How I can authentication in Symfony2 without cookies in a brouser? How can generate some like this http://some.site/hello/roman?PHPSESSID=9ebca8bd62c830d3e79272b4f585ff8f or this http://some.site/9ebca8bd62c830d3e79272b4f585ff8f/hello/roman or some other url that was always available sessionid parameter. Thank you for any help.
Asked
Active
Viewed 1,065 times
-2
-
are you really SURE you want to authenticate with the session-id in the url? This is the worst thing to security ever. Never use this without https and you should better go for standard http authentication if you want simple url authentication. I'm really not sure which client device you are targeting that would not accept cookies ... What's the purpose of this? please describe ... – Nicolai Fröhlich Jul 07 '13 at 17:27
-
@nifr, I understand all the risks. But the task was posed by customers. And need out of the situation. – r0ma Jul 08 '13 at 11:18
1 Answers
0
You have to to two things. First you must extend the session storage to get the session from the query param.
namespace Elao\BackBundle\Session;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\Session\Storage\NativeFileSessionStorage;
class Storage extends NativeSessionStorage
{
public function __construct($savePath = null, array $options = array(), ContainerInterface $container)
{
$request = $container->get('request');
if ($request->query->has('sessionId')) {
$request->cookies->set(session_name(), 1); // We have to simulate this cookie, in order to bypass the "hasPreviousSession" security check
session_id($request->query->get('sessionId'));
}
return parent::__construct($savePath, $options);
}
}
Source: http://www.elao.com/blog/symfony-2/symfony-2-loading-session-from-query-param.html
The next point, should be replacing the UrlGenerator to generate every url with the session id param. A example to do this, can be found in this answer.
But as nifr in the comment said, it's not a very clean requirement.
Community
- 1
- 1
Emii Khaos
- 9,983
- 3
- 34
- 57