src/Security/JsonLoginUsernameAuthenticator.php line 20

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace App\Security;
  5. use App\Authentication\Entity\User;
  6. use Doctrine\ORM\EntityManagerInterface;
  7. use Lexik\Bundle\JWTAuthenticationBundle\Security\Http\Authentication\AuthenticationSuccessHandler;
  8. use Symfony\Component\HttpFoundation\JsonResponse;
  9. use Symfony\Component\HttpFoundation\Request;
  10. use Symfony\Component\HttpFoundation\Response;
  11. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  12. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  13. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  14. use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
  15. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  16. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
  17. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  18. use Symfony\Component\Security\Core\Exception\UserNotFoundException;
  20. class JsonLoginUsernameAuthenticator extends AbstractAuthenticator
  21. {
  22.     private EntityManagerInterface $em;
  24.     private UserPasswordHasherInterface $encoder;
  26.     private AuthenticationSuccessHandler $jwtSuccessHandler;
  28.     public function __construct(
  29.         EntityManagerInterface $em,
  30.         UserPasswordHasherInterface $encoder,
  31.         AuthenticationSuccessHandler $jwtSuccessHandler
  32.     ) {
  33.         $this->em $em;
  34.         $this->encoder $encoder;
  35.         $this->jwtSuccessHandler $jwtSuccessHandler;
  36.     }
  38.     /**
  39.      * Called on every request to decide if this authenticator should be
  40.      * used for the request. Returning false will cause this authenticator
  41.      * to be skipped.
  42.      */
  43.     public function supports(Request $request): bool
  44.     {
  45.         $isLoginRoute $request->attributes->get('_route') === 'app_authentication_authentication_login' && $request->isMethod('POST');
  46.         if (!$isLoginRoute) {
  47.             return false;
  48.         }
  50.         $isJsonRequest $request->headers->has('Content-Type') && $request->headers->get('Content-Type') === 'application/json';
  51.         if (!$isJsonRequest) {
  52.             return false;
  53.         }
  55.         $body json_decode($request->getContent(), true);
  56.         if ($body === null) {
  57.             return false;
  58.         }
  60.         return array_key_exists('username'$body) && array_key_exists('password'$body);
  61.     }
  63.     public function authenticate(Request $request): Passport
  64.     {
  65.         $body json_decode($request->getContent(), true);
  66.         $username $body['username'];
  67.         $password $body['password'];
  69.         if (!$username || !$password) {
  70.             throw new UserNotFoundException();
  71.         }
  73.         $user $this->em->getRepository(User::class)->findOneBy([
  74.             'username' => $username,
  75.         ]);
  77.         if ($user === null) {
  78.             throw new UserNotFoundException();
  79.         }
  81.         return new Passport(new UserBadge($username), new PasswordCredentials($password));
  82.     }
  83.     
  84.     public function onAuthenticationSuccess(Request $requestTokenInterface $tokenstring $firewallName): ?Response
  85.     {
  86.         $user $token->getUser();
  88.         return $this->jwtSuccessHandler->handleAuthenticationSuccess($user);
  89.     }
  91.     public function onAuthenticationFailure(Request $requestAuthenticationException $exception): ?Response
  92.     {
  93.         $data = [
  94.             'code' => 'authentication.failure',
  95.             'message' => [$exception->getMessageKey(), $exception->getMessageData()],
  96.         ];
  98.         return new JsonResponse($dataResponse::HTTP_FORBIDDEN);
  99.     }
  100. }