Written by 
I have Symfony 6.4, and I’ve installed lexik/jwt-authentication-bundle (it works normal) and then gesdinet/jwt-refresh-token-bundle
But somehow, when I try to use jwt_login, something in Symfony tries to set user password to null. It runs in transaction INSERT INTO refresh_tokens (refresh_token, username, valid) VALUES (?, ?, ?) and then UPDATE user SET password = ? WHERE id = ? (and first ? is null). This transaction fails, because password is not null in my user table
My configs:
security.yaml:
security:
password_hashers:
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
providers:
app_user:
entity:
class: App\Entity\User
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/login
stateless: true
json_login:
username_path: email
check_path: /login
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
main:
lazy: true
provider: app_user
stateless: true
entry_point: jwt
jwt: ~
logout:
path: /logout
target: empty
refresh_jwt:
check_path: /api/token/refresh
lexik_jwt_authentication.yaml:
lexik_jwt_authentication:
secret_key: '%env(resolve:JWT_SECRET_KEY)%'
public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
pass_phrase: '%env(JWT_PASSPHRASE)%'
gesdinet_jwt_refresh_token.yaml:
gesdinet_jwt_refresh_token:
refresh_token_class: App\Entity\RefreshToken
ttl_update: true