From f29788f3b64918d6292f28e41fae74a1944126ca Mon Sep 17 00:00:00 2001 From: DaumantasUrb Date: Sun, 4 Jun 2017 22:44:34 +0300 Subject: [PATCH 1/2] Update guard_authentication.rst Make the test curl http://localhost:8000/ return this value: {"message":"Authentication Required"} instead of {"message":"Username could not be found."} --- security/guard_authentication.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/security/guard_authentication.rst b/security/guard_authentication.rst index 922fb0128bc..338591c5119 100644 --- a/security/guard_authentication.rst +++ b/security/guard_authentication.rst @@ -172,8 +172,8 @@ This requires you to implement seven methods:: public function getCredentials(Request $request) { if (!$token = $request->headers->get('X-AUTH-TOKEN')) { - // No token? - $token = null; + // No token? Return null and show "Authentication Required" + return null; } // What you return here will be passed to getUser() as $credentials From b03d56ca83dc433b8d3d225c4a4ccbd032e02462 Mon Sep 17 00:00:00 2001 From: DaumantasUrb Date: Sun, 4 Jun 2017 23:31:31 +0300 Subject: [PATCH 2/2] Update guard_authentication.rst Remove anonymous authentication to force digest authentication --- security/guard_authentication.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/guard_authentication.rst b/security/guard_authentication.rst index 338591c5119..3340285f5c1 100644 --- a/security/guard_authentication.rst +++ b/security/guard_authentication.rst @@ -264,7 +264,7 @@ Finally, configure your ``firewalls`` key in ``security.yml`` to use this authen # ... main: - anonymous: ~ + # remove anonymous authentication to force digest authentication logout: ~ guard: