PHPFixing
  • Privacy Policy
  • TOS
  • Ask Question
  • Contact Us
  • Home
  • PHP
  • Programming
  • SQL Injection
  • Web3.0

Sunday, February 20, 2022

[FIXED] Auto remember-me after register

 February 20, 2022     php, symfony, symfony-security, symfony5     No comments   

Issue

I'm using Symfony 5.2 / PHP8

My login form is simply email + password I do an auto "remember me" using

    firewalls:
        endusers:
            ...
            remember_me:
                secret: '%kernel.secret'
                lifetime: 604800 # 1 week in seconds
                path: /
                always_remember_me: true

this works without any issue

The problem is during registration, I autologin the user using this snippet

            $token = new UsernamePasswordToken(
                user: $user,
                credentials: null,
                firewallName: 'endusers',
                roles: $user->getRoles(),
            );
            $this->container->get('security.token_storage')->setToken($token);
            $this->container->get('session')->set('_security_endusers', serialize($token))

and while this work, it unfortunately does not trigger the remember me feature (which is normal to my understanding, as the remember me is trigger normally one level higher by the 'onloginsuccess' event which is not triggered here)

So I would like to know how to have also the remember me set up in the case above


Solution

Update Symfony 5.3

There's now a RememberMeHandlerInterface service that works with autowiring, so you simply need to inject it and use it like this

            $rememberMe->createRememberMeCookie($user);

no need to update your services.yaml

Symfony 5.2

You can create the remember_me cookie by using RememberMeServicesInterface and calling loginSuccess. There's no autowiring service for it, though, so you have to create an alias in order to inject it in your controller.

The container alias for the service is security.authentication.rememberme.services.simplehash.<firewall_name>. Depending on the configuration it could be other than simplehash, you can verify it by executing bin/console debug:container rememberme.services.

Once you've verified the registered service, create the alias in config/services.yaml:

services:
     # ...
     Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface:
         alias: security.authentication.rememberme.services.simplehash.endusers

Now you can inject the service in your controller and call the function after successful registration.

public function register(Request $request, RememberMeServicesInterface $rememberme, /* Other deps */)
{
    $token = new UsernamePasswordToken($user, null, 'endusers', $user->getRoles());
        
    $this->container->get('security.token_storage')->setToken($token);
    $this->container->get('session')->set('_security_endusers', serialize($token));
    
    // RememberMe needs a Response object so cookies can be set in the output
    $response = $this->redirectToRoute($route);
    
    $rememberme->loginSuccess($request, $response, $token);
    
    return $response;
}

According to your firewall configuration, always_remember_me is enabled, but in case it weren't, you'd need to set the remember_me_parameter (_remember_me by default) in the request for the service to actually create the cookie.

$request->attributes->add(['_remember_me' => true]);
$rememberme->loginSuccess(/*...*/);


Answered By - msg
  • Share This:  
  •  Facebook
  •  Twitter
  •  Stumble
  •  Digg
Newer Post Older Post Home

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...

Subscribe To

Posts
Atom
Posts
Comments
Atom
Comments

Copyright © PHPFixing