Symfony\Component\Security\Http\RememberMe\TokenBasedRememberMeServices
Concrete implementation of the RememberMeServicesInterface providing remember-me capabilities without requiring a TokenProvider.
- Author: Johannes M. Schmitt <schmittjoh@gmail.com>
Synopsis
class TokenBasedRememberMeServices
extends AbstractRememberMeServices
{
- // Inherited constants from AbstractRememberMeServices
- const COOKIE_DELIMITER = ':';
- // methods
- protected void processAutoLoginCookie()
- private Boolean compareHashes()
- protected void onLoginSuccess()
- protected string generateCookieValue()
- protected string generateCookieHash()
- // Inherited methods from AbstractRememberMeServices
- public void __construct()
- public string getRememberMeParameter()
- public void getKey()
- public final TokenInterface|null autoLogin()
- public void logout()
- public final void loginFail()
- public final void loginSuccess()
- protected abstract TokenInterface processAutoLoginCookie()
- protected void onLoginFail()
- protected abstract void onLoginSuccess()
- protected final void getUserProvider()
- protected array decodeCookie()
- protected string encodeCookie()
- protected void cancelCookie()
- protected Boolean isRememberMeRequested()
Hierarchy
Constants
Name | Value |
---|---|
COOKIE_DELIMITER | ':' |
COOKIE_ATTR_NAME | '_security_remember_me_cookie' |
Members
protected
- $logger
- $options
Methods
private
- compareHashes() — Compares two hashes using a constant-time algorithm to avoid (remote) timing attacks.
protected
- generateCookieHash() — Generates a hash for the cookie to ensure it is not being tempered with
- generateCookieValue() — Generates the cookie value.
- onLoginSuccess() — {@inheritDoc}
- processAutoLoginCookie() — {@inheritDoc}
Inherited from Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices
protected
- cancelCookie() — Deletes the remember-me cookie
- decodeCookie() — Decodes the raw cookie value
- encodeCookie() — Encodes the cookie parts
- getUserProvider()
- isRememberMeRequested() — Checks whether remember-me capabilities where requested
- onLoginFail()
- onLoginSuccess() — This is called after a user has been logged in successfully, and has requested remember-me capabilities. The implementation usually sets a cookie and possibly stores a persistent record of it.
- processAutoLoginCookie() — Subclasses should validate the cookie and do any additional processing that is required. This is called from autoLogin().
public
- autoLogin() — Implementation of RememberMeServicesInterface. Detects whether a remember-me cookie was set, decodes it, and hands it to subclasses for further processing.
- getKey()
- getRememberMeParameter() — Returns the parameter that is used for checking whether remember-me services have been requested.
- loginFail() — Implementation for RememberMeServicesInterface. Deletes the cookie when an attempted authentication fails.
- loginSuccess() — Implementation for RememberMeServicesInterface. This is called when an authentication is successful.
- logout() — Implementation for LogoutHandlerInterface. Deletes the cookie.