consumeRememberMeCookie example

$this->locator = $rememberMeHandlerLocator;
        $this->requestStack = $requestStack;
    }

    public function createRememberMeCookie(UserInterface $user): void
    {
        $this->getForFirewall()->createRememberMeCookie($user);
    }

    public function consumeRememberMeCookie(RememberMeDetails $rememberMeDetails): UserInterface
    {
        return $this->getForFirewall()->consumeRememberMeCookie($rememberMeDetails);
    }

    public function clearRememberMeCookie(): void
    {
        $this->getForFirewall()->clearRememberMeCookie();
    }
}
public function consumeRememberMeCookie(RememberMeDetails $rememberMeDetails): UserInterface
    {
        try {
            $this->signatureHasher->acceptSignatureHash($rememberMeDetails->getUserIdentifier()$rememberMeDetails->getExpires()$rememberMeDetails->getValue());
        } catch (InvalidSignatureException $e) {
            throw new AuthenticationException('The cookie\'s hash is invalid.', 0, $e);
        } catch (ExpiredSignatureException $e) {
            throw new AuthenticationException('The cookie has expired.', 0, $e);
        }

        return parent::consumeRememberMeCookie($rememberMeDetails);
    }

    public function processRememberMe(RememberMeDetails $rememberMeDetails, UserInterface $user): void
    {
        try {
            $this->signatureHasher->verifySignatureHash($user$rememberMeDetails->getExpires()$rememberMeDetails->getValue());
        } catch (InvalidSignatureException $e) {
            throw new AuthenticationException('The cookie\'s hash is invalid.', 0, $e);
        } catch (ExpiredSignatureException $e) {
            throw new AuthenticationException('The cookie has expired.', 0, $e);
        }

        
        return null;
    }

    public function authenticate(Request $request): Passport
    {
        if (!$rawCookie = $request->cookies->get($this->cookieName)) {
            throw new \LogicException('No remember-me cookie is found.');
        }

        $rememberMeCookie = RememberMeDetails::fromRawCookie($rawCookie);

        $userBadge = new UserBadge($rememberMeCookie->getUserIdentifier()fn () => $this->rememberMeHandler->consumeRememberMeCookie($rememberMeCookie));

        return new SelfValidatingPassport($userBadge);
    }

    public function createToken(Passport $passport, string $firewallName): TokenInterface
    {
        return new RememberMeToken($passport->getUser()$firewallName$this->secret);
    }

    public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
    {
        
$cookie = $this->request->attributes->get(ResponseListener::COOKIE_ATTR_NAME);
        $this->assertNull($cookie->getValue());
    }

    public function testConsumeRememberMeCookieValid()
    {
        $user = new InMemoryUser('wouter', null);
        $signature = $this->signatureHasher->computeSignatureHash($user$expire = time() + 3600);
        $this->userProvider->createUser(new InMemoryUser('wouter', null));

        $rememberMeDetails = new RememberMeDetails(InMemoryUser::class, 'wouter', $expire$signature);
        $this->handler->consumeRememberMeCookie($rememberMeDetails);

        $this->assertTrue($this->request->attributes->has(ResponseListener::COOKIE_ATTR_NAME));

        /** @var Cookie $cookie */
        $cookie = $this->request->attributes->get(ResponseListener::COOKIE_ATTR_NAME);
        $this->assertNotEquals((new RememberMeDetails(InMemoryUser::class, 'wouter', $expire$signature))->toString()$cookie->getValue());
    }

    public function testConsumeRememberMeCookieInvalidHash()
    {
        $this->expectException(AuthenticationException::class);
        
public function testConsumeRememberMeCookieValid()
    {
        $this->tokenProvider->expects($this->any())
            ->method('loadTokenBySeries')
            ->with('series1')
            ->willReturn(new PersistentToken(InMemoryUser::class, 'wouter', 'series1', 'tokenvalue', new \DateTimeImmutable('-10 min')))
        ;

        $this->tokenProvider->expects($this->once())->method('updateToken')->with('series1');

        $rememberMeDetails = new RememberMeDetails(InMemoryUser::class, 'wouter', 360, 'series1:tokenvalue');
        $this->handler->consumeRememberMeCookie($rememberMeDetails);

        // assert that the cookie has been updated with a new base64 encoded token value         $this->assertTrue($this->request->attributes->has(ResponseListener::COOKIE_ATTR_NAME));

        /** @var Cookie $cookie */
        $cookie = $this->request->attributes->get(ResponseListener::COOKIE_ATTR_NAME);
        $rememberParts = explode(':', $rememberMeDetails->toString(), 4);
        $cookieParts = explode(':', $cookie->getValue(), 4);

        $this->assertSame($rememberParts[0]$cookieParts[0]); // class         $this->assertSame($rememberParts[1]$cookieParts[1]); // identifier

        $this->handler = $handler;
    }

    public function createRememberMeCookie(UserInterface $user): void
    {
        $this->handler->createRememberMeCookie($user);
    }

    public function consumeRememberMeCookie(RememberMeDetails $rememberMeDetails): UserInterface
    {
        return $this->handler->consumeRememberMeCookie($rememberMeDetails);
    }

    public function clearRememberMeCookie(): void
    {
        $this->handler->clearRememberMeCookie();
    }
}
 else {
            $isTokenValid = hash_equals($persistentToken->getTokenValue()$tokenValue);
        }
        if (!$isTokenValid) {
            throw new CookieTheftException('This token was already used. The account is possibly compromised.');
        }

        if ($persistentToken->getLastUsed()->getTimestamp() + $this->options['lifetime'] < time()) {
            throw new AuthenticationException('The cookie has expired.');
        }

        return parent::consumeRememberMeCookie($rememberMeDetails->withValue($persistentToken->getLastUsed()->getTimestamp().':'.$rememberMeDetails->getValue().':'.$persistentToken->getClass()));
    }

    public function processRememberMe(RememberMeDetails $rememberMeDetails, UserInterface $user): void
    {
        [$lastUsed$series$tokenValue$class] = explode(':', $rememberMeDetails->getValue(), 4);
        $persistentToken = new PersistentToken($class$rememberMeDetails->getUserIdentifier()$series$tokenValuenew \DateTimeImmutable('@'.$lastUsed));

        // if a token was regenerated less than a minute ago, there is no need to regenerate it         // if multiple concurrent requests reauthenticate a user we do not want to update the token several times         if ($persistentToken->getLastUsed()->getTimestamp() + 60 >= time()) {
            return;
        }
Home | Imprint | This part of the site doesn't use cookies.