|
|
@@ -16,6 +16,7 @@ use Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface;
|
|
|
use Symfony\Component\Security\Core\SecurityContextInterface;
|
|
|
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
|
|
|
use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
|
|
|
+use Symfony\Component\Security\Core\Exception\AccountStatusException;
|
|
|
use Symfony\Component\Security\Core\Exception\AuthenticationException;
|
|
|
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
|
|
|
use Symfony\Component\Security\Core\Exception\InsufficientAuthenticationException;
|
|
|
@@ -158,7 +159,15 @@ class ExceptionListener
|
|
|
|
|
|
$this->setTargetPath($request);
|
|
|
|
|
|
- return $this->authenticationEntryPoint->start($request, $authException);
|
|
|
+ $response = $this->authenticationEntryPoint->start($request, $authException);
|
|
|
+
|
|
|
+ if ($authException instanceof AccountStatusException && $response instanceof Response) {
|
|
|
+ // clear the session cookie to prevent infinite redirect loops
|
|
|
+ $cookieParams = session_get_cookie_params();
|
|
|
+ $response->headers->clearCookie(session_name(), $cookieParams['path'], $cookieParams['domain']);
|
|
|
+ }
|
|
|
+
|
|
|
+ return $response;
|
|
|
}
|
|
|
|
|
|
protected function setTargetPath(Request $request)
|
H. Westphal