Chapters
39 Chapters
|
4:45:13
|
Login to bookmark this video
-
Course Code
Subscribe to download the code!Compatible PHP versions: ^7.1.3, <8.0
Subscribe to download the code!Compatible PHP versions: ^7.1.3, <8.0
-
This Video
Subscribe to download the video!
Subscribe to download the video!
-
Subtitles
Subscribe to download the subtitles!
Subscribe to download the subtitles!
-
Course Script
Subscribe to download the script!
Subscribe to download the script!
13.
Logging in Inside the Test
Scroll down to the script below, click on any sentence (including terminal blocks) to jump to that spot in the video!
Subscribe to jump to this part in the video!
Keep on Learning!
If you liked what you've learned so far, dive in! Subscribe to get access to this tutorial plus video, code and script downloads.
This tutorial works great for Symfony 5 and API Platform 2.5/2.6.
What PHP libraries does this tutorial use?
// composer.json
{
"require": {
"php": "^7.1.3, <8.0",
"ext-ctype": "*",
"ext-iconv": "*",
"api-platform/core": "^2.1", // v2.4.5
"composer/package-versions-deprecated": "^1.11", // 1.11.99
"doctrine/annotations": "^1.0", // 1.13.2
"doctrine/doctrine-bundle": "^1.6", // 1.11.2
"doctrine/doctrine-migrations-bundle": "^2.0", // v2.0.0
"doctrine/orm": "^2.4.5", // v2.7.2
"nelmio/cors-bundle": "^1.5", // 1.5.6
"nesbot/carbon": "^2.17", // 2.21.3
"phpdocumentor/reflection-docblock": "^3.0 || ^4.0", // 4.3.1
"symfony/asset": "4.3.*", // v4.3.2
"symfony/console": "4.3.*", // v4.3.2
"symfony/dotenv": "4.3.*", // v4.3.2
"symfony/expression-language": "4.3.*", // v4.3.2
"symfony/flex": "^1.1", // v1.21.6
"symfony/framework-bundle": "4.3.*", // v4.3.2
"symfony/http-client": "4.3.*", // v4.3.3
"symfony/monolog-bundle": "^3.4", // v3.4.0
"symfony/security-bundle": "4.3.*", // v4.3.2
"symfony/twig-bundle": "4.3.*", // v4.3.2
"symfony/validator": "4.3.*", // v4.3.2
"symfony/webpack-encore-bundle": "^1.6", // v1.6.2
"symfony/yaml": "4.3.*" // v4.3.2
},
"require-dev": {
"hautelook/alice-bundle": "^2.5", // 2.7.3
"symfony/browser-kit": "4.3.*", // v4.3.3
"symfony/css-selector": "4.3.*", // v4.3.3
"symfony/maker-bundle": "^1.11", // v1.12.0
"symfony/phpunit-bridge": "^4.3", // v4.3.3
"symfony/stopwatch": "4.3.*", // v4.3.2
"symfony/web-profiler-bundle": "4.3.*" // v4.3.2
}
}
28 Comments
The PR you mentioned has been merged and released in v2.5.0 of api-platform: https://github.com/api-plat..., and it seems that all it takes to switch to the fixed method is to use `security` instead of `access_control` in annotations.
Just FYI, we added a note about it a bit earlier when we're talking about "access_control" for the first time: https://symfonycasts.com/sc...
Cheers!
Hey Hawk,
Thank you for this tip!
Cheers!
You saved me from reading the docs prematurely
Just an FYI:
There is a temporal coupling.
To access the container you need to execute the
bootKernel()method first (inherited from KernelTestCase)The
createClient()method callsbootKernel()A look at the
bootKernel()method will make clear that the kernel is shut down and rebooted again at eachcreateClient()call. This is probably because the create client method takes kernel options as the first argument.A question:
I see that the
\ApiPlatform\Core\Bridge\Symfony\Bundle\Test\ApiTestCaseis still marked as <b>experimental</b> in the latest api-platform/coreand the last commit was <b>2 years ago</b>.Does anyone recommend, or uses this in production?
Thanks in advance.
Hey Evozon S.
That's a good question, to be honest I'm not sure why it's still experimental, I'd say it's a good testing library that you can use in your projects but would be better if someone from the ApiPlatform project can confirm it. Perhaps you could ask this question here? https://github.com/api-plat...
Cheers!
Hi,
I am getting an error when trying to login via the json_login and I can't get what's the problem. Every time I get a 401.
Hey @Max
Did you configure your firewall correctly?
and the User you're trying to log in exists in the database?
Cheers!
I got stuck with Symfony 5.2 (and even with Api Plaform ^v2.6.0-alpha.1)...
I can login succesfully...
$this->logIn($client, 'admin', 'admin@123');... but in the next call ...
