas correct
        return $this->invalidCredentials();
    }

    $authToken = new AuthToken();
    $authToken->setValue(base64_encode(random_bytes(50)));
    $authToken->setCreatedAt(new \DateTime('now'));
    $authToken->setUser($user);

    $em->persist($authToken);
    $em->flush();

    return $authToken;
}

private function invalidCredentials()
{
    return \FOS\RestBundle\View\View::create(['message' => 'Invalid credentials'], Response::HTTP_BAD_REQUEST);
}

Ionic Html page

<ion-app>
  <ion-header translucent>
    <ion-toolbar>
      <ion-title>Se Connecter</ion-title>
    </ion-toolbar>
  </ion-header>

  <ion-content fullscreen>
    <form [formGroup]="loginForm" (ngSubmit)="onSubmit()">
  <ion-list lines="full" class="ion-no-margin ion-no-padding">
    <ion-item>
      <ion-label position="stacked">Nom d'utilisateur  <ion-text color="danger">*</ion-text></ion-label>
      <ion-input required type="text" class="form-control" placeholder="Username*" formControlName="username" ></ion-input>
    </ion-item>
    <ion-item>
      <ion-label position="stacked">Mot de passe <ion-text color="danger">*</ion-text></ion-label>
      <ion-input required type="password" class="form-control" placeholder="Password*" formControlName="password"></ion-input>
    </ion-item>

  </ion-list>

  <div class="ion-padding">
    <ion-button size="small" type="submit" class="ion-no-margin" [disabled]="!loginForm.valid">Se Connecter</ion-button>
    <ion-button size="small" routerLink="/register" routerDirection="forward" class="ion-no-margin">S'inscrire</ion-button>
  </div>
</form>
  </ion-content>
</ion-app>

Ionic Script controller

import { Component } from '@angular/core';
import { FormBuilder, FormsModule, ReactiveFormsModule,  FormGroup, Validators } from '@angular/forms';
import { Router } from '@angular/router';

import {AuthenticationService} from '../authentication/authentication.service';


@Component({
  selector: 'app-home',
  templateUrl: 'home.page.html',
  styleUrls: ['home.page.scss'],
})
export class HomePage {
  loginForm: FormGroup;
  error = '';

  constructor(
      private formBuilder: FormBuilder,
      private authenticationService: AuthenticationService,
      private router: Router
  ) {
    this.loginForm = formBuilder.group({
      username: ['', Validators.required],
      password: ['', Validators.required]
    });
  }

  onSubmit() {
    this.authenticationService
        .authenticate(this.loginForm.value)
        .subscribe(
            data => {
              localStorage.setItem('id_token', data.token);
              this.router.navigate(['post']);
            },
            error => this.error = error.message
        );
  }
}

My Nelmio Cors config

nelmio_cors:
    defaults:
        allow_credentials: false
        allow_origin: []
        allow_headers: []
        allow_methods: []
        expose_headers: []
        max_age: 0
        hosts: []
        origin_regex: false
        forced_allow_origin_value: ~
    paths:
        '^/api/':
            allow_origin: ['http://localhost:8100']
            allow_headers: ['origin', 'content-type', 'authorization']
            allow_methods: ['POST', 'PUT', 'GET', 'DELETE']
            max_age: 3600
        '^/':
            origin_regex: false
            allow_origin: ['*']
            allow_headers: ['origin', 'content-type', 'authorization']
            allow_methods: ['POST', 'PUT', 'GET', 'DELETE']
            max_age: 3600
            hosts: ['^api\.']

Routing

This is the routing of the api/login_check in app/config/routing.yml

api_login_check:
          path:    /api/login_check
          methods:  [POST, OPTIONS]

Routing for login controller

  api_login:
      path:    /api/login
     defaults: { _controller: "DoctixUserBundle:API\\ApiSecurity:postLogin", _format:json }


authentification:
    path: /api/auth-tokens
    defaults: { _controller: "DoctixUserBundle:API\\ApiSecurity:postAuthTokens", _format:json }

Authentication Service

  export class AuthenticationService {

 constructor(private http: Http) {}
 public apiBase = 'http://127.0.0.1:8000/';
 authenticate(user: any) {
//   const url     = this.apiBase + 'api/login';
    const body     = new URLSearchParams();
    body.append('username', user.username);
    body.append('password', user.password);
   const headers = new Headers({'Content-Type': 'application/json'});
   const options = new RequestOptions({headers});

  return this.http.post(this.apiBase + 'api/login_check', body.toString(), options).map((data: Response) => data.json() );
    /*.post(url, body.toString(), options)
    .map((data: Response) => data.json());*/

} Thanks

Improve this question

1 Answer 1

Reset to default
0

You seem to be facing a CORS issue.

Have you tried configuring Nelmio CORS correctly?

Configuration file may be something like this:

nelmio_cors:
defaults:
    origin_regex: true
    allow_origin: ['%env(CORS_ALLOW_ORIGIN)%']
    allow_methods: ['GET', 'OPTIONS', 'POST', 'PUT', 'PATCH', 'DELETE']
    allow_headers: ['Content-Type', 'Authorization']
    max_age: 3600
paths:
    '^/': ~

Where you can change of course the settings you want.

In allow_origin you should put (with this config in the .env file) URLs allowed to use CORS, such as

CORS_ALLOW_ORIGIN=^https?://(localhost|mydomain.tld)(:[0-9]+)?$
Improve this answer
Sign up to request clarification or add additional context in comments.

10 Comments

i have applied your suggest, and i have the 404 error not found
Hello Mohamed, may it be a routing problem now? Do you have the route correctly pointing to the controller you are using? Can you send me the config you have for that? :)
Hi @DaniPilot, i've just edited in adding the routing that i using. Thanks
Hello @Mohamed. Have you defined how to do the login_check in security.yml? How does this exactly work? :)
Hi @DaniPilot, yes i defined the login_check in security.yml: login: pattern: ^/api/login stateless: true anonymous: true json_login: check_path: /api/login_check success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.