Contributed by
Ryan Weaver
in #38177.
Login links, also called “magic links”, are a passwordless authentication mechanism. When a user wants to login in your application, a new link is generated and sent to them (e.g. using an email). The user only has to click on the link to fully authenticate in the application.
This authentication method is becoming increasingly popular because it helps companies eliminate most of the customer support related to authentication (e.g. I forgot my password, how can I change or reset my password, etc.) That’s why Symfony 5.2 adds support for login links.
Follow these steps to start using login links:
login_link
option to your firewall and configure the behavior of
this feature (the expiration time of links, how many times a link can be used,
the properties used to generate the hash of the URL, etc.)LoginLinkHandlerInterface
)
and send it to the user (e.g via email using the Notifier component).That’s all! We spent a lot of time designing this feature to balance the highest possible out-of-the-box security and the nicest user experience. Read the login link documentation to learn all about this feature.
What a Symfony developer should know about the framework: News, Jobs, Tweets, Events, Videos,...