在 symfony security authenticateUserAndHandleSuccess 上默认设置 remember_me

Question

我在登录方法上遇到了一些 Symfony 安全问题。

我通过第 3 方系统创建身份验证（我在我的数据库中存储了来自与用户关联的外部系统的令牌信息），成功后，我只是 select 来自数据库的用户数据并通过

return $guardHandler->authenticateUserAndHandleSuccess(
    $user,
    $request,
    $formAuthenticator,
    'main'
);

但是，我想在这种授权方式上默认设置remember_me。我设置在 security.yml

main:
    anonymous: true
    lazy: true
    provider: app_user_provider
    switch_user: true
    remember_me:
        secret: '%kernel.secret%'
        lifetime: 2592000
        always_remember_me: true

但它只适用于普通登录表单，当我使用 authenticateUserAndHandleSuccess 方法时无效。

在这种情况下如何默认设置 remember_me cookie？

Answer 1

来自代码源，它被记录在案：

/**
     * Does this method support remember me cookies?
     *
     * Remember me cookie will be set if *all* of the following are met:
     *  A) This method returns true
     *  B) The remember_me key under your firewall is configured
     *  C) The "remember me" functionality is activated. This is usually
     *      done by having a _remember_me checkbox in your form, but
     *      can be configured by the "always_remember_me" and "remember_me_parameter"
     *      parameters under the "remember_me" firewall key
     *  D) The onAuthenticationSuccess method returns a Response object
     *
     * @return bool
     */
public function supportsRememberMe();

是否满足所有这些要求？

在 symfony security authenticateUserAndHandleSuccess 上默认设置 remember_me

Set remember_me by default on symfony security authenticateUserAndHandleSuccess

php

symfony

symfony-security