symfony

Archived

forked from https://github.com/symfony/symfony

This repository has been archived on 2023-08-20. You can view files and clone it, but cannot push or open issues or pull requests.

Go to file

Fabien Potencier 883899eb87 bug #40972 Avoid regenerating the remember me token if it is still fresh (Seldaek) This PR was merged into the 5.3-dev branch. Discussion ---------- Avoid regenerating the remember me token if it is still fresh \| Q \| A \| ------------- \| --- \| Branch? \| 5.x \| Bug fix? \| ~yes \| New feature? \| no? \| Deprecations? \| no \| Tickets \| Refs https://github.com/symfony/symfony/issues/40971 \| License \| MIT \| Doc PR \| <!-- required for new features --> Please see https://github.com/symfony/symfony/issues/40971 for more information about the context of this change. As it was discussed in https://github.com/symfony/symfony/issues/18384 - regenerating the remember me token/cookie is done to avoid old cookies being stolen and reused, this is a valid concern (although cookie theft is much harder these days with httpOnly and secure flags) and a good security practice, but if the token was refreshed very recently it seems a bit overkill to refresh it again, it leads to more DB writes, and for us who are trying to support concurrent re-authenticating requests it is causing further problems if every request triggers a new token update. I'd be happy to also update this in the old PersistentTokenBasedRememberMeServices if needed, but I find that it is perhaps better to just do this in the new auth system as it was until 5.3 considered experimental. Commits ------- `a942b5f684` Avoid regenerating the remember me token if it is still fresh		2021-05-07 08:38:01 +02:00
.github	minor #40928 [CI] Sort packages by length to match modified package better (Nyholm)	2021-04-27 16:46:31 +02:00
src/Symfony	bug #40972 Avoid regenerating the remember me token if it is still fresh (Seldaek)	2021-05-07 08:38:01 +02:00
.appveyor.yml	Merge branch '4.4' into 5.2	2021-02-16 11:13:48 +01:00
.editorconfig	Update .editorconfig	2018-09-06 16:22:56 +02:00
.gitattributes	[Runtime] a new component to decouple applications from global state	2021-03-09 21:44:54 +01:00
.gitignore	Run the phpunit-bridge from a PR	2019-08-02 17:46:19 +02:00
.php_cs.dist	Merge branch '5.1' into 5.2	2021-01-19 22:00:40 +01:00
.travis.yml	Merge branch '5.2' into 5.x	2021-05-01 16:00:17 +02:00
CHANGELOG-5.0.md	Merge branch '5.0' into 5.1	2020-06-15 13:50:15 +02:00
CHANGELOG-5.1.md	Update CHANGELOG for 5.1.10	2020-12-18 14:43:18 +01:00
CHANGELOG-5.2.md	Update CHANGELOG for 5.2.7	2021-05-01 16:53:01 +02:00
CHANGELOG-5.3.md	Update CHANGELOG for 5.3.0-BETA2	2021-05-01 16:58:15 +02:00
CODE_OF_CONDUCT.md	Added the Code of Conduct file	2018-10-10 03:13:30 -07:00
composer.json	[DependencyInjection] Add conflict rules for incompatible ext-psr versions	2021-04-19 22:21:11 +02:00
CONTRIBUTING.md	Mention the community review guide	2016-12-18 22:02:35 +01:00
CONTRIBUTORS.md	Update CONTRIBUTORS for 4.4.22	2021-05-01 16:38:47 +02:00
LICENSE	Bump license year	2021-01-01 10:24:35 +01:00
link	Added Translation Providers	2021-04-21 11:10:56 +02:00
phpunit	Merge branch '4.4' into 5.2	2021-02-11 09:21:20 +01:00
phpunit.xml.dist	Merge branch '4.4' into 5.1	2020-11-16 16:58:32 +01:00
psalm.xml	Adding a Github action to run Psalm	2021-02-25 17:18:18 +01:00
README.md	Update README.md	2021-04-04 16:42:37 +02:00
UPGRADE-5.0.md	Merge branch '4.4' into 5.1	2020-12-10 18:44:54 +01:00
UPGRADE-5.1.md	Update UPGRADE-5.1.md	2020-09-07 01:58:27 +02:00
UPGRADE-5.2.md	[HttpFoundation] Deprecate BinaryFileResponse::create().	2020-11-20 16:47:02 +01:00
UPGRADE-5.3.md	added missing `	2021-05-06 23:33:47 +02:00
UPGRADE-6.0.md	Added Translation Providers	2021-04-21 11:10:56 +02:00

README.md

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Symfony is used by thousands of web applications (including BlaBlaCar.com and Spotify.com) and most of the popular PHP projects (including Drupal and Magento).

Installation

Install Symfony with Composer (see requirements details).
Symfony follows the semantic versioning strictly, publishes "Long Term Support" (LTS) versions and has a release process that is predictable and business-friendly.

Documentation

Read the Getting Started guide if you are new to Symfony.
Try the Symfony Demo application to learn Symfony in practice.
Discover Symfony ecosystem in detail with Symfony The Fast Track.
Master Symfony with the Guides and Tutorials, the Components docs and the Best Practices reference.

Community

Join the Symfony Community and meet other members at the Symfony events.
Get Symfony support on Stack Overflow, Slack, IRC, etc.
Follow us on GitHub, Twitter and Facebook.
Read our Code of Conduct and meet the CARE Team.

Contributing

Symfony is an Open Source, community-driven project with thousands of contributors. Join them contributing code or contributing documentation.

Security Issues

If you discover a security vulnerability within Symfony, please follow our disclosure procedure.

About Us

Symfony development is sponsored by SensioLabs, led by the Symfony Core Team and supported by Symfony contributors.