Skip to content

RememberMeBadge in remember Me Functionality #16149

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
avieville opened this issue Nov 23, 2021 · 6 comments · Fixed by #16376
Closed

RememberMeBadge in remember Me Functionality #16149

avieville opened this issue Nov 23, 2021 · 6 comments · Fixed by #16376
Labels
help wanted Issues and PRs which are looking for volunteers to complete them. Security

Comments

@avieville
Copy link

avieville commented Nov 23, 2021
edited by OskarStark
Loading

Hello,

I followed the documentation to set up the remember me functionality and the remember me cookie is not created during authentication if in addition I do not add 'new RememberMeBadge ()' in the authenticate function of the AppCustomAuthenticator .

public function authenticate(Request $request): PassportInterface
{
    $email = $request->request->get('email', '');

    $request->getSession()->set(Security::LAST_USERNAME, $email);

    return new Passport(
        new UserBadge($email),
        new PasswordCredentials($request->request->get('password', '')),
        [
            new CsrfTokenBadge('authenticate', $request->request->get('_csrf_token')),
            new RememberMeBadge()
        ]
    );
}

thank you for your feedback and your actions
@BahmanMD
Copy link
Contributor

Ask your questions in Symfony Discussions
https://github.com/symfony/symfony/discussions

@OskarStark
Copy link
Contributor

Is this a question or do you mean some detail is missing in the docs?

@avieville
Copy link
Author

it is not indicated in the documentation that it is necessary to add the 'new RememberMeBadge ()'

https://symfony.com/doc/current/security/remember_me.html

@BahmanMD
Copy link
Contributor

BahmanMD commented Nov 25, 2021
edited
Loading

What you say happens when you want to have a custom authentication mechanism.
When you use form_login in security.yaml configuration file, no need to use RememberMeBadge and you just have to use remember_me in the firewall
See this link:
https://symfony.com/doc/current/security/custom_authenticator.html#passport-badges

@OskarStark OskarStark added help wanted Issues and PRs which are looking for volunteers to complete them. Security labels Nov 25, 2021
@avieville
Copy link
Author

@BahmanMD Thank you for this information. I am using a custom authenticator.
I think it would be interesting to add a note for this particular case in the remember me documentation.

@gnito-org gnito-org mentioned this issue Nov 29, 2021
Closed
@gnito-org
Copy link
Contributor

I included a documentation section as suggested in #16161.

@gnito-org gnito-org mentioned this issue Dec 5, 2021
Merged
javiereguiluz added a commit that referenced this issue Jan 7, 2022
@javiereguiluz
minor #16202 [Security] Add remember me description when using custom…
34eea80 
… authenticator (gnito-org)

This PR was squashed before being merged into the 5.3 branch.

Discussion
----------

[Security] Add remember me description when using custom authenticator

This PR solves #16149.

<!--

If your pull request fixes a BUG, use the oldest maintained branch that contains
the bug (see https://symfony.com/releases for the list of maintained branches).

If your pull request documents a NEW FEATURE, use the same Symfony branch where
the feature was introduced (and `5.x` for features of unreleased versions).

-->

Commits
-------

7c26128 [Security] Add remember me description when using custom authenticator
@wouterj wouterj mentioned this issue Jan 7, 2022
Merged
@wouterj wouterj linked a pull request Jan 7, 2022 that will close this issue
[Security] Document the new remember me system #16376
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Issues and PRs which are looking for volunteers to complete them. Security
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Security] Document the new remember me system wouterj/symfony-docs
4 participants
@OskarStark @avieville @gnito-org @BahmanMD