src/Security/LoginFormAuthenticator.php line 100

Open in your IDE?
  1. <?php
  3. namespace App\Security;
  5. use App\Exception\reCaptcha3Exception;
  6. use App\Services\{EntityServices\UserEntityService,
  7.     ParameterService,
  8.     reCaptcha3ValidatorService,
  9.     Tenants\Tenant1\CookieService,
  10.     TenantService};
  11. use Symfony\Component\HttpFoundation\JsonResponse;
  12. use Symfony\Component\HttpFoundation\Request;
  13. use Symfony\Component\HttpFoundation\Response;
  14. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  15. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  16. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  17. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  18. use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
  19. use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException;
  20. use Symfony\Component\Security\Core\Security;
  21. use Symfony\Component\Security\Core\User\UserInterface;
  22. use Symfony\Component\Security\Core\User\UserProviderInterface;
  23. use Symfony\Component\Security\Csrf\CsrfToken;
  24. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  25. use Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator;
  26. use Symfony\Component\Security\Guard\PasswordAuthenticatedInterface;
  27. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  29. class LoginFormAuthenticator extends AbstractFormLoginAuthenticator implements PasswordAuthenticatedInterface
  30. {
  31.     use TargetPathTrait;
  33.     public const LOGIN_ROUTE 'user_sign_in';
  35.     private $urlGenerator;
  36.     private $csrfTokenManager;
  37.     private $passwordEncoder;
  38.     private $userEntityService;
  39.     private $tenantService;
  40.     private $cookieService;
  41.     private $reCaptcha3ValidatorService;
  43.     public function __construct(
  44.         UrlGeneratorInterface $urlGenerator
  45.         CsrfTokenManagerInterface $csrfTokenManager
  46.         TenantService $tenantService,
  47.         UserEntityService $userEntityService,
  48.         UserPasswordEncoderInterface $passwordEncoder,
  49.         CookieService $cookieService,
  50.         ParameterService $parameterService,
  51.         reCaptcha3ValidatorService $reCaptcha3ValidatorService
  52.     )
  53.     {
  54.         $this->urlGenerator $urlGenerator;
  55.         $this->csrfTokenManager $csrfTokenManager;
  56.         $this->passwordEncoder $passwordEncoder;
  57.         $this->tenantService $tenantService;
  58.         $this->userEntityService $userEntityService;
  59.         $this->cookieService $cookieService;
  60.         $this->tenant $tenantService->defineTenant();
  61.         $this->reCaptcha3ValidatorService $reCaptcha3ValidatorService;
  62.         $this->reCaptcha3ValidatorService->setAccess(
  63.             $parameterService->getParameter($this->tenant->getSettingsArrayAssoc()['config'] ?? 'non-existent''reCaptcha3.secretKey'),
  64.             $parameterService->getParameter($this->tenant->getSettingsArrayAssoc()['config'] ?? 'non-existent''reCaptcha3.allowableScore')
  65.         );
  66.      }
  68.     public function supports(Request $request)
  69.     {
  70.         return self::LOGIN_ROUTE === $request->attributes->get('_route')
  71.             && $request->isMethod('POST');
  72.     }
  74.     public function getCredentials(Request $request)
  75.     {
  76.         $credentials = [
  77.             'email' => $request->request->get('email'),
  78.             'password' => $request->request->get('password'),
  79.             'tenant' => $this->tenantService->defineTenant(),
  80.             'csrf_token' => $request->request->get('_csrf_token'),
  81.             'gRecaptchaToken' => $request->request->get('reCAPTCHA_token'),
  82.         ];
  83.         $request->getSession()->set(
  84.             Security::LAST_USERNAME,
  85.             $credentials['email']
  86.         );
  87.         return $credentials;
  88.     }
  90.     public function getUser($credentialsUserProviderInterface $userProvider)
  91.     {
  92.         $this->reCaptcha3ValidatorService->setToken($credentials['gRecaptchaToken']);
  93.         if ($this->reCaptcha3ValidatorService->validate()) {
  94.             throw new reCaptcha3Exception('reCaptcha3 validation failed.');
  95.         }
  96.         // $token = new CsrfToken('SignInForm', $credentials['csrf_token']);
  97.         // if (!$this->csrfTokenManager->isTokenValid($token)) {
  98.         //     throw new InvalidCsrfTokenException('csrf not passed');
  99.         // }
  100.         $user $this->userEntityService->findUser($credentials['email'], $credentials['tenant']);
  101.         if (!$user) {
  102.             // fail authentication with a custom error
  103.             throw new CustomUserMessageAuthenticationException('sign_in.email_not_found');
  104.         }
  105.         return $user;
  106.     }
  108.     public function checkCredentials($credentialsUserInterface $user)
  109.     {
  110.         return $this->passwordEncoder->isPasswordValid($user$credentials['password']);
  111.     }
  113.     /**
  114.      * Used to upgrade (rehash) the user's password automatically over time.
  115.      */
  116.     public function getPassword($credentials): ?string
  117.     {
  118.         return $credentials['password'];
  119.     }
  121.     public function onAuthenticationSuccess(Request $requestTokenInterface $tokenstring $providerKey)
  122.     {
  123. //        if ($targetPath = $this->getTargetPath($request->getSession(), $providerKey)) {
  124. //            return new RedirectResponse($targetPath);
  125. //        }
  126. //        $response = new RedirectResponse($this->urlGenerator->generate('user_profile'));
  127. //        $response = $this->cookieService->addCookieToResponse($response, $request);
  128. //        return $response;
  130.         if ($targetPath $this->getTargetPath($request->getSession(), $providerKey)) {
  131.             return new JsonResponse(['redirectUri' => $targetPath]);
  132.         }
  133.         if ($request->request->get('referral') !== "null") {
  134.             $response = new JsonResponse(['redirectUri' => $request->request->get('referral')]);
  135.         } else {
  136.             $response = new JsonResponse(['redirectUri' => $this->urlGenerator->generate('user_profile')]);
  137.         }
  138.         $response $this->cookieService->addCookieToResponse($response$request);
  139.         return $response;
  140.     }
  142.     public function onAuthenticationFailure(Request $requestAuthenticationException $exception)
  143.     {
  144. //        $request->getSession()->set( Security::AUTHENTICATION_ERROR, 'exception.sign_in.auth_failed');
  145. //        return new RedirectResponse($this->getLoginUrl());
  147.         return new JsonResponse($exception->getMessage(), Response::HTTP_UNAUTHORIZED);
  148.     }
  150.     protected function getLoginUrl()
  151.     {
  152.         return $this->urlGenerator->generate(self::LOGIN_ROUTE);
  153.     }
  154. }