Merge pull request FriendsOfSymfony#2269 from gondo/patch-5

XWB · web-flow · commit 09489b532791 · 2016-10-11T12:01:12.000+02:00
Considering users who disable CSRF protection for Symfony
diff --git a/Controller/SecurityController.php b/Controller/SecurityController.php
@@ -54,7 +54,9 @@ public function loginAction(Request $request)
         // last username entered by the user
         $lastUsername = (null === $session) ? '' : $session->get($lastUsernameKey);
 
-        $csrfToken = $this->get('security.csrf.token_manager')->getToken('authenticate')->getValue();
+        $csrfToken = $this->has('security.csrf.token_manager')
+            ? $this->get('security.csrf.token_manager')->getToken('authenticate')->getValue()
+            : null;
 
         return $this->renderLogin(array(
             'last_username' => $lastUsername,
