Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to force user logout symfony2

I want to force a user to logout in symfony2 after checking that it has not enough capabilities for access into a specific secured area.

I've tried with :

$this->get('request')->getSession()->invalidate();

but it seems that something goes wrong, the user still logged in until I logged him out using /logout route.

I've to mention that I'm using KayueWordpressBundle to connect my symfony app with a wordpress based website to create a custom back office.

Here is my security.yml file

security:
firewalls:
    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false
    login_firewall:
        pattern:    ^/$
        anonymous:  ~
    secured_area:
        pattern:    ^/
        kayue_wordpress: ~
        form_login:
            check_path: /login_check
            login_path: /
        logout:
            path:   /logout
            target: /
access_control:
    - { path: ^/admin, roles: ROLE_ADMIN }

providers:
    wordpress:
        entity: { class: Kayue\WordpressBundle\Entity\User, property: username }

encoders:
    Kayue\WordpressBundle\Entity\User:
        id: kayue_wordpress.security.encoder.phpass

How can I do this please ?

Thank you

like image 692
Adil Ouchraa Avatar asked Nov 20 '13 11:11

Adil Ouchraa


1 Answers

You can force logout by calling setToken() with null, try something like this:

$this->container->get('security.context')->setToken(null);

It will destroy user token from the security context and kick the user out.


Also, please see this question for more details: Symfony2: how to log user out manually in controller?

like image 82
satdev86 Avatar answered Oct 08 '22 06:10

satdev86