在尝试将现有的 symfony 项目从 3.3.10 升级到应该是 LTS 的 3.4.x 时,我设法通过 composer 升级了组件。升级后一切正常,但单元测试显示弃用错误
Refreshing a deauthenticated user is deprecated as of 3.4 and will trigger a logout in 4.0: 77x
一些谷歌搜索将我指向可能显示更改的提交 https://github.com/showpad/Symfony-Security/pull/1/commits/3663bbec5fc60565de476fc180f85e1121339072
所以我尝试解决它,在挖掘代码后,我将一个新设置放入 security.xml
main:
+ logout_on_user_change: true
anonymous: ~
这解决了弃用警告,但完全破坏了使用自定义实体的身份验证,用户根本没有经过身份验证,并且日志显示错误:
[2017-12-07 15:48:24] security.DEBUG: Token was deauthenticated after trying to refresh it. {"username":"aaa","provider":"Symfony\\Bridge\\Doctrine\\Security\\User\\EntityUserProvider"} []
所以问题是“如何正确解决弃用问题”?