diff --git a/config/packages/security.yaml b/config/packages/security.yaml index a5909ce..4fb4d30 100644 --- a/config/packages/security.yaml +++ b/config/packages/security.yaml @@ -25,6 +25,16 @@ security: path: app_logout # where to redirect after logout # target: app_any_route + remember_me: + secret: '%kernel.secret%' + lifetime: 604800 # 1 week in seconds + path: / + secure: true + samesite: strict + # by default, the feature is enabled by checking a + # checkbox in the login form (see below), uncomment the + # following line to always enable it. + #always_remember_me: true # activate different ways to authenticate # https://symfony.com/doc/current/security.html#firewalls-authentication diff --git a/src/Controller/Admin/DashboardController.php b/src/Controller/Admin/DashboardController.php index df0148e..9e5ad4c 100644 --- a/src/Controller/Admin/DashboardController.php +++ b/src/Controller/Admin/DashboardController.php @@ -18,6 +18,10 @@ class DashboardController extends AbstractDashboardController */ public function index(): Response { + // require the user to log in during *this* session + // if they were only logged in via a remember me cookie, they + // will be redirected to the login page + $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY'); return parent::index(); } diff --git a/templates/security/login.html.twig b/templates/security/login.html.twig index 6c66575..a4b4e03 100644 --- a/templates/security/login.html.twig +++ b/templates/security/login.html.twig @@ -33,6 +33,10 @@
Forgot password
+
+ + +