Menu
when I try to connect with route api/login_check, I had this issue
Session was used while the request was declared stateless.
If I passed stateless to false in the config it's ok. But I dont want this. I have to keep stateless to true. Can someone help me ?
security.yaml
firewalls:
login:
pattern: ^/api/login
stateless: true
json_login:
check_path: /api/login_check
remember_me: true
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
refresh_token:
pattern: ^/api/token/refresh
stateless: true
refresh_jwt:
# The corresponding route has been declared by the recipe
check_path: /api/token/refresh
api:
pattern: ^/api/
stateless: true
jwt: ~
entry_point: jwt
logout:
path: api_token_invalidate
lexik_jwt_authentication.yaml
lexik_jwt_authentication:
secret_key: '%env(resolve:JWT_SECRET_KEY)%'
public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
pass_phrase: '%env(JWT_PASSPHRASE)%'
user_identity_field: email
token_extractors:
authorization_header:
enabled: true
prefix: Bearer
name: X-Authorization
api_platform:
check_path: /api/login_check
username_path: email
password_path: security.credentials.password
when@dev:
lexik_jwt_authentication:
token_ttl: 31536000 #1 year, no security need to expire in dev
I want to query the jwt from api/login_check route for my jest API tests
773
asked Oct 26 '25 09:10
API requests should be stateless.
We had the same when upgrading to Symfony 6.3
Turned out we used the session in two event listeners (onInteractiveLogin, onKernelRequest) to set language etc.
Just add a check there to not use the session when request is stateless
if ($request->attributes->getBoolean('_stateless')) {
return;
}
stateless:false
39
answered Oct 29 '25 05:10
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
