I have create a manual in-code login method. The function at the page works.
The profiler says I am correctly authenticated.
But Symfony does not save the session / the login correct. If I visit a page they is only for ROLE_USER, I get the Full authentication is required to access this resource.
Message and the user in the previous login was not saved (Symfony use anonymous token).
Here my login action:
namespace ###HIDDEN###\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\EventDispatcher\EventDispatcher;
use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\User\User;
class AutoLoginController extends Controller
{
/**
* @Route("/auto-login")
*/
public function indexAction(Request $request)
{
if (!$this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
$user = new User("Marcel", null, array('ROLE_USER'));
$token = new UsernamePasswordToken($user, null, "main", $user->getRoles());
$this->get("security.token_storage")->setToken($token);
$event = new InteractiveLoginEvent($request, $token);
$this->get("event_dispatcher")->dispatch("security.interactive_login", $event);
return new Response("<body>Logging in!</body>");
}
return new Response("<body>You already logged in!</body>");
}
}
I am using Symfony 2.8 LTS version.