How should i fix it?

Good question by @wiistriker.
I think this is an issue and should be fixed to allow for persistent login after the user registers and/or a combined registration/login form.

I would gladly help if anyone has an idea on how to fix this now that the remember me services are private.

What is the best practice to set the remember me cookie manually?

@wiistriker I don't know how to fix it, otherwise it would already be in the bundle.

@schmittjoh do you have an idea ?

@stof take a look at https://github.com/symfony/symfony/blob/master/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php#L73
I am not sure, but maybe it will be helpfull

In http://symfony.com/doc/master/components/dependency_injection/advanced.html#aliasing part of docs:

You may sometimes want to use shortcuts to access some services. You can do so by aliasing them and, furthermore, you can even alias non-public services.

so in services.yml:

my.authentication.rememberme.services.simplehash:
        alias: security.authentication.rememberme.services.simplehash.main

and i can get this service and use it. Only problem that we should hardcode .main from our firewall.

Another thing that $rememberMeServices->loginSuccess method inside LoginManager check _remember_me parameter in request, so we need manually set it or use always_remember_me: true

ping @stof @schmittjoh ^^^ what do you think? maybe there is some way to create alias for services inside bundle's extension?

Any update about this?

@wiistriker: no it's not possible. it doesn't have access to the full container. It would have to be done in a compiler pass.

@jrobeson but it's work

which file? your services.yml? yes it would work there. I was referring to the extension.

@wiistriker: see this: http://symfony.com/doc/master/components/dependency_injection/compilation.html#managing-configuration-with-extensions

If you need to manipulate the configuration loaded by an extension then you cannot do it from another extension as it uses a fresh container. You should instead use a compiler pass which works with the full container after the extensions have been processed.

+1

The firewall name is already configured so using a CompilerPass to set the the correct Remember-me service would work right?

The only problem is that the service is always initialized (even when not needed), this can alternatively be solved with lazy loading. But I'm not sure if injecting really results in overhead, how many times is this service initialized?

From what I know the Service is only loaded when its dispatched, and that only happens on resetting and registering.

As a last possibility we can determine the remember-me service and change the public=false to true in a CompilerPass at least until or when lazy-loading is not possible.

Any thoughts on this??

up, because it's important to fix the problem :(

but if not possible. how it working in SonataAdminBundle login?

This issue relates to the LoginManager class used to log a user in manually.

SonataAdminBundle doesn't do anything in regards to authentication, it relies on a properly configured firewall to handle that.

No fix found ?

To be fair, I haven't spent time to find a fix yet (and nobody has found it annoying enough to contribute a fix)

At date always the bug ?

any workaround for this?

@stof what about sirian's fix ?

#2257