Symfony 2.8 FOSUserBundle 在注销时删除 cookie
Symfony 2.8 FOSUserBundle delete cookies on logout
我需要在用户注销时删除一些额外的 cookie。
我该怎么做?
我的 config.yml
里有
logout:
path: /logout
handlers: [logout_handler]
delete_cookies:
c_user: { path: /, domain: .facebook.com }
sb: { path: /, domain: .facebook.com }
xs: { path: /, domain: .facebook.com }
fr: { path: /, domain: .facebook.com }
pl: { path: /, domain: .facebook.com }
lu: { path: /, domain: .facebook.com }
datr: { path: /, domain: .facebook.com }
dats: { path: /, domain: .facebook.com }
pnl_data: { path: /, domain: www.facebook.com }
但是 "delete_cookies" 选项不起作用。
我也有注销处理程序以防万一。不过我真的不知道该写什么。
确保您在防火墙部分下的 security.yml 文件中进行了配置,并检查 full security configuration for 2.8 作为参考:
# app/config/security.yml
security:
firewalls:
somename:
logout:
delete_cookies:
a: { path: null, domain: null }
b: { path: null, domain: null }
handlers: [some.service.id, another.service.id]
success_handler: some.service.id
anonymous: ~
正如您在注销成功处理程序中提到的,您可以进行一些额外的处理:
If you need to do something more interesting after logging out, you
can specify a logout success handler by adding a success_handler key
and pointing it to a service id of a class that implements
LogoutSuccessHandlerInterface. See Security Configuration Reference.
查看 \Symfony\Component\Security\Http\Logout\CookieClearingLogoutHandler
,它通过响应 headers
删除了所有请求的 cookie
/**
* Implementation for the LogoutHandlerInterface. Deletes all requested cookies.
*
* @param Request $request
* @param Response $response
* @param TokenInterface $token
*/
public function logout(Request $request, Response $response, TokenInterface $token)
{
foreach ($this->cookies as $cookieName => $cookieData) {
$response->headers->clearCookie($cookieName, $cookieData['path'], $cookieData['domain']);
}
}
所以在你的处理程序中你可以做类似的事情:
$response = new Symfony\Component\HttpFoundation\Response();
$response->headers->clearCookie('nameOfTheCookie');
$response->send();
我需要在用户注销时删除一些额外的 cookie。 我该怎么做?
我的 config.yml
里有logout:
path: /logout
handlers: [logout_handler]
delete_cookies:
c_user: { path: /, domain: .facebook.com }
sb: { path: /, domain: .facebook.com }
xs: { path: /, domain: .facebook.com }
fr: { path: /, domain: .facebook.com }
pl: { path: /, domain: .facebook.com }
lu: { path: /, domain: .facebook.com }
datr: { path: /, domain: .facebook.com }
dats: { path: /, domain: .facebook.com }
pnl_data: { path: /, domain: www.facebook.com }
但是 "delete_cookies" 选项不起作用。 我也有注销处理程序以防万一。不过我真的不知道该写什么。
确保您在防火墙部分下的 security.yml 文件中进行了配置,并检查 full security configuration for 2.8 作为参考:
# app/config/security.yml
security:
firewalls:
somename:
logout:
delete_cookies:
a: { path: null, domain: null }
b: { path: null, domain: null }
handlers: [some.service.id, another.service.id]
success_handler: some.service.id
anonymous: ~
正如您在注销成功处理程序中提到的,您可以进行一些额外的处理:
If you need to do something more interesting after logging out, you can specify a logout success handler by adding a success_handler key and pointing it to a service id of a class that implements LogoutSuccessHandlerInterface. See Security Configuration Reference.
查看 \Symfony\Component\Security\Http\Logout\CookieClearingLogoutHandler
,它通过响应 headers
/**
* Implementation for the LogoutHandlerInterface. Deletes all requested cookies.
*
* @param Request $request
* @param Response $response
* @param TokenInterface $token
*/
public function logout(Request $request, Response $response, TokenInterface $token)
{
foreach ($this->cookies as $cookieName => $cookieData) {
$response->headers->clearCookie($cookieName, $cookieData['path'], $cookieData['domain']);
}
}
所以在你的处理程序中你可以做类似的事情:
$response = new Symfony\Component\HttpFoundation\Response();
$response->headers->clearCookie('nameOfTheCookie');
$response->send();