New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Document the logout_on_user_change option #8428

Closed
xabbuh opened this Issue Sep 26, 2017 · 5 comments

Comments

Projects
None yet
5 participants
@xabbuh
Copy link
Member

xabbuh commented Sep 26, 2017

@xabbuh xabbuh added this to the 3.4 milestone Sep 26, 2017

@stephanvierkant

This comment has been minimized.

Copy link

stephanvierkant commented Nov 7, 2017

Thanks for opening this issue. I agree this should be documented, since logout_on_user_change is true by default as of Symfony 4.0.

FOSUserBundle has a LastLoginListener that will change the user entity changes at every login and will cause a logout immediately. In my application there are some other attributes that can be changed, but that won't require the user to login again.

@JulienWszolek

This comment has been minimized.

Copy link

JulienWszolek commented Feb 6, 2018

No news about it?

@janmyszkier

This comment has been minimized.

Copy link

janmyszkier commented Mar 20, 2018

bumping this, what @stephanvierkant posted affects pretty much all apps that were working with FosUser before (which means a lot) with no docs posted on the matter.

it was mentioned in older symfony releases:
https://github.com/symfony/symfony/blob/v3.4.1/UPGRADE-3.4.md
but is not available on main 3.4 branch
https://github.com/symfony/symfony/blob/3.4/UPGRADE-3.4.md

I think it someone from Symfony devs should also create a PR to FosUser on how to work with this for the reason @stephanvierkant posted

@stephanvierkant

This comment has been minimized.

Copy link

stephanvierkant commented Mar 21, 2018

For the solution, see this answer: https://stackoverflow.com/questions/47675301/token-was-deauthenticated-after-trying-to-refresh-it/47676103#47676103. Short answer: implement the EquatableInterface.

FOSUserBundle hasn't implemented EquatableInterface in their model and I'm not sure if they're planning to (no PR's in that direction)

@javiereguiluz javiereguiluz added the hasPR label May 28, 2018

javiereguiluz added a commit that referenced this issue May 29, 2018

minor #9842 Documented the logout_on_user_change option (javiereguiluz)
This PR was squashed before being merged into the 3.4 branch (closes #9842).

Discussion
----------

Documented the logout_on_user_change option

This fixes #8428.

@iltar I need your help here. In your PR (https://github.com/symfony/symfony/pull/23882/files) you said:

```
This config item will trigger a logout when the user has changed.
```

I need more precision about what this means: *"the user has changed"*. What exactly has changed? The token, the object that represents the user, some property of the user, etc. Thanks!

Commits
-------

68664a5 Documented the logout_on_user_change option
@javiereguiluz

This comment has been minimized.

Copy link
Member

javiereguiluz commented May 29, 2018

Fixed by #9842.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment