Manually Authenticate User In Symfony

Symfony - Manual User Authentication

use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;

// Manually authenticate user in controller
$token = new UsernamePasswordToken($user, null, 'main', $user->getRoles());
$this->get('security.token_storage')->setToken($token);
$this->get('session')->set('_security_main', serialize($token));

Thank you so much @azhararmar

You pointed me in the right direction. Thank you very much!

This is how I did it in my Symfony 5 service:

use Symfony\Component\HttpFoundation\Session\SessionInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;

// ....

    public function __construct(
        TokenStorageInterface $tokenStorage, SessionInterface $session
    ) {
        $this->tokenStorage = $tokenStorage;
        $this->session = $session;
    }

    public function login($username, $roles)
    {
            // ....

            $token = new UsernamePasswordToken($username, null, 'main', $roles);
            $this->tokenStorage->setToken($token);
            $this->session->set('_security_main', serialize($token));

            // ....
    }

thanks @ZaneCEO This kinda worked for me but I then got an error in the Controller the user was redirecto to that tried to get the user with

$this->security->getUser()

To get this to work I changed the code a bit and now it works fine for me :

if ($form->isSubmitted() && $form->isValid()) {

	        $user = $form->getData();
		$this->manager->persist($user);
		$this->manager->flush();

		$token = new PostAuthenticationToken(
			$user,
			'main', // firewall name in security.yaml
			$user->getRoles()
		);

		$this->tokenStorage->setToken($token);
		$this->session->set('_security_main', serialize($token));

		return $this->redirectToRoute('dashboard');

Symfony 5.3
PHP 8.0

In Symfony 5.3 SessionInterface is deprectaed, you can not inject it and should retrieve it from RequestStack

<?php

namespace App\Service\User;

use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\HttpFoundation\Session\SessionInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Core\User\UserInterface;

class Authenticate
{
    private SessionInterface $session;

    public function __construct(
        private TokenStorageInterface $tokenStorage,
        RequestStack $requestStack,
    ) {
        $this->session = $requestStack->getSession();
    }

    public function login(UserInterface $user, string $firewallName = 'main'): void
    {
        $token = new UsernamePasswordToken($user, null, $firewallName, $user->getRoles());
        $this->tokenStorage->setToken($token);
        $this->session->set('_security_main', serialize($token));
    }
}

As an alternative for 5.3, this is working too :

<?php

namespace App\Security;

use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Core\User\UserInterface;

class Authentication
{
    public function __construct(
        private AuthenticationManagerInterface $authenticationManager,
        private TokenStorageInterface $tokenStorage,
    )
    {
    }

    public function login(UserInterface $user): void
    {
        $token = new UsernamePasswordToken($user, null, 'firewallName', $user->getRoles());
        $authenticatedToken = $this->authenticationManager->authenticate($token);
        $this->tokenStorage->setToken($authenticatedToken);
    }
}