How to configure a remember me aware listener in Symfony 2?

前端 未结 5 596
既然无缘
既然无缘 2021-02-14 23:25

I have implemented a custom authentication provider successfully, but now I also need to add \'remember me\' functionality, and I couldn\'t find docs on how to do that.

相关标签:
5条回答
  • 2021-02-14 23:42

    I was having the same issue with a custom Facebook authentication provider I wrote. The solution ended up being pretty simple:

    I'll assume you implemented a custom authentication provider with a custom SecurityFactoryInterface implementation that extends from Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\AbstractFactory. If you did this, the rest is a matter of configuration:

    1. In your security configuration, configure the remember_me functionality for your firewall. Assuming you're configuring that into the public firewall, the added config params might look something like this:

      firewalls:
          public:
              remember_me:
                  key:      "%secret%"
                  lifetime: 31536000 # 365 days in seconds
                  path:     /
                  domain:   ~ # Defaults to the current domain from $_SERVER
      
    2. In the same configuration, enable the remember_me functionality for your authentication provider. Assuming you're configuring that into the public firewall and your SecurityFactoryInterface implementation's getKey() method returns yourAuthProviderKey, the added config params might look something like this:

      firewalls:
          public:
              yourAuthProviderKey:
                  remember_me:        true
      
    3. Finally, when your Authentication Provider handles logins, make sure you request the remember me feature by having an http GET or POST parameter named _remember_me with value 1 in the http request. (Note though: this parameter might need a different name if you changed its default value in your security config.) For example, in my case, I had to tell Facebook to redirect to the following URL after it handled the authentication: http://www.mydomain.com/auth-callback/?_remember_me=1. (Note the part after the ?)

    Hope this helps!

    0 讨论(0)
  • 2021-02-14 23:43

    From Symfony 2.8, the "key" is replaced by "secret". So you will have:

    remember_me:
       secret: %secret%
       lifetime: 31536000
    

    If you run across this error, that is the fix

    0 讨论(0)
  • 2021-02-14 23:44

    Did you add this to your form_login section?

    form_login:
        remember_me: true
    
    0 讨论(0)
  • 2021-02-14 23:48

    In my case it happened when i create a Factory class implementing SecurityFactoryInterface (as it was described in example "How to Create a custom Authentication Provider"). Later i found that another way to create this Factory is extending from AbstractFactory which contains neccessary readme stuff (you can find it create() method). So there are two solutions: 1) extend AbstractFactory instead of implementing SecurityFactoryInterface 2) implement SecurityFactoryInterface and copypaste readme related code. In symfony 3.1:

           // add remember-me aware tag if requested
        if ($this->isRememberMeAware($config)) {
            $container
                ->getDefinition($listenerId)
                ->addTag('security.remember_me_aware', array('id' => $id, 'provider' => $userProviderId))
            ;
        }
    
    0 讨论(0)
  • 2021-02-14 23:51

    You can try this:

    firewalls:                   
        secured_area:
            pattern:    ^/
            anonymous: ~
            form_login:
                csrf_provider: form.csrf_provider
                login_path:  login
                check_path:  login_check
                always_use_default_target_path: true
                default_target_path: /the-cao
                remember_me: true
            logout:
                path: /logout
                target: /
            remember_me:
                key:      "%secret%"
                lifetime: 31536000 # 365 days in seconds
                path:     /
                domain:   ~ # Defaults to the current domain from $_SERVER
    
    0 讨论(0)
提交回复
热议问题