FOSUserBundle and remember me

Asked 27/12, 2011 at 21:19 Answered 25/3, 2016 at 23:20

I'm using a FOSUserBundle for authentication in Symfony2. Everything works fine except "remember me". My security.yml looks like this:

security:
providers:
    fos_userbundle:
        id: fos_user.user_manager

encoders:
    'FOS\UserBundle\Model\UserInterface': sha512

firewalls:
    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
        logout:       true
        anonymous:    true
        remember_me:
            key:      aSecretKey
            lifetime: 3600
            path:     /
            domain:   ~

access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin, role: ROLE_ADMIN }

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_ADMIN

Does anybody know how to solve this.

Spoliation answered 27/12, 2011 at 21:19 Comment(0)

This was not working for me neither because i used 2 user providers: FOSUserBundle and FosFacebook.

The cookie was actually being set, but in TokenBasedRememberMeServices, processAutoLoginCookie i saw that the wrong provider was being used.

To fix it i had to specify in security.yml in remember_me section the provider i wanted to use.

firewalls:
    main:
        ...
        remember_me:
            secret:      "%secret%"
            lifetime: 2592000
            path:     /
            domain:   ~
            user_provider: fos_userbundle

Maybe this helps somebody else too.

Update: I've modified the response since in newer versions of Symfony, the "key" under remember_me is now called "secret".

Experimentalism answered 27/2, 2015 at 9:46 Comment(2)

Omg best answer ever !! Saved me tons of debugging <3 – Malvaceous 23/3, 2016 at 16:49

This should be the winner answer! – Dichroism 25/3, 2016 at 8:12

As "Adrian C" said, but with a little change which worked for me.

instead "key" i used "secret"

 firewalls:
     main:
         ...
         remember_me:
             secret:      "%secret%"
             lifetime: 2592000
             path:     /
             domain:   ~
             user_provider: fos_userbundle

Deck answered 25/3, 2016 at 23:20 Comment(1)

This should have been a comment... (or an update to the referred answer) – Shep 15/7, 2019 at 15:20

Remember me feature may not work if browser can't set cookies on your domain (localhost, for example). If this is a case, then setup your domain as a valid domain name (eg, dev.site.com). Also make sure you have cleared cache.

Flickinger answered 28/12, 2011 at 10:18 Comment(1)

Thanks for answer. I tried these possibilities, but then I figure out that problem is with logout:true in security.yml. I delete these line and then everything works fine. – Spoliation 28/12, 2011 at 19:17

It's working for me with session lifetime in add of security remenber_me configuration:

  framework:
    session:
        default_locale: %locale%
        auto_start:     true
        lifetime:       3600

Factorial answered 15/1, 2012 at 12:56 Comment(1)

Where should this section be added? security.yml, under ... what? – Mytilene 3/9, 2014 at 8:45

Recommended topics

Hot tags