I'm trying to logout an user (session) when the Logout link is clicked. It seems to work when I pressed the Logout, but if I change the path, the user still alive and I don't know why.
Here's my Controller:
/**
* @Route("/logout", name="logout")
*/
public function logoutAction(Request $request)
{
$helper = $this->get('security.authentication_utils');
$this->container->get('security.token_storage')->setToken(null);
$this->get('session')->set('id', null);
$request->getSession()->invalidate();
$this->get('security.token_storage')->setToken(null);
return $this->render(
'login.html.twig',
array(
'last_username' => null,
'error' => null,
)
);
}
Here's my security.yml:
security:
# ...
main:
anonymous: ~
guard:
authenticators:
- app.form_login_authenticator
logout:
path: logout
target: logout
invalidate_session: true
Here's the routing.yml:
app:
resource: '@AppBundle/Controller/'
logout:
path: /logout
Remove the logoutAction and check if it works. This action is provided by Symfony itself. You should only set logout path in security.yml what you did.