Explained the "Remember Me" firewall options #5021
Conversation
| @@ -8,10 +8,7 @@ Once a user is authenticated, their credentials are typically stored in the | |||
| session. This means that when the session ends they will be logged out and | |||
| have to provide their login details again next time they wish to access the | |||
| application. You can allow users to choose to stay logged in for longer than | |||
| the session lasts using a cookie with the ``remember_me`` firewall option. | |||
| The firewall needs to have a secret key configured, which is used to encrypt | |||
There was a problem hiding this comment.
this is somewhat important no?
There was a problem hiding this comment.
Thanks for reporting this error. I totally forgot to add the key option to the list. I've added it in 7e45958
|
|
||
| ``httponly`` | ||
| (default value: ``true``) If ``true``, the cookie associated with this | ||
| feature is sent to the user exclusively through an HTTP non-secure connection. |
There was a problem hiding this comment.
This explanation looks wrong to me. httponly refers to the httponly flag of cookies, which are telling the browser that the cookie should be transmitted for HTTP requests but that it should not be exposed to client-side code.
There was a problem hiding this comment.
You are right. I've just fixed the description of this option. Thanks.
| The ``remember_me`` firewall defines the following configuration options: | ||
|
|
||
| ``key`` | ||
| (default value: ``null``) The value used to encrypt the cookie's content. |
There was a problem hiding this comment.
Just wondering if it were more readable to move the default value on the same line as the key being described.
There was a problem hiding this comment.
Very nice suggestion! Indeed that would be much better. Done here: 63890b1 Thanks!
|
👍 |
…iluz) This PR was merged into the 2.3 branch. Discussion ---------- Explained the "Remember Me" firewall options | Q | A | ------------- | --- | Doc fix? | no | New docs? | yes | Applies to | 2.3+ | Fixed tickets | #4193 This PR started just for adding a note about setting different cookie names for the "Remember Me" feature when using multiple firewalls ... but then I realized that the options of this important firewall weren't explained. Commits ------- 63890b1 Put the default value alongside the name of the option to improve readability aa91c37 Fixed a wrong explanation of the "httponly" option 7e45958 Added the (important) missing "key" option 91172bc Explained the "Remember Me" firewall options
|
Merged and issue closed :) |
This PR started just for adding a note about setting different cookie names for the "Remember Me" feature when using multiple firewalls ... but then I realized that the options of this important firewall weren't explained.