/
home
/
obinna
/
html
/
boaz
/
src
/
Security
/
Upload File
HOME
<?php namespace App\Security; use App\Entity\User; use Doctrine\ORM\EntityManagerInterface; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Routing\Generator\UrlGeneratorInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException; // use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException; use Symfony\Component\Security\Core\Security; use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; // use Symfony\Component\Security\Csrf\CsrfToken; // use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface; use Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator; use Symfony\Component\Security\Http\Util\TargetPathTrait; class LoginFormAuthenticator extends AbstractFormLoginAuthenticator { use TargetPathTrait; /** * @var EntityManagerInterface */ private $entityManager; /** * @var UrlGeneratorInterface */ private $urlGenerator; // /** // * @var CsrfTokenManagerInterface // */ // private $csrfTokenManager; /** * @var UserPasswordEncoderInterface */ private $passwordEncoder; public function __construct( EntityManagerInterface $entityManager, UrlGeneratorInterface $urlGenerator, // CsrfTokenManagerInterface $csrfTokenManager, UserPasswordEncoderInterface $passwordEncoder) { $this->entityManager = $entityManager; $this->urlGenerator = $urlGenerator; // $this->csrfTokenManager = $csrfTokenManager; $this->passwordEncoder = $passwordEncoder; } public function supports(Request $request) { return 'login' === $request->attributes->get('_route') && $request->isMethod('POST'); } public function getCredentials(Request $request) { $credentials = [ 'username' => $request->request->get('_username'), 'password' => $request->request->get('_password'), // 'csrf_token' => $request->request->get('_csrf_token'), ]; // var_dump($credentials);die; $request->getSession()->set( Security::LAST_USERNAME, $credentials['username'] ); return $credentials; } public function getUser($credentials, UserProviderInterface $userProvider) { // $token = new CsrfToken('authenticate', $credentials['csrf_token']); // if (!$this->csrfTokenManager->isTokenValid($token)) { // throw new InvalidCsrfTokenException(); // } $user = $this->entityManager->getRepository(User::class)->findOneBy(['username' => $credentials['username']]); if (!$user) { // fail authentication with a custom error throw new CustomUserMessageAuthenticationException('Username/password is invalid.'); } return $user; } public function checkCredentials($credentials, UserInterface $user) { // Check the user's password or other credentials and return true or false // If there are no credentials to check, you can just return true if ($this->passwordEncoder->isPasswordValid($user, $credentials['password'])) { if (!$user->getEnabled()) { throw new CustomUserMessageAuthenticationException('You need to verify your account. Check your email for a verification link'); } return true; } throw new CustomUserMessageAuthenticationException('Username and/or password is invalid.'); } public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey) { if ($targetPath = $this->getTargetPath($request->getSession(), $providerKey)) { return new RedirectResponse($targetPath); } return new RedirectResponse($this->urlGenerator->generate('redirect')); // throw new \Exception('TODO: provide a valid redirect inside '.__FILE__); } protected function getLoginUrl() { return $this->urlGenerator->generate('login'); } }