Symfony RememberMeToken - no cookies set
I am using Symfony2, here is the firewall section from security.yml:
# ...
firewalls:
default:
remember_me:
name: RememberMeName
key: "%secret%"
lifetime: 31536000 # 365 days
path: /
domain: ~
always_remember_me: true
anonymous: ~
http_basic: ~
form_login:
login_path: /auth
csrf_provider: security.csrf.token_manager
remember_me: true
logout:
delete_cookies:
RememberMeName: { path: /, domain: null }
path: /logout
target: /
Here is my auth process (I do it manually):
if ($form->get('remember_me')->getData()){
$token = new RememberMeToken($profile, 'default', $secret);
} else {
$token = new UsernamePasswordToken($profile, $profile->getPassword(), 'default', $profile->getRoles());
}
$controller->get('security.token_storage')->setToken($token);
$event = new InteractiveLoginEvent($controller->get('request'), $token);
$controller->get('event_dispatcher')->dispatch('security.interactive_login', $event);
Problem: cookie not set after RememberMe auth function (but $ token RememberMeToken
)
+3
source to share
1 answer
I was on your shoes last week, but I figured it out. Remembermetoken has nothing to do with it (I wasted a lot of time grunting with this and it turned out to be useless). I ended up using TokenBasedRememberMeServices
//use Symfony\Component\Security\Http\RememberMe\TokenBasedRememberMeServices;
$key = $this->container->getParameter('secret');
$rememberMeService = new TokenBasedRememberMeServices(
array($this->getDoctrine()->getManager()->getRepository('BrandonSecurityBundle:User')), 'divine_office_hub_1234567', $key, array(
'path' => '/',
'name' => 'remember',
'domain' => null,
'secure' => false,
'httponly' => true,
'lifetime' => 315360000, // forever
'always_remember_me' => true,
'remember_me_parameter' => '_remember_me2')
);
$token = new UsernamePasswordToken($user, null, "api", $user->getRoles());
$this->get("security.context")->setToken($token);
$this->get('session')->set('_security_main', serialize($token));
$request = $this->get("request");
$event = new InteractiveLoginEvent($request, $token);
$this->get("event_dispatcher")->>dispatch("security.interactive_login", $event);
and in security.yml I had
api:
remember_me:
key: divine_office_hub_1234567
lifetime: 31536000
name: remember
always_remember_me: true
remember_me_parameter: _remember_me2
path: ~
So you know if you want to adapt this to your code and answer for anyone stuck with this (I've been stuck for over 2 weeks).
0
source to share