From 11767f147af80c1cdfc3f828d554f2efd071379b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Simon=20K=C3=BChn?= <simon@kuehn.de>
Date: Thu, 7 May 2026 22:46:59 +0200
Subject: [PATCH] Always set remember-me cookie on login

Without always_remember_me: true, the RememberMeBadge was never
activated (Symfony default requires an explicit _remember_me field
in the request). Users were logged out after PHP session expiry
(~24min) instead of the intended 48h.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 config/packages/security.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 3099991..c0b9711 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -24,6 +24,7 @@ security:
             remember_me:
                 secret: '%kernel.secret%'
                 lifetime: 172800
+                always_remember_me: true
                 token_provider:
                     doctrine: true