Could somebody explain how you can manually create a remember me cookie in a controller?
I want the users to stay logged in after they pressed the “register”
button, without having to login with their credentials afterwards.
I’ve tried to create a cookie manually but i’m guessing the cookie
value is incorrect, and therefor the “remember me” functionality
doesn’t work.
A cookie with the correct name gets set. I’ve checked that.
The remember me functionality works as expected when using the normal
login procedure with the user’s credentials.
security.yml
security.yml remember me
security:
firewalls:
main:
remember_me:
lifetime: 86400
domain: ~
path: /
key: myKey
This is what I have now, even though the cookie is set, it doesn’t work.
$um = $this->get('fos_user.user_manager');
$member = $um->createUser();
… Form stuff with bindRequest etc.
$um->updatePassword($member);
$um->updateUser($member);
$providerKey = $this->container->getParameter('fos_user.firewall_name');
$securityKey = 'myKey';
$token = new RememberMeToken($member, $providerKey, $securityKey,
$member->getRoles());
$this->container->get('security.context')->setToken($token);
$redirectResponse = new RedirectResponse($url);
$redirectResponse->headers->setCookie(
new \Symfony\Component\HttpFoundation\Cookie(
'REMEMBERME',
base64_encode(implode(':', array($member->getUsername(),
$member->getPassword()))),
time() + 60*60*24
)
);
return $redirectResponse;
Update:
I’ve also tried working with the
PersistentTokenBasedRememberMeServices class with reflection but it does not work. a cookie gets set but it’s not working
$token = $this->container->get('security.context')->getToken();
$providerKey = $this->container->getParameter('fos_user.firewall_name');
$securityKey = 'myKey';
$persistenService = new
PersistentTokenBasedRememberMeServices(array($um), $providerKey,
$securityKey, array('path' => '/', 'name' => 'REMEMBERME', 'domain' =>
null, 'secure' => false, 'httponly' => true,
'lifetime' => 86400));
$persistenService->setTokenProvider(new InMemoryTokenProvider());
$method = new \ReflectionMethod('Symfony\Component\Security\Http\RememberMe\PersistentTokenBasedRememberMeServices',
'onLoginSuccess');
$method->setAccessible(true);
$method->invoke($persistenService, $request, $redirectResponse, $token);
I’m using Symfony v2.0.5 and FOSUserBundle 1.0
UPDATE 2:
I’ve tried a 3rd way. The same as above but without reflection:
$token = $this->container->get('security.context')->getToken();
$providerKey = $this->container->getParameter('fos_user.firewall_name');
$securityKey = 'myKey';
$persistenService = new PersistentTokenBasedRememberMeServices(array($um), $providerKey, $securityKey, array('path' => '/', 'name' => 'REMEMBERME', 'domain' => null, 'secure' => false, 'httponly' => true, 'lifetime' => 31536000, 'always_remember_me' => true, 'remember_me_parameter' => '_remember_me'));
$persistenService->setTokenProvider(new InMemoryTokenProvider());
$persistenService->loginSuccess($request, $redirectResponse, $token);
If you are setting the rememberme cookie directly, you have to use the following format:
where the hash will be:
the key is the key you have entered in your security(.xml/.yml) in the
remember_mesection.This is taken from
processAutoLoginCookie()method in the Symfony/Component/Security/Http/RememberMe/TokenBasedRememberMeService.php file.This is all done by the
generateCookieValue()method in the same class.However, I would not recommend on using doing it this way directly, but try to see if you can call the
TokenBasedRememberMeService::onLoginSuccess()method, which sets this cookie for you to make the code more robust and portable.