[DX] Ability to authentication a User directly #13062
Conversation
Checks user preauth. Improve functional test.
b6d23f3 to
18c56b7
Compare
|
|
||
| <!-- Login Manager --> | ||
| <service id="security.login_manager" class="%security.login_manager.class%"> | ||
| <argument type="service" id="security.context" /> |
There was a problem hiding this comment.
Can you use the security.authorization_checker and security.token_storage instead? I don't think features should contain deprecated code. From 2.6 on, class names are no longer in parameters for newly added services.
|
Ref #3137 |
| throw new AuthenticationException("Unauthenticated token"); | ||
| } | ||
|
|
||
| $request = $this->requestStack->getMasterRequest(); |
There was a problem hiding this comment.
i would prefer making this service stateless and not inject the requestStack.
There was a problem hiding this comment.
Make this service stateless by passing request in loginUser method argument?
There was a problem hiding this comment.
yes, so the service doesnt dependend on the state of the application (requestStack)
There was a problem hiding this comment.
The whole security component currently depends on the Request(Stack). I don't think this will really matters for now, perhaps for future usage. But what if I want to login from a command? I'd have to fake a Request.
| @@ -47,6 +47,8 @@ | |||
| <parameter key="security.validator.user_password.class">Symfony\Component\Security\Core\Validator\Constraints\UserPasswordValidator</parameter> | |||
|
|
|||
| <parameter key="security.expression_language.class">Symfony\Component\Security\Core\Authorization\ExpressionLanguage</parameter> | |||
|
|
|||
| <parameter key="security.login_manager.class">Symfony\Component\Security\Http\Login\LoginManager</parameter> | |||
There was a problem hiding this comment.
don't use a parameter for the class
Simple usage example: