src/Security/FrontAuthenticator.php line 111

Open in your IDE?
  1. <?php
  3. /*
  4.  * Unauthorized copying of this file, via any medium is strictly prohibited
  5.  * Proprietary and confidential.
  6.  *
  7.  * @author Bilel AZRI          <azri.bilel@gmail.com>
  8.  * @author Assma BEN SASSI     <bensassiasma.bws@gmail.com>
  9.  *
  10.  * Bicking man (c) 2019-present.
  11.  */
  13. declare(strict_types=1);
  15. namespace App\Security;
  17. use App\Entity\User\Admin;
  18. use App\Entity\User\Organizer;
  19. use App\Entity\User\User;
  20. use App\Repository\User\UserRepository;
  21. use Doctrine\ORM\EntityManagerInterface;
  22. use Symfony\Component\HttpFoundation\JsonResponse;
  23. use Symfony\Component\HttpFoundation\RedirectResponse;
  24. use Symfony\Component\HttpFoundation\Request;
  25. use Symfony\Component\HttpFoundation\Response;
  26. use Symfony\Component\HttpFoundation\Session\Session;
  27. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  28. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  29. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  30. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  31. use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
  32. use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException;
  33. use Symfony\Component\Security\Core\Security;
  34. use Symfony\Component\Security\Core\User\UserInterface;
  35. use Symfony\Component\Security\Core\User\UserProviderInterface;
  36. use Symfony\Component\Security\Csrf\CsrfToken;
  37. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  38. use Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator;
  39. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  41. class FrontAuthenticator extends AbstractFormLoginAuthenticator
  42. {
  43.     use TargetPathTrait;
  45.     public const LOGIN_ROUTE 'front.security.app_login';
  47.     /**
  48.      * The Entity manager used to retrieve users.
  49.      *
  50.      * @var EntityManagerInterface
  51.      */
  52.     private $entityManager;
  54.     /**
  55.      * The Url generator used to generate urls.
  56.      *
  57.      * @var UrlGeneratorInterface
  58.      */
  59.     private $urlGenerator;
  61.     /**
  62.      * The Csrf token manager used to validate the csrf token.
  63.      *
  64.      * @var CsrfTokenManagerInterface
  65.      */
  66.     private $csrfTokenManager;
  68.     /**
  69.      * The Password Encoder used to validate the password.
  70.      *
  71.      * @var UserPasswordEncoderInterface
  72.      */
  73.     private $passwordEncoder;
  75.     public function __construct(EntityManagerInterface $entityManagerUrlGeneratorInterface $urlGeneratorCsrfTokenManagerInterface $csrfTokenManagerUserPasswordEncoderInterface $passwordEncoder)
  76.     {
  77.         $this->entityManager $entityManager;
  78.         $this->urlGenerator $urlGenerator;
  79.         $this->csrfTokenManager $csrfTokenManager;
  80.         $this->passwordEncoder $passwordEncoder;
  81.     }
  83.     public function supports(Request $request): bool
  84.     {
  85.         return self::LOGIN_ROUTE === $request->attributes->get('_route')
  86.             && $request->isMethod('POST');
  87.     }
  89.     /**
  90.      * @return array{username: string, password: string, csrf_token: string}
  91.      */
  92.     public function getCredentials(Request $request): array
  93.     {
  94.         /**
  95.          * @var string
  96.          */
  97.         $username $request->request->get('username');
  98.         /**
  99.          * @var string
  100.          */
  101.         $password $request->request->get('password');
  102.         /**
  103.          * @var string
  104.          */
  105.         $csrf $request->request->get('_csrf_token');
  107.         $credentials = ['username' => $username'password' => $password'csrf_token' => $csrf];
  109.         /** @var Session $session */
  110.         $session $request->getSession();
  111.         $session->set(Security::LAST_USERNAME$credentials['username']);
  113.         return $credentials;
  114.     }
  116.     public function getUser($credentialsUserProviderInterface $userProvider): User
  117.     {
  118.         /** @var array{username: string, password: string, csrf_token: string} $credentials */
  119.         $token = new CsrfToken('authenticate'$credentials['csrf_token']);
  121.         if (!$this->csrfTokenManager->isTokenValid($token)) {
  122.             throw new InvalidCsrfTokenException('Invalid Csrf Token.');
  123.         }
  125.         /** @var UserRepository $repo */
  126.         $repo $this->entityManager->getRepository(User::class);
  127.         $user $repo->findOneByUsername($credentials['username']);
  129.         if (null === $user) {
  130.             // fail authentication with a custom error
  131.             throw new CustomUserMessageAuthenticationException('User could not be found.');
  132.         }
  134.         return $user;
  135.     }
  137.     public function checkCredentials($credentialsUserInterface $user): bool
  138.     {
  139.         /** @var array{username: string, password: string, csrf_token: string} $credentials */
  140.         return $this->passwordEncoder->isPasswordValid($user$credentials['password']);
  141.     }
  143.     /**
  144.      * @param string $providerKey
  145.      */
  146.     public function onAuthenticationSuccess(Request $requestTokenInterface $token$providerKey): Response
  147.     {
  148.         if (null !== $headerAccept $request->headers->get('accept')) {
  149.             if (false !== strpos($headerAccept'json')) {
  150.                 return new JsonResponse(['status' => 'failed''message' => 'You entered in secure area without login!'], Response::HTTP_UNAUTHORIZED);
  151.             }
  152.         }
  154.         /** @var SessionInterface $session */
  155.         $session $request->getSession();
  156.         $targetPath $this->getTargetPath($session$providerKey);
  158.         if (null !== $targetPath) {
  159.             return new RedirectResponse($targetPath);
  160.         }
  162.         $user $token->getUser();
  164.         if ($user instanceof Admin || $user instanceof Organizer) {
  165.             return new RedirectResponse($this->urlGenerator->generate('back.dashboard.index'));
  166.         }
  168.         return new RedirectResponse($this->urlGenerator->generate('front.course.index'));
  169.     }
  171.     protected function getLoginUrl(): string
  172.     {
  173.         return $this->urlGenerator->generate(self::LOGIN_ROUTE);
  174.     }
  175. }