Rework sessions, remember cookies, and auth again

- Use Symfony's Session component to work with sessions, instead of a custom database model. Separate the concept of access tokens from sessions once again. - Extract common session/remember cookie logic into SessionAuthenticator and Rememberer classes. - Extract AuthenticateUserTrait into a new AuthenticationResponseFactory class. - Fix forgot password process.
2025-10-12 07:24:27 +02:00 · 2015-12-05 15:11:25 +10:30
parent 1d9e7b0262
commit 387109002e
34 changed files with 596 additions and 502 deletions
--- a/src/Http/Controller/ClientView.php
+++ b/src/Http/Controller/ClientView.php
@@ -343,7 +343,7 @@ class ClientView implements Renderable

        return [
            'userId' => $this->actor->id,
-            'csrfToken' => $session->csrf_token
+            'csrfToken' => $session->get('csrf_token')
        ];
    }
 }