Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p><strong>Warning</strong>: Checking for <code>'IS_AUTHENTICATED_FULLY'</code> alone will return false if the user has logged in using "Remember me" functionality.</p> <p>According to Symfony 2 documentation, there are 3 possibilities:</p> <blockquote> <p><strong>IS_AUTHENTICATED_ANONYMOUSLY</strong> - automatically assigned to a user who is in a firewall protected part of the site but who has not actually logged in. This is only possible if anonymous access has been allowed.</p> <p><strong>IS_AUTHENTICATED_REMEMBERED</strong> - automatically assigned to a user who was authenticated via a remember me cookie.</p> <p><strong>IS_AUTHENTICATED_FULLY</strong> - automatically assigned to a user that has provided their login details during the current session.</p> </blockquote> <p>Those roles represent three levels of authentication:</p> <blockquote> <p>If you have the <code>IS_AUTHENTICATED_REMEMBERED</code> role, then you also have the <code>IS_AUTHENTICATED_ANONYMOUSLY</code> role. If you have the <code>IS_AUTHENTICATED_FULLY</code> role, then you also have the other two roles. In other words, these roles represent three levels of increasing "strength" of authentication.</p> </blockquote> <p>I ran into an issue where users of our system that had used "Remember Me" functionality were being treated as if they had not logged in at all on pages that only checked for <code>'IS_AUTHENTICATED_FULLY'</code>.</p> <p>The answer then is to require them to re-login if they are not authenticated fully, or to check for the remembered role:</p> <pre><code>$securityContext = $this-&gt;container-&gt;get('security.authorization_checker'); if ($securityContext-&gt;isGranted('IS_AUTHENTICATED_REMEMBERED')) { // authenticated REMEMBERED, FULLY will imply REMEMBERED (NON anonymous) } </code></pre> <p>Hopefully, this will save someone out there from making the same mistake I made. I used this very post as a reference when looking up how to check if someone was logged in or not on Symfony 2.</p> <p>Source: <a href="http://symfony.com/doc/2.3/cookbook/security/remember_me.html#forcing-the-user-to-re-authenticate-before-accessing-certain-resources" rel="noreferrer">http://symfony.com/doc/2.3/cookbook/security/remember_me.html#forcing-the-user-to-re-authenticate-before-accessing-certain-resources</a></p>
    singulars
    1. This table or related slice is empty.
    1. POHow to check if an user is logged in Symfony2 inside a controller?
      singulars
      1. PTQuestion
    1. PTAnswer
    1. USTomasz Madeyski
    1. USBryson
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. POHow to check if an user is logged in Symfony2 inside a controller?
      singulars
      1. PTQuestion
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    2. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    1. COActually, you could just use `$securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED')`, since the roles are hierarchical. So having `IS_AUTHENTICATED_FULLY` implies that the user also has `IS_AUTHENTICATED_REMEMBERED`.
      singulars
      1. PO
      1. UStheunraveler
    2. CONot true. IS_AUTHENTICATED_REMEMBERED returns true only when the user uses "Remember me" functionality. Having IS_AUTHENTICATED_FULLY does imply IS_AUTHENTICATED_REMEMBERED, but not the other way around.
      singulars
      1. PO
      1. USBryson
    3. CORight. If `IS_AUTHENTICATED_FULLY` also guarantees that a user has `IS_AUTHENTICATED_REMEMBERED`, then you only ever need to check for `IS_AUTHENTICATED_REMEMBERED`.
      singulars
      1. PO
      1. UStheunraveler
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload