Add remember me functionality

config/packages/security.yaml

@@ -25,6 +25,16 @@ security:
                 path: app_logout
                 # where to redirect after logout
                 # target: app_any_route
+            remember_me:
+                secret:   '%kernel.secret%'
+                lifetime: 604800 # 1 week in seconds
+                path: /
+                secure: true
+                samesite: strict
+                # by default, the feature is enabled by checking a
+                # checkbox in the login form (see below), uncomment the
+                # following line to always enable it.
+                #always_remember_me: true
 
             # activate different ways to authenticate
             # https://symfony.com/doc/current/security.html#firewalls-authentication

src/Controller/Admin/DashboardController.php

@@ -18,6 +18,10 @@ class DashboardController extends AbstractDashboardController
      */
     public function index(): Response
     {
+        // require the user to log in during *this* session
+        // if they were only logged in via a remember me cookie, they
+        // will be redirected to the login page
+        $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
         return parent::index();
     }
 

templates/security/login.html.twig

@@ -33,6 +33,10 @@
         <div class="mb-3">
             <a href="{{ path('app_forgot_password_request') }}">Forgot password</a>
         </div>
+        <div class="mb-3">
+            <input type="checkbox" id="remember_me" name="_remember_me"/>
+            <label for="remember_me">Keep me logged in</label>
+        </div>
     </div>
 
     <input type="hidden" name="_csrf_token"