Laclic
/
SovBundle
Слідкувати 3
В обрані 0
Форк 0
Код Проблеми 1 Запити на злиття 0 Релізи 2 Вікі Активність
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
247 Коміти
9 Гілки
Дерево: b22e1ad412
Гілки Теги
${ item.name }
Створити гілку ${ searchTerm }
з 'b22e1ad412'
${ noResults }
SovBundle/Authenticator/LoginFormAuthenticator.php

140 lines
4.9KB
Неформатований Blame Історія 

  1. <?php

  2. 

  3. namespace Lc\SovBundle\Authenticator;

  4. 

  5. use Lc\SovBundle\Model\User\UserInterface;

  6. use Lc\SovBundle\Doctrine\EntityManager;

  7. use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;

  8. use Symfony\Component\HttpFoundation\RedirectResponse;

  9. use Symfony\Component\HttpFoundation\Request;

  10. use Symfony\Component\Security\Core\User\UserInterface as SfUserInterface;

  11. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;

  12. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;

  13. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;

  14. use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;

  15. use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException;

  16. use Symfony\Component\Security\Core\Security;

  17. use Symfony\Component\Security\Core\User\UserProviderInterface;

  18. use Symfony\Component\Security\Csrf\CsrfToken;

  19. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;

  20. use Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator;

  21. use Symfony\Component\Security\Guard\PasswordAuthenticatedInterface;

  22. use Symfony\Component\Security\Http\Util\TargetPathTrait;

  23. 

  24. class LoginFormAuthenticator extends AbstractFormLoginAuthenticator implements PasswordAuthenticatedInterface

  25. {

  26.     use TargetPathTrait;

  27. 

  28.     public const LOGIN_ROUTE = 'sov_login';

  29. 

  30.     private $entityManager;

  31.     private $urlGenerator;

  32.     private $csrfTokenManager;

  33.     private $passwordEncoder;

  34.     protected $parameterBag;

  35. 

  36.     public function __construct(

  37.         EntityManager $entityManager,

  38.         UrlGeneratorInterface $urlGenerator,

  39.         CsrfTokenManagerInterface $csrfTokenManager,

  40.         UserPasswordEncoderInterface $passwordEncoder,

  41.         ParameterBagInterface $parameterBag

  42.     )

  43.     {

  44.         $this->entityManager = $entityManager;

  45.         $this->urlGenerator = $urlGenerator;

  46.         $this->csrfTokenManager = $csrfTokenManager;

  47.         $this->passwordEncoder = $passwordEncoder;

  48.         $this->parameterBag = $parameterBag;

  49.     }

  50. 

  51.     public function supports(Request $request)

  52.     {

  53.         return self::LOGIN_ROUTE === $request->attributes->get('_route')

  54.             && $request->isMethod('POST');

  55.     }

  56. 

  57.     public function getCredentials(Request $request)

  58.     {

  59.         $credentials = [

  60.             'email' => $request->request->get('email'),

  61.             'password' => $request->request->get('password'),

  62.             'csrf_token' => $request->request->get('_csrf_token'),

  63.         ];

  64.         $request->getSession()->set(

  65.             Security::LAST_USERNAME,

  66.             $credentials['email']

  67.         );

  68. 

  69.         return $credentials;

  70.     }

  71. 

  72.     public function getUser($credentials, UserProviderInterface $userProvider)

  73.     {

  74.         $token = new CsrfToken('authenticate', $credentials['csrf_token']);

  75.         if (!$this->csrfTokenManager->isTokenValid($token)) {

  76.             throw new InvalidCsrfTokenException();

  77.         }

  78. 

  79.         $user = $this->entityManager->getRepository(UserInterface::class)->findOneBy(

  80.             ['email' => $credentials['email']]

  81.         );

  82. 

  83.         if (!$user) {

  84.             // fail authentication with a custom error

  85.             throw new CustomUserMessageAuthenticationException('Email could not be found.');

  86.         }

  87. 

  88.         return $user;

  89.     }

  90. 

  91.     public function checkCredentials($credentials, SfUserInterface $user)

  92.     {

  93.         return $this->passwordEncoder->isPasswordValid($user, $credentials['password']);

  94.     }

  95. 

  96.     /**

  97.      * Used to upgrade (rehash) the user's password automatically over time.

  98.      */

  99.     public function getPassword($credentials): ?string

  100.     {

  101.         return $credentials['password'];

  102.     }

  103. 

  104.     public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $providerKey)

  105.     {

  106.         $routeName = 'home';

  107.         $email = $request->request->get('email');

  108.         $loginRedirection = $this->parameterBag->get('lc_sov.login_redirection');

  109.         $useReferer = $loginRedirection['redirect_referer'];

  110.         $rolesRedirection = $loginRedirection['roles_redirection'];

  111. 

  112.         if (isset($useReferer) && $useReferer == true) {

  113.             $url = $request->request->get('_target_path');

  114.         } else {

  115.             $user = $this->entityManager->getRepository(UserInterface::class)->findOneBy(['email' => $email]);

  116. 

  117.             if (!empty($user)) {

  118.                 $roles = $user->getRoles();

  119. 

  120.                 foreach ($rolesRedirection as $roleRedirect) {

  121.                     if (in_array($roleRedirect['role'], $roles)) {

  122.                         $routeName = $roleRedirect['redirect'];

  123.                     }

  124.                 }

  125.             }

  126.         }

  127. 

  128.         if (isset($url) && !empty($url)) {

  129.             return new RedirectResponse($url);

  130.         } else {

  131.             return new RedirectResponse($this->urlGenerator->generate($routeName));

  132.         }

  133.     }

  134. 

  135.     protected function getLoginUrl()

  136.     {

  137.         return $this->urlGenerator->generate(self::LOGIN_ROUTE);

  138.     }

  139. }