A few months ago we started a massive effort to improve the entire Symfony Security component and its integration with the rest of the Symfony framework. We're still working on the biggest changes, but we've already finished some smaller improvements.
The current LogoutListener can be used to run some logic after a user has
logged out of the application (e.g. to invalidate some tokens). Although it
contains some extension points, it's not very DX-friendly (DX = developer
experience) and it makes it impossible to do things like overwriting the
default logout functionality from a bundle.
In Symfony 5.1 we've improved this feature with the introduction of a new
LogoutEvent which replaces the existing LogoutSuccessHandlerInterface
and LogoutHandlerInterface.
The new logout event is dispatched on both the global and the firewall dispatcher
(whose name follows the pattern security.event_dispatcher.FIREWALLNAME).
For example, to register a listener for the logout event only on the main
firewall, use this config:
1 2 3 4 5 6 7 8
# config/services.yaml
services:
# ...
App\EventListener\MyCutomLogoutListener:
tags:
- name: 'kernel.event_listener'
event: 'Symfony\Component\Security\Http\Event\LogoutEvent'
dispatcher: security.event_dispatcher.mainThe Symfony object received
by the listener contains useful methods such as getToken() (to get the
security token of the session), getRequest() and setResponse().
great
That's nice but how can i prevent the redirect and get a json response after logout (API call)
And I get an error in UnitTest because of the Request autowire in the constructor of the extended class