Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feature #40145 [Security] Rework the remember me system (wouterj)
This PR was squashed before being merged into the 5.3-dev branch. Discussion ---------- [Security] Rework the remember me system | Q | A | ------------- | --- | Branch? | 5.x | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | Fixes part of #39308 | License | MIT | Doc PR | tbd As I said in #39308, I want to change the remember me system in Symfony 5.3. The remember me system has a couple big "problems": 1. **It's hardwired into some Security classes** like `ContextListener`. The `RememberMeFactory` adds a `setRememberMe()` method call to the DI config and the context listener calls methods on this. This is very coupled, instead of the decoupled nature of the rest of security. 2. **Conditional conditions are combined with cookie creation in one class**. This is especially hard in e.g. 2FA (where setting the cookie should be done after 2FA is completed, which is currently near impossible as it's directly bound to the conditional of being called after logging in). The changes --- * The first commits harden the current functional test suite of remember me, to avoid breaking it. * I discovered a lot of similarity between remember me tokens and login links. That's why I've extracted the shared logic into a generic `SignatureHasher` in the 3rd commit. * I then remodelled `RememberMeAuthenticator` to the login link system, which I think improves a lot and at least improves problem (2) - as the conditionals (`RememberMeAuthenticator`) is split from the cookie creation (`RememberMeHandlerInterface`). * Finally, I added a new event (`TokenDeauthenticatedEvent`) to the `ContextListener` to avoid direct coupling - solving problem (1). This removes any usage of remember me services, which can be deprecated along with the rest of the security system. Usage --- As with the authenticator manager: **Nothing changes in the configuration** Usage of persistent token providers has been improved. First, configuration is provided (setting up services is no longer needed): ```yaml # before services: Symfony\Bridge\Doctrine\Security\RememberMe\DoctrineTokenProvider: autowire: true security: firewalls: main: remember_me: # ... token_provider: 'Symfony\Bridge\Doctrine\Security\RememberMe\DoctrineTokenProvider' # after security: firewalls: main: remember_me: # ... token_provider: doctrine: true ``` Furthermore, a schema listener is created. Whenever the doctrine token provider is used, `make:migration`/`doctrine:schema:update` will automatically create the required table. Some advanced usage of Remember me is also improved a lot (there is no real "before" here, consider looking at scheb/2fa to get an idea of the before). A few use-cases I took into account: * If you ever need to **programmatically create a remember me cookie**, you can autowire `RememberMeHandlerInterface` and use `createRememberMeCookie($user)`. This will make sure the remember me cookie is set on the final response (using the `ResponseListener`) * The `RememberMeListener` previously was responsible for both determining if a cookie must be set and setting the cookie. This is now split in 2 listeners (checking is done by `RememberMeConditionsListener`). If `RememberMeBadge` is enabled, the cookie is set and otherwise it isn't. This allows e.g. SchebTwoFactorBundle to create a listener that catches whether remember me was requested, but suppress it until the 2nd factor is completed. Todo --- * [x] Update UPGRADE and CHANGELOG * [x] Show before/after examples * [x] Investigate the conditional event registering of `ContextListener`. This forces to inject both the firewall and the global event dispatcher at the moment. * Make sure old remember me tokens still function. As remember me tokens are long lived, we may need to provide backwards compatibility for at least Symfony 6.x. **Update: it was decided to not include this for now: #40145 (comment) cc `@scheb` `@weaverryan` as you both initiated this PR by sharing the problems with the current design. Commits ------- 1567041 [Security] Rework the remember me system
- Loading branch information