You can add a security interactive login listener, and in that listener you will have access to the login token that is stored in session. This token inherits Symfony\Component\Security\Core\Authentication\Token\AbstractToken so it has the methods "setAttribute($name, $value)" and "setAttributes(array $attributes)". Bassically whatever you set into this property with be stored in session alongside the user and the token.
Just be careful about the fact that this is serialized and make sure if you store objects to implement the serialize/unserialize method if needed in order to not have circular reference problems.
I recommended this approach because it seem to fit your requirements:
- the token is already stored in session by symfony
- the token is already accessible in any controller via the service "security.context" found in container,
- the token is already accessible in twig using the code {{ app.security.getToken() }}
For more information on Authentication Events check the symfony cookbook:
http://symfony.com/doc/current/components/security/authentication.html#authentication-events
Also you can use the following code as a guideline.
In services yml
security.interactive_login.listener:
class: %security.interactive_login.listener.class%
arguments: ['@security.context', '@session']
tags:
- { name: kernel.event_listener, event: security.interactive_login, method: onSecurityInteractiveLogin }
In your listener
use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
class SecurityListener
{
public function __construct(SecurityContextInterface $security, Session $session)
{
$this->security = $security;
$this->session = $session;
}
public function onSecurityInteractiveLogin(InteractiveLoginEvent $event)
{
$token = $event->getAuthenticationToken();
$token->setAttribute('key','some stuff i want later');
}
}
Hope this helps,
Alexandru Cosoi
