diogo
/
symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

reject remember-me token if user check fails

This commit is contained in:
Kevin Bond 2017-10-12 09:07:31 -04:00
parent 5e0bb5f973
commit fe190b6ee9
No known key found for this signature in database
GPG Key ID: C5242A715A168E24
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/Symfony/Component/Security/Core/Authentication/Provider/RememberMeAuthenticationProvider.php
View File

@ -49,6 +49,7 @@ class RememberMeAuthenticationProvider implements AuthenticationProviderInterfac
$user = $token->getUser();
$this->userChecker->checkPreAuth($user);
$this->userChecker->checkPostAuth($user);
$authenticatedToken = new RememberMeToken($user, $this->providerKey, $this->key);
$authenticatedToken->setAttributes($token->getAttributes());