K
K
Kripto772019-09-25 10:11:22
symfony
Kripto77, 2019-09-25 10:11:22

How to force logout of a user by ID in Symfony 4.3?

The administrator needs to periodically change user roles. The problem is that the current user roles are cached when logging in. And changing roles in the database does not change the real access rights in the IS_GRANTED methods (in annotations, twig, etc.) Can you tell me
how to forcibly log out the desired user by ID ?
Thanks in advance

Answer the question

In order to leave comments, you need to log in

1 answer(s)
M
Mikhail Rybalka, 2019-09-25
@Kripto77

Symfony has an EquatableInterface for this purpose. Every time you load a cached user from a token, if your User class implements EquatableInterface, a check is started to match the saved user in the token with the data received from the provider. If the data does not match, the authorization token is revoked.
Simply put, in your case, implement EquatableInterface in the User class and add a check for matching roles to isEqualTo ().

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question