记住我功能在 Symfony2 中不起作用 [英] Remember Me functionality not working in Symfony2
问题描述
我已经在 Symfony2 中实现了记住我的功能.当我在选中记住我框的情况下登录时,会创建名为REMEMBERME"的 cookie.如果我关闭浏览器并在几个小时后打开它,该 cookie 也可用.但是当我加载我的应用程序的主页时,cookie 会被自动删除并且我看到没有用户登录.谁能解释我删除 cookie 的原因?
I have implemented remember me functionality in Symfony2. When I log in with remember me box checked, cookie named "REMEMBERME" gets created. That cookie is also available if I close browser and open it after many hours. But when I load home page of my application, the cookie gets automatically deleted and I see no user logged in. Can anyone explain me the reason for cookie deletion?
remember_me:
key: qwerty
lifetime: 604800
path: /
domain: ~
这是我的 security.yml 文件部分
This is my security.yml file section
我还没有找到这个问题的解决方案......
I have still not found the solution to this question...
现在遇到了新问题.REMEMBERME cookie 根本没有设置.这个怎么解决??
Now got new problem. The REMEMBERME cookie does not get set at all. How to solve this??
已解决:请参阅下面的答案
SOLVED: see answer below
推荐答案
John.
我遇到了和你一样(或做过)的问题,我发现当我(实际上是 Symfony2 =))在 101记住 cookie 设置记住/strong> 在 /vendor/symfony/src/Symfony/Component/Security/Http/RememberMe/TokenBasedRememberMeService.php 文件 $user->getPassword() 返回 NULL,因此 cookie 使用 NULL 密码值计算哈希值.
I've the same issue as you do (or did), what I've found is that when I am (Symfony2 actually =) ) setting REMEMBERME cookie on line 101 at /vendor/symfony/src/Symfony/Component/Security/Http/RememberMe/TokenBasedRememberMeService.php file $user->getPassword() returns NULL, so cookie gets hash calculated with NULL password value.
接下来发生的事情是,当您完全确信您将自动通过身份验证返回您的站点时,Symfony 开始在与上述相同的文件中检查您的 cookie,但在 第 58 行 它发现 cookie hash 与 它期望的 不一样 并抛出一个异常('The cookie\'s hash is invalid.')内部捕获它并继续前进.
What happening next, is when you returning to your site being fully confident that you will be automatically authenticated, Symfony begins to check your cookie at the same file as above but on line 58 it founds that cookie hash is not the same as it expects and throws an exception('The cookie\'s hash is invalid.') internally catches it and proceeds somewhere.
这就是为什么在我的情况下 cookie 不起作用的原因.
So that is the case why in my case cookie doesn't work.
我还没有找到解决方案,但我会挖掘它,也许我很幸运.
I haven't found a solution yet, but I will dig for it and may be I'm lucky.
希望您的问题是一样的,解决方案对我们双方都有帮助.
Hope your issue is the same and solution will help us both.
解决方案:
在实现声称用于从 UserInterface 擦除用户敏感数据的 eraseCredentials() 时,不要执行 $this->password = null.我犯了这个错误,因为我没有理解它的目的.你可以看一眼 Symfony 2 Logout (UserInterface::eraseCredentials)解释.所以它序列化了令牌对象,我们遇到了麻烦.
When implementing eraseCredentials() which claims to be used to erase user sensitive data from UserInterface do not perform $this->password = null. I've made this mistake because I haven't being understanding its purpose. You can take a glance at Symfony 2 Logout (UserInterface::eraseCredentials) for a little bit of explanation. So it serializes token object and we are in trouble.
这篇关于记住我功能在 Symfony2 中不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
