src/Platform/SecurityBundle/Service/Authenticator/LoginFormAuthenticator.php line 96

Open in your IDE?
  1. <?php
  3. namespace Platform\SecurityBundle\Service\Authenticator;
  5. use Doctrine\ORM\EntityManagerInterface;
  6. use Platform\SecurityBundle\Controller\LoginController;
  7. use Platform\SecurityBundle\Doctrine\Identity\AccountRepository;
  8. use Platform\SecurityBundle\Entity\Identity\Account;
  9. use Platform\SecurityBundle\Entity\Login\Attempt;
  10. use Symfony\Component\HttpFoundation\RedirectResponse;
  11. use Symfony\Component\HttpFoundation\Request;
  12. use Symfony\Component\HttpFoundation\Response;
  13. use Symfony\Component\Routing\RouterInterface;
  14. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  15. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  16. use Symfony\Component\Security\Core\Exception\UserNotFoundException;
  17. use Symfony\Component\Security\Core\Security;
  18. use Symfony\Component\Security\Http\Authenticator\AbstractLoginFormAuthenticator;
  19. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\CsrfTokenBadge;
  20. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  21. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
  22. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  23. use Symfony\Component\Security\Http\HttpUtils;
  24. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  25. use Exception;
  27. class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
  28. {
  29.     // TODO: redirecting still not works
  30.     use TargetPathTrait;
  32.     /**
  33.      * @var EntityManagerInterface
  34.      */
  35.     protected EntityManagerInterface $em;
  37.     /**
  38.      * @var RouterInterface
  39.      */
  40.     protected RouterInterface $router;
  42.     /**
  43.      * @var AccountRepository
  44.      */
  45.     protected AccountRepository $accountRepository;
  47.     /**
  48.      * @var HttpUtils
  49.      */
  50.     protected HttpUtils $httpUtils;
  52.     /**
  53.      * @param EntityManagerInterface $em
  54.      * @param RouterInterface $router
  55.      * @param HttpUtils $httpUtils
  56.      */
  57.     public function __construct(
  58.         EntityManagerInterface $em,
  59.         RouterInterface $router,
  60.         HttpUtils $httpUtils
  61.     )
  62.     {
  63.         $this->em $em;
  64.         $this->router $router;
  65.         $this->httpUtils $httpUtils;
  67.         /** @var AccountRepository $accountRepository */
  68.         $accountRepository $this->em->getRepository(Account::class);
  69.         $this->accountRepository $accountRepository;
  70.     }
  72.     /**
  73.      * @param Request $request
  74.      * @return string
  75.      */
  76.     protected function getLoginUrl(Request $request): string
  77.     {
  78.         return $this->router->generate(LoginController::ROUTES__SELECT);
  79.     }
  81.     /**
  82.      * @param Request $request
  83.      * @return Passport
  84.      */
  85.     public function authenticate(Request $request): Passport
  86.     {
  87.         $email trim($request->request->get('login')['username']);
  88.         $password trim($request->request->get('login')['password']);
  89.         $csrfToken trim($request->request->get('login')['_token']);
  91.         if (empty($email) || empty($password) || empty($csrfToken)) {
  92.             throw new AuthenticationException('Improper login.');
  93.         }
  95.         return new Passport(
  96.             new UserBadge($email, function (string $userIdentifier) {
  97.                 $account $this->accountRepository->findOneBy(['email' => $userIdentifier]);
  98.                 if ( ! $account instanceof Account) {
  99.                     throw new UserNotFoundException();
  100.                 }
  102.                 return $account;
  103.             }),
  104.             new PasswordCredentials($password),
  105.             [
  106.                 new CsrfTokenBadge('login'$csrfToken),
  107.             ]
  108.         );
  109.     }
  111.     public function onAuthenticationSuccess(Request $requestTokenInterface $tokenstring $firewallName): ?Response
  112.     {
  113.         /** @var Account $account */
  114.         $account = ($token->getUser() instanceof Account) ? $token->getUser() : null;
  115.         $this->logSuccessfulAttempt($account$request->getClientIp());
  117.         // TODO: redirecting still not works
  118.         /*
  119.         if ($target = $this->getTargetPath($request->getSession(), $firewallName)) {
  120.             return new RedirectResponse($target);
  121.         }
  122.         */
  124.         return null;
  125.     }
  127.     /**
  128.      * @param Request $request
  129.      * @param AuthenticationException $exception
  130.      * @return Response
  131.      * @throws Exception
  132.      */
  133.     public function onAuthenticationFailure(Request $requestAuthenticationException $exception): Response
  134.     {
  135.         $message = ( ! empty($exception->getMessage())) ? trim(substr($exception->getMessage(), 0250)) : null;
  136.         $this->logFailedAttempt($request->getClientIp(), $message);
  138.         $request->getSession()->set(Security::AUTHENTICATION_ERROR$exception);
  139.         return new RedirectResponse(
  140.             $this->router->generate(LoginController::ROUTES__SELECT)
  141.         );
  142.     }
  144.     /**
  145.      * @param Account $account
  146.      * @param string|null $ip
  147.      * @return void
  148.      * @throws Exception
  149.      */
  150.     private function logSuccessfulAttempt(Account $account, ?string $ip): void
  151.     {
  152.         $attempt = (new Attempt())
  153.             ->setAccount($account)
  154.             ->setRedirect(null)
  155.             ->setIp($ip)
  156.             ->setStatus(true)
  157.             ->setAuthType(Attempt::AUTH_TYPE__WEB)
  158.         ;
  159.         $this->em->persist($attempt);
  160.         $this->em->flush();
  161.     }
  163.     /**
  164.      * @param string|null $ip
  165.      * @param string|null $message
  166.      * @return void
  167.      * @throws Exception
  168.      */
  169.     private function logFailedAttempt(?string $ip, ?string $message): void
  170.     {
  171.         $attempt = (new Attempt())
  172.             ->setRedirect(null)
  173.             ->setIp($ip)
  174.             ->setStatus(false)
  175.             ->setAuthType(Attempt::AUTH_TYPE__WEB)
  176.         ;
  178.         if ( ! empty($message)) {
  179.             $attempt->setMessage($message);
  180.         }
  182.         $this->em->persist($attempt);
  183.         $this->em->flush();
  184.     }
  185. }