[英]Symfony 2 does not delete remember-me cookie when logout
My goal is to do programmatically logout from controller. 我的目标是以编程方式从控制器注销。 I use this nice solution . 我用这个很好的解决方案 。 Everything works fine except that LONGSESS
(renamed REMEMBERME
) cookie not deleted. 除了没有删除LONGSESS
(重命名为REMEMBERME
)cookie之外,一切正常。 It deleted but not :) 它已删除但不是:)
Logout in controller code: 注销控制器代码:
$response = $this->redirectToRoute('homepage');
$response->headers->clearCookie('LONGSESS');
return $response;
So, call this action. 所以,请调用此操作。
Request headers for this action (as expected): 请求此操作的标头(按预期方式):
Cookie SESS=n4jbl1m61l6bceesbeusrbq044; LONGSESS=QXBwQnVuZGxlXEVudGl0eVxVc2VyOmRYTmxja0IxYzJWeUxtTnZiUT09OjE0NDgyMDMyMjQ6ZTFhNzBlNGEyMWM4NGM3N2UzYmI3ZmJiNWIzMGM5MDg2ZDAyOWY1ZGVhMWI4NTYyNGQ0OTJmNjVmNmRjOTY2NQ%3D%3D
Response headers to this action (as expected): 此操作的响应标头(按预期方式):
Set-Cookie:SESS=ai1gt79r49o184du3tknv7tdf6; path=/; domain=.myhost.local Set-Cookie:LONGSESS=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly Set-Cookie:SESS=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
Redirect headers (as expected): 重定向标头(按预期方式):
Location:/app_dev.php/
Next request headers to homepage (NOT as expected - LONGSESS
value is the same as previous request): 主页的下一个请求标头(不是预期的 - LONGSESS
值与先前的请求相同):
Cookie:LONGSESS=QXBwQnVuZGxlXEVudGl0eVxVc2VyOmRYTmxja0IxYzJWeUxtTnZiUT09OjE0NDgyMDMyMjQ6ZTFhNzBlNGEyMWM4NGM3N2UzYmI3ZmJiNWIzMGM5MDg2ZDAyOWY1ZGVhMWI4NTYyNGQ0OTJmNjVmNmRjOTY2NQ%3D%3D; SESS=ai1gt79r49o184du3tknv7tdf6
So user is not logged out. 所以用户没有注销。
How may it be? 怎么可能? LONGSESS
cookie set to deleted
, expired but next request has the same value? LONGSESS
cookie设置为deleted
,已过期,但下一个请求具有相同的值?
The solution is to set third argument domain
in clearCookie
method call. 解决方案是在clearCookie
方法调用中设置第三个参数domain
。 It have to be equals to domain in session settings: 它必须等于会话设置中的域:
framework:
session:
cookie_domain: YOUR-DOMAIN.COM
and 和
firewalls:
your_firewall:
remember_me:
domain: YOUR-DOMAIN.COM
So, the right way: 所以,正确的方法:
$response->headers->clearCookie('LONGSESS', '/', 'YOUR-DOMAIN.COM');
Have you tried: 你有没有尝试过:
$response->sendHeaders();
right after: 紧接着:
$response->headers->clearCookie('LONGSESS');
? ?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.