src/Security/LoginFormAuthenticator.php line 67

Open in your IDE?
  1. <?php
  2. namespace App\Security;
  3. use App\Entity\User;
  4. use Doctrine\ORM\EntityManagerInterface;
  5. use Symfony\Component\HttpFoundation\RedirectResponse;
  6. use Symfony\Component\HttpFoundation\Request;
  7. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  10. use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException;
  11. use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
  12. use Symfony\Component\Security\Core\Security;
  13. use Symfony\Component\Security\Core\User\UserInterface;
  14. use Symfony\Component\Security\Core\User\UserProviderInterface;
  15. use Symfony\Component\Security\Csrf\CsrfToken;
  16. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  17. use Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator;
  18. use Symfony\Component\Security\Guard\PasswordAuthenticatedInterface;
  19. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  20. class LoginFormAuthenticator extends AbstractFormLoginAuthenticator implements PasswordAuthenticatedInterface
  21. {
  22.     use TargetPathTrait;
  23.     public const LOGIN_ROUTE 'app_login';
  24.     private $entityManager;
  25.     private $urlGenerator;
  26.     private $csrfTokenManager;
  27.     private $passwordEncoder;
  28.     public function __construct(EntityManagerInterface $entityManagerUrlGeneratorInterface $urlGeneratorCsrfTokenManagerInterface $csrfTokenManagerUserPasswordEncoderInterface $passwordEncoder)
  29.     {
  30.         $this->entityManager $entityManager;
  31.         $this->urlGenerator $urlGenerator;
  32.         $this->csrfTokenManager $csrfTokenManager;
  33.         $this->passwordEncoder $passwordEncoder;
  34.     }
  35.     public function supports(Request $request)
  36.     {
  37.         return self::LOGIN_ROUTE === $request->attributes->get('_route')
  38.             && $request->isMethod('POST');
  39.     }
  40.     public function getCredentials(Request $request)
  41.     {
  42.         $credentials = [
  43.             'email' => $request->request->get('email'),
  44.             'password' => $request->request->get('password'),
  45.             'csrf_token' => $request->request->get('_csrf_token'),
  46.         ];
  47.         $request->getSession()->set(
  48.             Security::LAST_USERNAME,
  49.             $credentials['email']
  50.         );
  51.         return $credentials;
  52.     }
  53.     public function getUser($credentialsUserProviderInterface $userProvider)
  54.     {
  55.         $token = new CsrfToken('authenticate'$credentials['csrf_token']);
  56.         if (!$this->csrfTokenManager->isTokenValid($token)) {
  57.             throw new InvalidCsrfTokenException();
  58.         }
  59.         $user $this->entityManager->getRepository(User::class)->findOneBy(['email' => $credentials['email']]);
  60.         if (!$user) {
  61.             throw new UsernameNotFoundException('Email could not be found.');
  62.         }
  63.         return $user;
  64.     }
  65.     public function checkCredentials($credentialsUserInterface $user)
  66.     {
  67.         return $this->passwordEncoder->isPasswordValid($user$credentials['password']);
  68.     }
  69.     /**
  70.      * Used to upgrade (rehash) the user's password automatically over time.
  71.      */
  72.     public function getPassword($credentials): ?string
  73.     {
  74.         return $credentials['password'];
  75.     }
  76.     public function onAuthenticationSuccess(Request $requestTokenInterface $token$providerKey)
  77.     {
  78.         $request->getSession()->getFlashBag()->add('success''Welcome '.$token->getUser()->getFullName());
  79.         if ($targetPath $this->getTargetPath($request->getSession(), $providerKey)) {
  80.             return new RedirectResponse($targetPath);
  81.         }
  82.         // For example : return new RedirectResponse($this->urlGenerator->generate('some_route'));
  83.         return new RedirectResponse($this->urlGenerator->generate('app_account'));
  84.     }
  85.     protected function getLoginUrl()
  86.     {
  87.         return $this->urlGenerator->generate(self::LOGIN_ROUTE);
  88.     }
  89. }