Skip to content

[Security] Added a note regarding the loginUser() method #16071

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 22, 2022
Merged

[Security] Added a note regarding the loginUser() method #16071

merged 1 commit into from
Sep 22, 2022

Conversation

artyuum
Copy link
Contributor

@artyuum artyuum commented Nov 4, 2021

As @javiereguiluz stated, this method won't work for 100% of Symfony users. This is my case. I'm testing some protected API routes and the firewall is using a custom authenticator that relies on a custom header called "x-api-key". After spending hours trying to understand what I did wrong in my tests, I decided to dig into the code that defines the loginUser() method and noticed that it can only work with session-based authentication.

This little note could have saved me some time, so I believe it could help future users as well who are in the same case as me.

artyuum
artyuum commented Nov 4, 2021
View reviewed changes
Copy link
Contributor Author

@artyuum artyuum left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed typos

OskarStark
OskarStark reviewed Nov 28, 2021
View reviewed changes
OskarStark
OskarStark reviewed Nov 30, 2021
View reviewed changes
@artyuum artyuum requested a review from OskarStark March 8, 2022 06:57
@artyuum
Copy link
Contributor Author

artyuum commented Jul 13, 2022

One test failed but I don't think it's related to the changes brought by this PR.

HeahDude
HeahDude suggested changes Jul 16, 2022
View reviewed changes
@artyuum artyuum requested review from HeahDude and OskarStark and removed request for OskarStark and HeahDude August 29, 2022 18:13
@xabbuh xabbuh added this to the 5.4 milestone Sep 2, 2022
@javiereguiluz javiereguiluz changed the base branch from 5.3 to 5.4 September 22, 2022 13:10
@javiereguiluz javiereguiluz merged commit 4bd8406 into symfony:5.4 Sep 22, 2022
@javiereguiluz
Copy link
Member

Thanks @artyuum and I'm sorry it took us so long to merge this.

@artyuum
Copy link
Contributor Author

artyuum commented Sep 22, 2022

No problem, thank you all for reviewing and merging.

@artyuum artyuum deleted the patch-2 branch September 22, 2022 16:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@OskarStark OskarStark OskarStark left review comments

@xabbuh xabbuh xabbuh approved these changes

@HeahDude HeahDude Awaiting requested review from HeahDude

Assignees
No one assigned
Labels
Security Status: Reviewed
Projects
None yet
Milestone
5.4
Development

Successfully merging this pull request may close these issues.
6 participants
@artyuum @javiereguiluz @OskarStark @xabbuh @HeahDude @carsonbot