Install the JWT validation library:
composer require lexik/jwt-authentication-bundle
This should have been automatically added to the .env
file:
###> lexik/jwt-authentication-bundle ###
JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem
JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem
JWT_PASSPHRASE=9dff125aa27fa4e5ded96cb0ef3e5f0d
###< lexik/jwt-authentication-bundle ###
Also there should be an config/packages/lexik_jwt_authentication.yaml
file:
lexik_jwt_authentication:
secret_key: '%env(resolve:JWT_SECRET_KEY)%'
public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
pass_phrase: '%env(JWT_PASSPHRASE)%'
We now need to create the config/jwt
directory and the private.pem
and public.pem
keys.
We can create the key with the following command:
openssl genrsa -out private.pem -aes256 4096
When asked for the password use the same as the JWT_PASSPHRASE
from the .env
file (e.g: 9dff125aa27fa4e5ded96cb0ef3e5f0d
).
Then we need to create the public.pem
, after you run the command you will be asked for the private key password.
openssl rsa -pubout -in private.pem -out public.pem