Symfony 4 how to close user session?

V

Vanya Samoilov2020-01-16 20:58:18

symfony

Vanya Samoilov, 2020-01-16 20:58:18

Hello!
I can not programmatically close the session to the user. This is needed if the password or "lock" has been changed.
Tried it like this
$this->tokenStorage->setToken(null);
(nothing happens)
and so
$request->getSession()->invalidate(1);
(Writes that the active session cannot be changed)
and even so
SecurityController::logout();
(throws an exception)
I also tried to transfer the session storage to the database and delete them from there. New ones just appear.
I understand what it looks like, I check somewhere between "verified successfully" and recording sessions and it just records new ones. Where is the right place to put these checks so that I can do a software logout?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

Dmitriy Mamontov, 2020-01-24
@e_coder

Can it be like this

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;


private function closeCurrentSession(TokenStorageInterface $tokenStorage, Request $request)
{
        $token = new AnonymousToken('default', 'anon.');
        $tokenStorage->setToken($token);
        $request->getSession()->invalidate();
        throw new AccessDeniedException();
}