Symfony2 renew Session and store value

0
votes

My Users can change their passwords on a form. If this the form is valid I encode it, invalidate the session by using

$this->get('security.context')->setToken(null);
$this->getSession()->invalidate();

...flush the user to the database and do a redirect (to the same url).

Beside this I have a mechanism to store some information in the session before forwarding and showing this data in the 'forwarded' template.

Both work well on their own, but not together :-)

I can see, that the value is written (after invalidating the session) and I believe, that symfony instantiates a new session.

I just don't know, what happens after that. Maybe symfony is doing 'some magic', because it 'injects' the login-page before show the redirected url.

1
sessionsymfonyloginstoreinvalidation
Maybe you need to be logged in to view the redirected URL ? I guess you need to, because it's a page to edit user's informations.Gmajoulet
Yes, of course I have to. I always redirect to the same page in this dialog. Only difference after changing the pw is, that I invalidate the session, so the login page is 'injected' in the workflow. In this case, my infos are not shown, the text is written to the session, but the session seems to change (a 2nd time).Sammy

1 Answers

0
votes

I don't really understand what you're trying to do, and why you're invalidating the session, but your User need to be logged in to see the redirected URL. Your code logs him out.

You can log a user by doing so :

use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;

$authToken = new UsernamePasswordToken($user, null, 'secured_area', array('ROLE_USER'));
$this->get('security.context')->setToken($authToken);

The third parameter is the providerKey, and the fourth is a roles array.