Expected behavior
In order to upgrade from Symfony 5.4 to Symfony 6.4, we have removed the currently deprecated “TokenBasedRememberMeServices” and implemented the new RememberMe autologin feature.
I have written the following code in an acceptance test for RememberMe’s auto-login feature.
Issue
MyPage::newInstance($this->getRouter(), $driver); process is correct to log in and transition to MyPage, but it logs out and transitions to a different page.
<?php
namespace TestsSecurity;
use FacebookWebDriverCookie;
use FacebookWebDriverSupportEventsEventFiringWebDriver;
use SymfonyComponentHttpFoundationRequest;
use SymfonyComponentHttpFoundationRequestStack;
use SymfonyComponentSecurityCoreSignatureSignatureHasher;
use SymfonyComponentSecurityHttpRememberMeResponseListener;
use AppEntityUser;
class AutoLoginTest extends WebTestCase
public function testAutoLogin(): void
{
/** @var User $user */
$user = $this->registerUser();
$handler = new SignatureRememberMeHandler(
signatureHasher: static::getContainer()->get(SignatureHasher::class),
userProvider: static::getContainer()->get(UserRepository::class),
requestStack: $this->createConfiguredMock(
RequestStack::class,
['getMainRequest' => $request = new Request()]
),
options: [
'name' => 'REMEMBERME',
'lifetime' => 604800,
],
);
}
$handler->createRememberMeCookie($user);
// create web driver for acceptance test
$driver = $this->createWebDriver;
// page object for no login user
HomePage::newInstance($this->getRouter(), $driver);
$cookie = Cookie::createFromArray(
[
'name' => 'REMEMBERME',
'value' => $request->attributes->get(ResponseListener::COOKIE_ATTR_NAME)->getValue(),
'path' => '/',
'domain' => null,
'expiry' => time() + 604800,
'secure' => true,
'httponly' => false,
]
);
$driver->manage()->addCookie($cookie);
// -- ERROR -- page object for login user
MyPage::newInstance($this->getRouter(), $driver);
remember_me:
secret: secret
lifetime: 604800
path: /
domain: ~
name: REMEMBERME
signature_properties: ['username', 'password']
<?php
namespace AppSecurity;
use SymfonyComponentPropertyAccessPropertyAccess;
use SymfonyComponentSecurityCoreSignatureSignatureHasher;
class SignatureHasherFactory
{
public static function create(array $signatureProperties): SignatureHasher
{
$propertyAccessor = PropertyAccess::createPropertyAccessor();
return new SignatureHasher($propertyAccessor, $signatureProperties, 'secret');
}
}
SymfonyComponentSecurityCoreSignatureSignatureHasher:
factory: ['AppSecuritySignatureHasherFactory', 'create']
arguments:
- ['getUsername', 'getPassword']
public: true
Why is my RememberMe not working?
Implemented the above
New contributor
lomlom is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.