Add remember me functionality

2021-05-20 23:34:50 +02:00 · 2021-05-20 23:34:50 +02:00 · 58734aa7b2
commit 58734aa7b2
parent 6f5e5b069c
3 changed files with 18 additions and 0 deletions
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@ -25,6 +25,16 @@ security:
                path: app_logout
                # where to redirect after logout
                # target: app_any_route
+            remember_me:
+                secret:   '%kernel.secret%'
+                lifetime: 604800 # 1 week in seconds
+                path: /
+                secure: true
+                samesite: strict
+                # by default, the feature is enabled by checking a
+                # checkbox in the login form (see below), uncomment the
+                # following line to always enable it.
+                #always_remember_me: true

            # activate different ways to authenticate
            # https://symfony.com/doc/current/security.html#firewalls-authentication
--- a/src/Controller/Admin/DashboardController.php
+++ b/src/Controller/Admin/DashboardController.php
@ -18,6 +18,10 @@ class DashboardController extends AbstractDashboardController
     */
    public function index(): Response
    {
+        // require the user to log in during *this* session
+        // if they were only logged in via a remember me cookie, they
+        // will be redirected to the login page
+        $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
        return parent::index();
    }

--- a/templates/security/login.html.twig
+++ b/templates/security/login.html.twig
@ -33,6 +33,10 @@
        <div class="mb-3">
            <a href="{{ path('app_forgot_password_request') }}">Forgot password</a>
        </div>
+        <div class="mb-3">
+            <input type="checkbox" id="remember_me" name="_remember_me"/>
+            <label for="remember_me">Keep me logged in</label>
+        </div>
    </div>

    <input type="hidden" name="_csrf_token"