src/Core/Security/LoginFormAuthenticator.php line 40

  1. <?php
  2. /**
  3.  * Copyright (c) 2019 TECLA Consulting Group oü.
  4.  * All rights reserved.
  5.  *
  6.  * This unpublished material is proprietary to TECLA Consulting Group oü.
  7.  * All rights reserved. The methods and
  8.  * techniques described herein are considered trade secrets
  9.  * and/or confidential. Reproduction or distribution, in whole
  10.  * or in part, is forbidden except by express written permission
  11.  * of TECLA Consulting Group oü.
  12.  *
  13.  * @author    Matúš Sýkorjak <matus@tecla.no>
  14.  * @copyright 2019 TECLA Consulting Group oü
  15.  */
  17. namespace App\Core\Security;
  19. use App\Core\Model\UserInterface;
  20. use App\Core\Security\Encoder\LegacyUserPasswordEncoderInterface;
  21. use Symfony\Component\HttpFoundation\RedirectResponse;
  22. use Symfony\Component\HttpFoundation\Request;
  23. use Symfony\Component\HttpFoundation\Response;
  24. use Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactoryInterface;
  25. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  26. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  27. use Symfony\Component\Security\Core\Exception\BadCredentialsException;
  28. use Symfony\Component\Security\Core\Security;
  29. use Symfony\Component\Security\Core\User\PasswordUpgraderInterface;
  30. use Symfony\Component\Security\Core\User\UserProviderInterface;
  31. use Symfony\Component\Security\Http\Authenticator\AbstractLoginFormAuthenticator;
  32. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\CsrfTokenBadge;
  33. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\PasswordUpgradeBadge;
  34. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\RememberMeBadge;
  35. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  36. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\CustomCredentials;
  37. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  38. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  40. class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
  41. {
  42.     use TargetPathTrait;
  44.     public const LOGIN_ROUTE 'app_login';
  46.     public const SUCCESS_ROUTE 'app_homepage';
  48.     private UserProviderInterface $userProvider;
  50.     private UrlGeneratorInterface $urlGenerator;
  52.     private LegacyUserPasswordEncoderInterface $legacyUserPasswordEncoder;
  54.     private PasswordHasherFactoryInterface $hasherFactory;
  56.     public function __construct(
  57.         UserProviderInterface $userProvider,
  58.         UrlGeneratorInterface $urlGenerator,
  59.         LegacyUserPasswordEncoderInterface $legacyUserPasswordEncoder,
  60.         PasswordHasherFactoryInterface $hasherFactory
  61.     ) {
  62.         $this->userProvider $userProvider;
  63.         $this->urlGenerator $urlGenerator;
  64.         $this->legacyUserPasswordEncoder $legacyUserPasswordEncoder;
  65.         $this->hasherFactory $hasherFactory;
  66.     }
  68.     public function authenticate(Request $request): Passport
  69.     {
  70.         $credentials $this->getCredentials($request);
  72.         $passport = new Passport(
  73.             new UserBadge($credentials['username']),
  74.             new CustomCredentials(
  75.                 function ($passwordUserInterface $user) {
  76.                     if ('' === $password) {
  77.                         throw new BadCredentialsException('The presented password cannot be empty.');
  78.                     }
  80.                     if (null === $user->getPassword()) {
  81.                         throw new BadCredentialsException('The presented password is invalid.');
  82.                     }
  84.                     if (null !== $user->getLegacyPassword() && '' !== $user->getLegacyPassword()) {
  85.                         return $this->legacyUserPasswordEncoder->isPasswordValid($user$password);
  86.                     }
  88.                     return $this->hasherFactory->getPasswordHasher($user)->verify(
  89.                         $user->getPassword(),
  90.                         $password
  91.                     );
  92.                 },
  93.                 $credentials['password']
  94.             ),
  95.             [
  96.                 new RememberMeBadge(),
  97.                 new CsrfTokenBadge('authenticate'$credentials['csrf_token']),
  98.             ]
  99.         );
  101.         if ($this->userProvider instanceof PasswordUpgraderInterface) {
  102.             $passport->addBadge(new PasswordUpgradeBadge($request->request->get('password'), $this->userProvider));
  103.         }
  105.         return $passport;
  106.     }
  108.     public function onAuthenticationSuccess(Request $requestTokenInterface $tokenstring $firewallName): ?Response
  109.     {
  110.         $targetPath $this->getTargetPath($request->getSession(), $firewallName);
  112.         if (true === str_contains($targetPath'cid=')) {
  113.             return new RedirectResponse($targetPath);
  114.         }
  116.         $routeParams = [];
  117.         $user $token->getUser();
  119.         if (true === $user instanceof UserInterface) {
  120.             $routeParams = ['cid' => $user->getContact()->getId()];
  121.         }
  123.         return new RedirectResponse($this->urlGenerator->generate(self::SUCCESS_ROUTE$routeParams));
  124.     }
  126.     protected function getLoginUrl(Request $request): string
  127.     {
  128.         return $this->urlGenerator->generate(self::LOGIN_ROUTE);
  129.     }
  131.     private function getCredentials(Request $request): array
  132.     {
  133.         $credentials = [
  134.             'username' => $request->request->get('username'),
  135.             'password' => $request->request->get('password'),
  136.             'csrf_token' => $request->request->get('_token'),
  137.         ];
  139.         $request->getSession()->set(
  140.             Security::LAST_USERNAME,
  141.             $credentials['username']
  142.         );
  144.         return $credentials;
  145.     }
  146. }