user1915746 user1915746 - 15 days ago 9
PHP Question

Symfony2: "Remember me" tries to authenticate by username instad of email

I have an application with user authenticaton against database. The property I use is email:

providers:
administrators:
entity:
class: CorabMainBundle:User
property: email


Authentication works great!
But I have huge problems getting the remember me functionality to work.
After several hours I think I found the problem but I don't know how to solve it...

Symfony2 seems to try to authenticate with the username instead of email in case of remember me.

dev.log says the following:

[2013-10-21 23:49:19] security.DEBUG: Remember-me cookie detected. [] []
[2013-10-21 23:49:19] doctrine.DEBUG: SELECT t0.id AS id1, t0.username AS username2, t0.salt AS salt3, t0.password AS password4, t0.email AS email5, t0.is_active AS is_active6, t0.organisation AS organisation7 FROM User t0 WHERE t0.email = ? LIMIT 1 ["roger"] []
[2013-10-21 23:49:19] security.INFO: User for remember-me cookie not found. [] []
[2013-10-21 23:49:19] security.DEBUG: Clearing remember-me cookie "REMEMBERME" [] []


Line 2 is not ok beacuse it should not be roger but an email address. That's why the cookie gets deleted.

How to tell symfony2 to use email as property for remember me authentication?

Thank you for your help!

Answer

You can extend the default remember me service class and override the onLoginSuccess method so it uses the email instead of the username.

  • Service to be extended: security.authentication.rememberme.services.simplehash.class
  • Class: Symfony\Component\Security\Http\RememberMe\TokenBasedRememberMeServices
  • Method: onLoginSuccess
Comments