How to configure a remember me aware listener in Symfony 2?

前端 未结 2 1417
无人及你
无人及你 2021-02-14 23:04

I have implemented a custom authentication provider successfully, but now I also need to add \'remember me\' functionality, and I couldn\'t find docs on how to do that.

2条回答
  •  后悔当初
    2021-02-14 23:50

    I was having the same issue with a custom Facebook authentication provider I wrote. The solution ended up being pretty simple:

    I'll assume you implemented a custom authentication provider with a custom SecurityFactoryInterface implementation that extends from Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\AbstractFactory. If you did this, the rest is a matter of configuration:

    1. In your security configuration, configure the remember_me functionality for your firewall. Assuming you're configuring that into the public firewall, the added config params might look something like this:

      firewalls:
          public:
              remember_me:
                  key:      "%secret%"
                  lifetime: 31536000 # 365 days in seconds
                  path:     /
                  domain:   ~ # Defaults to the current domain from $_SERVER
      
    2. In the same configuration, enable the remember_me functionality for your authentication provider. Assuming you're configuring that into the public firewall and your SecurityFactoryInterface implementation's getKey() method returns yourAuthProviderKey, the added config params might look something like this:

      firewalls:
          public:
              yourAuthProviderKey:
                  remember_me:        true
      
    3. Finally, when your Authentication Provider handles logins, make sure you request the remember me feature by having an http GET or POST parameter named _remember_me with value 1 in the http request. (Note though: this parameter might need a different name if you changed its default value in your security config.) For example, in my case, I had to tell Facebook to redirect to the following URL after it handled the authentication: http://www.mydomain.com/auth-callback/?_remember_me=1. (Note the part after the ?)

    Hope this helps!

提交回复
热议问题