Slava Fomin II Slava Fomin II - 1 year ago 147
PHP Question

Log user out in Symfony 2 application when "remember me" is enabled

I'm looking for a way to log user out of Symfony 2 application, but could not find a way to do it properly.

I've tried an approach described here:
Symfony2: how to log user out manually in controller?


It's working fine when "remember me" is disabled, however, when I enable it, it's not working. It looks like user is automatically re-authenticated back again by this cookie.

key: "%secret%"
lifetime: 31536000
path: /
domain: ~
always_remember_me: true

What is the proper way to log user out of Symfony 2 application? Do I need to additionally delete this cookie from server-side?

Answer Source

You may have to call the session-storage's save() (Documentation) method explicitly.

Force the session to be saved and closed.

Further you can request to delete the session- and/or remember_me-cookies via response headers.

The session-cookie's name is configured as the container-parameter and defaults to the value from your php.ini.

$cookieName = $this->container->getParameter('');
$response->headers->clearCookie( $cookieName );

The remember_me-cookie's name can be configured in your security configuration.

                name: neverforget # <- cookie-name