How to refresh the symfony REMEMBERME cookie

  symfony

We have an Symfony Application running together with a Legacy application. The login part of the application is done by Symfony, this sets the sessions and remembermy cookie for Symfony. Also I hooked in to this to set sessions and cookies for the Legacy part of the application.

When the session is expired and I access a Legacy page in the application, this will "login" through the cookie and reset the rememberme cookie expire time. However, the Symfony cookie is not updated and eventually it expires while the Legacy cookie is not expired.

How can I update / refresh the Symfony rememberme cookie when I also update the legacy cookie?

Source: Symfony Questions

One Reply to “How to refresh the symfony REMEMBERME cookie”

  • You can set a eventlistener on authentication success (https://symfony.com/doc/5.2/components/security/authentication.html#authentication-events). Use the kernel to get the request and te current cookie. Reset the cookie with default setcookie() function of PHP.

    “`
    public function onSecurityAuthenticationSuccess(AuthenticationSuccessEvent $event)
    {

    // Check if authentication token a RememberMeToken.
    if ($event->getAuthenticationToken() instanceof RememberMeToken) {

    // Authentication with RememberMeToken. Renew the Symfony REMEMBERME cookie and
    $cookies = $this->kernel->getContainer()->get(‘request_stack’)->getCurrentRequest()->cookies;
    $rememberMe = $cookies->get(‘REMEMBERME’);

    if (!is_null($rememberMe)) {

    setcookie(‘REMEMBERME’, $rememberMe, time() + 86400, ‘/; samesite=Lax’, ”, true, true);

    }
    }
    }
    “`

LEAVE A COMMENT