问题
I'm using FOSUserBundle with email as username.
Tryin' to use the remember_me functionality but it's not working. I've read this Symfony2: "Remember me" tries to authenticate by username instad of email
It's quite an old article and the username field in the database is set with the same value as the email so i don't understand why it is not working.
Checking with Google Chrome Inspector the REMEMBERME cookie is set...
Can someone help?
This is my security.yaml
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
logout: true
anonymous: true
remember_me:
secret: '%secret%'
lifetime: 604800 # 1 week in seconds
path: /
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
access_control:
- { path: ^/$, role: IS_AUTHENTICATED_FULLY }
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/account/*, role: IS_AUTHENTICATED_FULLY }
- { path: ^/admin/*, role: ROLE_ADMIN }
回答1:
Ok, it's a role configuration problem.
According to the documentation:
IS_AUTHENTICATED_ANONYMOUSLY: All users (even anonymous ones) have this
IS_AUTHENTICATED_REMEMBERED: All logged in users have this, even if they are logged in because of a "remember me cookie". Even if you don't use the remember me functionality, you can use this to check if the user is logged in.
IS_AUTHENTICATED_FULLY: This is similar to IS_AUTHENTICATED_REMEMBERED, but stronger. Users who are logged in
only because of a "remember me cookie" will have
IS_AUTHENTICATED_REMEMBERED but will not have IS_AUTHENTICATED_FULLY.
So, in my security.yml, trying to access to path "^/$" and "^/account/*" after closing the browser was not possible because of the IS_AUTHENTICATED_FULLY request.
I've changed it into this
access_control:
- { path: ^/$, roles: IS_AUTHENTICATED_REMEMBERED }
- { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/account/*, roles: IS_AUTHENTICATED_FULLY }
- { path: ^/admin/*, roles: [IS_AUTHENTICATED_FULLY, ROLE_ADMIN] }
Now i can access to "^/$" path with the REMEMBERME cookie but not to "^/account/" and "^/admin/" that are more restrictive because of the sensitive data (and it's exactly what i wanted).
来源:https://stackoverflow.com/questions/44138629/symfony-fosuserbundle-remeber-me-doesnt-work