8000 [Security] Document the new remember me system by wouterj · Pull Request #16376 · symfony/symfony-docs · GitHub
[go: up one dir, main page]
Skip to content

[Security] Document the new remember me system #16376

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Jan 19, 2022
Merged

[Security] Document the new remember me system #16376

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d36b949
Update remember_me.rst
caliendojulien Oct 5, 2021
2df2275
Added the way to activate remember me in the new authentication system
parijke Jun 24, 2021
5ac2d26
Document the new remember me system
wouterj Jan 7, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
< 8000 !-- '"` -->
Diff view
Next Next commit
Update remember_me.rst 
Add some line to the Authenticator to add a RememberMeBadge to the Passport returned
  • Loading branch information
@caliendojulien @wouterj
caliendojulien authored and wouterj committed Jan 7, 2022
commit d36b9497329a0b105b0a500e2a85af66a1ac61b2
23 changes: 23 additions & 0 deletions security/remember_me.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -167,6 +167,29 @@ this:
The user will then automatically be logged in on subsequent visits while
the cookie remains valid.

Add the RememberMeBadge() to the Passport
-----------------------------------------
After uncommenting the login template and add some lines in the firewall configuration, the last thing to do is to add a new RememberMeBadge to the Password in the Authenticator.

// src/Security/Authenticator.php
// ...

public function authenticate(Request $request): PassportInterface
{
$email = $request->request->get('email', '');

$request->getSession()->set(Security::LAST_USERNAME, $email);

return new Passport(
new UserBadge($email),
new PasswordCredentials($request->request->get('password', '')),
[
new CsrfTokenBadge('authenticate', $request->request->get('_csrf_token')),
new RememberMeBadge(),
]
);
}

Forcing the User to Re-Authenticate before Accessing certain Resources
----------------------------------------------------------------------

Expand Down
0