Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexander2015-03-31 19:47:21
symfony
Alexander, 2015-03-31 19:47:21

How to make authorization on no more than one device in Symfony 2?

How to make authorization on only one device in Symfony 2? When a user logs in from one computer, they must be logged out on other computers. What is the best way to do this?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
S
Sergey, 2015-03-31
Protko @Fesor

symfony.com/doc/current/components/http_foundation...
Well, either remember the token issued during authorization and check if the token stored in the session matches the one you remember.

Report
A
Alexander, 2015-06-15
@CooperIII

I'll answer my own question. Here is my solution.
Create the EventListener.php file

namespace project\UserBundle\EventListener;

use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\HttpFoundation\Cookie;
use Symfony\Component\HttpFoundation\Response;

class UserListener {

    protected $container;

    public function __construct($container = null) {
        if (!is_null($container)) {
            $this->container = $container;
        }
    }

    public function onAuthenticationSuccess() {
        $user = $this->container->get('security.token_storage')->getToken()->getUser();
        $x = md5(rand(0, 1000));
        $user->setToken($x);
        $em = $this->container->get('doctrine')->getManager();
        $em->persist($user);
        $em->flush();
        $cookie = new Cookie('_token', $x, time() + 3600 * 24 * 7);
        $response = new Response();
        $response->headers->setCookie($cookie);
        $response->send();
    }

    public function onKernelRequest(GetResponseEvent $event) {
        $user = $this->container->get('security.token_storage')->getToken()->getUser();
        if (!is_object($user)) {
            return;
        }
        $x = $user->getToken();
        $request = $this->container->get('request_stack')->getCurrentRequest();
        $cookies = $request->cookies->all();
        if (!isset($cookies['_token']) || $cookies['_token'] !== $x) {
            $this->container->get('request')->getSession()->invalidate();
            $this->container->get('security.context')->setToken(null);
            $event->setResponse($this->container->get('templating')->renderResponse('UserBundle:Login:login2.html.twig', array(), null));
        }
    }
}

At each entry, we write a unique token to the USER table and exactly the same token in cookies. And then in onKernelRequest() we check if the cookie matches the data from the table. If not, then a debugging occurs.

Similar questions
C
Celsius2018-08-02 18:30:16
How to send a Swift_Mailer email from a service? 1Reply
N
Nikita Roschenko2016-03-15 16:31:46
What is the best way to store MySQL, Postrgresql or Mongo logs? 4Reply
B
BonBon Slick2018-08-08 23:14:00
How to autocomplete in a form? 1Reply
G
Garegin Kazaryan2016-03-21 22:13:41
How to transfer a small project (PHP, MySql, CSS, HTML, JS - without third-party libraries) to the Symfony 3 framework? 1Reply
V
Vladimir Krylov2016-03-22 18:54:42
How to run symfony after cache:clear? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question