diff options
| author | Ryan Weaver <ryan@thatsquality.com> | 2015-09-20 20:11:34 -0400 |
|---|---|---|
| committer | Ryan Weaver <ryan@thatsquality.com> | 2015-09-20 20:11:34 -0400 |
| commit | 1aa1d1b25ee51760e703df10ca383cd3a6e957e4 (patch) | |
| tree | 6c70c9674aabd02bf7f61bcd68de6aca945670f5 /Guard/GuardAuthenticatorHandler.php | |
| parent | 9143527a73e82b6335761a1dda73eb2c2d240269 (diff) | |
| download | symfony-security-1aa1d1b25ee51760e703df10ca383cd3a6e957e4.zip symfony-security-1aa1d1b25ee51760e703df10ca383cd3a6e957e4.tar.gz symfony-security-1aa1d1b25ee51760e703df10ca383cd3a6e957e4.tar.bz2 | |
Fixing a bug where having an authentication failure would log you out.
This solution is a copy of what AbstractAuthenticationListener does. Scenario:
1) Login
2) Go back to the log in page
3) Put in a bad user/pass
You *should* still be logged in after a failed attempt. This commit gives that behavior.
Diffstat (limited to 'Guard/GuardAuthenticatorHandler.php')
| -rw-r--r-- | Guard/GuardAuthenticatorHandler.php | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/Guard/GuardAuthenticatorHandler.php b/Guard/GuardAuthenticatorHandler.php index c588d68..5c6451e 100644 --- a/Guard/GuardAuthenticatorHandler.php +++ b/Guard/GuardAuthenticatorHandler.php @@ -18,6 +18,7 @@ use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInt use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\User\UserInterface; +use Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken; use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; use Symfony\Component\Security\Http\SecurityEvents; @@ -112,12 +113,16 @@ class GuardAuthenticatorHandler * @param AuthenticationException $authenticationException * @param Request $request * @param GuardAuthenticatorInterface $guardAuthenticator + * @param string $providerKey The key of the firewall * * @return null|Response */ - public function handleAuthenticationFailure(AuthenticationException $authenticationException, Request $request, GuardAuthenticatorInterface $guardAuthenticator) + public function handleAuthenticationFailure(AuthenticationException $authenticationException, Request $request, GuardAuthenticatorInterface $guardAuthenticator, $providerKey) { - $this->tokenStorage->setToken(null); + $token = $this->tokenStorage->getToken(); + if ($token instanceof PostAuthenticationGuardToken && $providerKey === $token->getProviderKey()) { + $this->tokenStorage->setToken(null); + } $response = $guardAuthenticator->onAuthenticationFailure($request, $authenticationException); if ($response instanceof Response || null === $response) { |