fix: allow unsecure authentication cookies in dev

2025-12-29 16:15:04 +00:00 · 2024-08-19 13:41:02 +02:00
parent c504902724
commit 102a0ba997
2 changed files with 4 additions and 1 deletions
--- a/config/services.yaml
+++ b/config/services.yaml
@@ -32,6 +32,8 @@ services:
            - '../src/DependencyInjection/'
            - '../src/Entity/'
            - '../src/Kernel.php'
+        bind:
+            $appEnv: '%kernel.environment%'

    # add more service definitions when explicit configuration is needed
    # please note that last definitions always *replace* previous ones
--- a/src/Security/JWTAuthenticator.php
+++ b/src/Security/JWTAuthenticator.php
@@ -21,6 +21,7 @@ class JWTAuthenticator implements AuthenticationSuccessHandlerInterface
    public function __construct(
        protected JWTTokenManagerInterface $jwtManager,
        protected EventDispatcherInterface $dispatcher,
+        private string $appEnv,
    ) {
    }

@@ -46,7 +47,7 @@ class JWTAuthenticator implements AuthenticationSuccessHandlerInterface
                time() + 604800, // expiration
                '/',
                null,
-                true,
+                'prod' === $this->appEnv,
                true,
                false,
                'strict'