`
$client->request('POST', '/api/convenio',
`
It always returns <b>HTTP/1.1 401 Unauthorized</b>.
Debugging, I can see that the security-core/Authorization/Voter/RoleVoter.php always receives a Symfony\Component\Security\Core\Authentication\Token\AnonymousToken
DEBUG:
`Symfony\Component\Security\Core\Authentication\Token\AnonymousToken Object
(
)
`
It seems that the ApiPlatform\Core\Bridge\Symfony\Bundle\Test\Client doesn't keep the authentication between the calls.
Here's my config/packages/test/security.yaml
`
security:
`
Almost two days up on this now :-(
Hey @Carlos!
Sorry for my slow reply! This is super frustrating! First, I don’t see any obvious problems. To debug, I want to initially determine if this is a problem with the test not keeping authentication (this is possible, though I’m not familiar with cases of this happening) or if there is something bigger wrong and you lose authentication even in a browser.
To test this, I would write a tiny bit of javascript that does the same thing as your test: sends an ajax request to log in, then sends another ajax request to the api endpoint. Heck, you could even just make an ajax call to the login endpoint and then refresh the page. If everything is working, the web debug toolbar will show you authenticated. There *are* some reasons why you could lose authentication immediately after logging in, which is why I’d check this first.
Also, do you have any special cookie settings? Probably not, but I thought I’d ask just in case.
Cheers!
I followed your awesome cheese course up until this point but got stuck at this unauthenticated test case.
I am using the new `security` attribute in the collection operation post object: `"post"={"security"="is_granted('ROLE_ADMIN')"}`. Instead of producing status code 401 I get error code 500 with the message "The current token must be set to use the "security" attribute (is the URL behind a firewall?)." at `/Users/ff/Projects/Kescht/kescht/vendor/api-platform/core/src/Security/ResourceAccessChecker.php` line 52. The token seems to be missing. But is there a token for a not authenticated user?
Hey Fränz F.!
Are you using the new Symfony 5.1/5.2 security - the
enable_authenticator_manageroption inside of security.yaml? If so, there is a bug in it with API Platform. Or, to be more fair to them, API Platform needed to make an update to fully support the new security system ... and they HAVE - https://github.com/api-platform/core/pull/3899 - but it has not been released yet. It should be released in 2.6.0 - which is currently at BETA 1 (and the fix IS included in that release).If you are NOT using the new security system and I am TOTALLY wrong, please let me know ;).
Cheers!
Hi weaverryan! Yes, indeed, I am using the new authentication manager. I completely missed this incompatibility issue with it. After upgrading to the 2.6.0-beta.1 version of api-platform/core all tests are passing and I get lovely 401 error messages. Awesome! Thank you!
Does ther a way to authenticate the user with a fictive token ? I already tried this example https://symfony.com/doc/cur... but unforthenlly the client of api test case does not have getCookieJar() function. any idea !
Hey ahmedbhs!
Sorry for the late reply! Yes, this should indeed be possible :). In API Platform, they use their own custom Client service (as you've noticed). But inside that services is the "normal" one. So, try this:
Let me know if that works!
Cheers!
I have a weird issue:
The login assert works fine I get 204, but the 2nd request I still get 401. Seems that the client object is maybe not storing the session id?
Seems the issue was because I had setup a session.cookie_domain = 'symfony.localhost' inside the framework.yaml
Did you manage to fix the problem then?
Yes removing that fixed the issue, but that was there because I had a different issue when trying to login from my front end angular project, I will see later if there's a way to fix both issues.
Hello SfCasts team, i have no problem with this actual version of the app. But when i do a composer update and i just relaunch the tests, i have this huge error:
Do you have the same problem ?
Thanks you 😉
Hey Abdelkarim,
Yeah, more info about it: It seems access_control was replaced with security. see their changelog: https://github.com/api-plat...
So, if you replace "access_control" with security in User object - it should pass :)
Cheers!
Hello Victor,
Yes, i already use security in new versions.
Cheers 😉
Hey Abdelkarim,
Yes, the new minor version of "api-platform/core" causes it to fail. If you downgrade it to "2.4.*" - it will work. So, it sounds like a BC break in 2.5.* but I'm not sure what exactly causes it though.
Cheers!
Hey Victor,
I think it comes from Symfony and not API Platform, like this issue : https://github.com/symfony/...
Cheers 😉
Ohh, that's interesting and it seems very likely that that's the problem. You may want to try what they recommend, downgrading to Symfony 4.3.8 and see if it works, meanwhile we wait for a patch fix :)
Cheers!
Hello MolloKhan , i solved my problem. It was because i used an old version of User entity (which implements UserInterface), with a roles field, who had an array type. I change it to a json type and now everything is good.
Cheers 😉
Aha! That was a tricky one. Nice job tracking down the problem :)
I also add my composer.json :
"Houston: no signs of life"
Start the conversation!