src/Module/Security/LoginFormAuthenticator.php line 24

  1. <?php
  2. namespace App\Module\Security;
  4. use App\Module\Security\Entity\User;
  5. use App\Module\Security\Model\PepperValidation;
  6. use Doctrine\ORM\EntityManagerInterface;
  7. use Symfony\Component\HttpFoundation\RedirectResponse;
  8. use Symfony\Component\HttpFoundation\Request;
  9. use Symfony\Component\HttpFoundation\RequestStack;
  10. use Symfony\Component\HttpFoundation\Response;
  11. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  12. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  13. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  14. use Symfony\Component\Security\Core\Exception\UserNotFoundException;
  15. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  16. use Symfony\Component\Security\Http\Authenticator\AbstractLoginFormAuthenticator;
  17. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\CsrfTokenBadge;
  18. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\RememberMeBadge;
  19. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  20. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
  21. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  22. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  24. class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
  25. {
  26.     use TargetPathTrait;
  27.     public const LOGIN_ROUTE 'app_login';
  28.     public function __construct(
  29.         private readonly RequestStack                $requestStack,
  30.         private readonly EntityManagerInterface      $entityManager,
  31.         private readonly UrlGeneratorInterface       $urlGenerator,
  32.         private readonly CsrfTokenManagerInterface   $csrfTokenManager,
  33.         private readonly UserPasswordHasherInterface $userPasswordHasher,
  34.         private readonly PepperValidation            $pepperStorage,
  35.     )
  36.     {
  37.     }
  38.     public function authenticate(Request $request): Passport
  39.     {
  40.         $email $request->request->get('email');
  41.         $password $request->request->get('password');
  43. //        Check for Valid Pepper
  44.         $paramBag $request->request->get('pepper');
  45.         $this->requestStack->getSession()->set('pepper'$paramBag);
  47.         $this->pepperStorage->setPepper($paramBag);
  49.         if(!$this->pepperStorage->validatePepper()){
  50.             throw new UserNotFoundException();
  51.         }
  53.         return new Passport(
  54.             new UserBadge($email, function($userIdentifier) {
  55.                 // optionally pass a callback to load the User manually
  56.                 $user $this->entityManager
  57.                     ->getRepository(User::class)
  58.                     ->findOneBy(['email' => $userIdentifier]);
  59.                 if (!$user) {
  60.                     throw new UserNotFoundException();
  61.                 }
  62.                 return $user;
  63.             }),
  64.             new PasswordCredentials($password),
  65.             [
  66.                 new CsrfTokenBadge(
  67.                     'authenticate',
  68.                     $request->request->get('_csrf_token')
  69.                 ),
  70.                 (new RememberMeBadge())->enable(),
  71.             ]
  72.         );
  73.     }
  75.     public function onAuthenticationSuccess(Request $requestTokenInterface $tokenstring $firewallName): Response
  76.     {
  77.         if ($targetPath $this->getTargetPath($this->requestStack->getSession(), $firewallName)) {
  78.             return new RedirectResponse($targetPath);
  79.         }
  80.         return new RedirectResponse($this->urlGenerator->generate('app_module_firewall_firewall_list__invoke'));
  81.     }
  83.     protected function getLoginUrl(Request $request): string
  84.     {
  85.         return $this->urlGenerator->generate(self::LOGIN_ROUTE);
  86.     }
  87. }