Symfony cant login without session.auto_start=1

  php, symfony

I have created an application with a login form.
I have followed these instructions: https://symfony.com/doc/current/security/form_login_setup.html

However, if I want to log in via a POST request, the POST does not work.
In the LoginFormAuthenticator the login token is not validated.

csrfTokenManager->isTokenValid($token)

I discovered that the user gets a session.

csrfTokenManager->isTokenValid($token)

now returns true

If I set session.auto_start= to 1 in the PHP.ini file session.auto_start= sessions are started.

But Symfony does not recommend session.auto_start=1. How can I solve this problem ?

Source: Ask PHP

LEAVE A COMMENT