[SOLVED] Symfony 2.5 with FosUserBundle: Add data to the global session after Login

Symfony 2.5 with FosUserBundle: Add data to the global session after Login

Our project uses the FOSUserBundle with Symfony 2.5. We need to add custom data to the user session after login, that resides in the database and is dynamic, but should be accessed in all templates and everywhere within the application.

I'm thinking about overriding the LoginManager.php class from /user-bundle/Security, but I'm also not entirely sure if that's the best possible option.

Looks like the logInUser() method is the place to add our custom change, given that it actually sets the token, but then again, if there's a smarter way to do that, I'll definitely go with it.

Solution

You can add a security interactive login listener, and in that listener you will have access to the login token that is stored in session. This token inherits Symfony\Component\Security\Core\Authentication\Token\AbstractToken so it has the methods "setAttribute($name, $value)" and "setAttributes(array $attributes)". Bassically whatever you set into this property with be stored in session alongside the user and the token.

Just be careful about the fact that this is serialized and make sure if you store objects to implement the serialize/unserialize method if needed in order to not have circular reference problems.

I recommended this approach because it seem to fit your requirements:

the token is already stored in session by symfony
the token is already accessible in any controller via the service "security.context" found in container,
the token is already accessible in twig using the code {{ app.security.getToken() }}

For more information on Authentication Events check the symfony cookbook: http://symfony.com/doc/current/components/security/authentication.html#authentication-events

Also you can use the following code as a guideline.

In services yml

security.interactive_login.listener:
        class: %security.interactive_login.listener.class%
        arguments: ['@security.context', '@session']
        tags:
            - { name: kernel.event_listener, event: security.interactive_login, method: onSecurityInteractiveLogin }

In your listener

use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;

class SecurityListener
{

   public function __construct(SecurityContextInterface $security, Session $session)
   {
      $this->security = $security;
      $this->session = $session;
   }

   public function onSecurityInteractiveLogin(InteractiveLoginEvent $event)
   {
        $token = $event->getAuthenticationToken();
        $token->setAttribute('key','some stuff i want later');
   }

}

Hope this helps,

Alexandru Cosoi