在 symfony security authenticateUserAndHandleSuccess 上默认设置 remember_me
Set remember_me by default on symfony security authenticateUserAndHandleSuccess
我在登录方法上遇到了一些 Symfony 安全问题。
我通过第 3 方系统创建身份验证(我在我的数据库中存储了来自与用户关联的外部系统的令牌信息),成功后,我只是 select 来自数据库的用户数据并通过
return $guardHandler->authenticateUserAndHandleSuccess(
$user,
$request,
$formAuthenticator,
'main'
);
但是,我想在这种授权方式上默认设置remember_me
。
我设置在 security.yml
main:
anonymous: true
lazy: true
provider: app_user_provider
switch_user: true
remember_me:
secret: '%kernel.secret%'
lifetime: 2592000
always_remember_me: true
但它只适用于普通登录表单,当我使用 authenticateUserAndHandleSuccess
方法时无效。
在这种情况下如何默认设置 remember_me
cookie?
来自代码源,它被记录在案:
/**
* Does this method support remember me cookies?
*
* Remember me cookie will be set if *all* of the following are met:
* A) This method returns true
* B) The remember_me key under your firewall is configured
* C) The "remember me" functionality is activated. This is usually
* done by having a _remember_me checkbox in your form, but
* can be configured by the "always_remember_me" and "remember_me_parameter"
* parameters under the "remember_me" firewall key
* D) The onAuthenticationSuccess method returns a Response object
*
* @return bool
*/
public function supportsRememberMe();
是否满足所有这些要求?
我在登录方法上遇到了一些 Symfony 安全问题。
我通过第 3 方系统创建身份验证(我在我的数据库中存储了来自与用户关联的外部系统的令牌信息),成功后,我只是 select 来自数据库的用户数据并通过
return $guardHandler->authenticateUserAndHandleSuccess(
$user,
$request,
$formAuthenticator,
'main'
);
但是,我想在这种授权方式上默认设置remember_me
。
我设置在 security.yml
main:
anonymous: true
lazy: true
provider: app_user_provider
switch_user: true
remember_me:
secret: '%kernel.secret%'
lifetime: 2592000
always_remember_me: true
但它只适用于普通登录表单,当我使用 authenticateUserAndHandleSuccess
方法时无效。
在这种情况下如何默认设置 remember_me
cookie?
来自代码源,它被记录在案:
/**
* Does this method support remember me cookies?
*
* Remember me cookie will be set if *all* of the following are met:
* A) This method returns true
* B) The remember_me key under your firewall is configured
* C) The "remember me" functionality is activated. This is usually
* done by having a _remember_me checkbox in your form, but
* can be configured by the "always_remember_me" and "remember_me_parameter"
* parameters under the "remember_me" firewall key
* D) The onAuthenticationSuccess method returns a Response object
*
* @return bool
*/
public function supportsRememberMe();
是否满足所有这些要求?