src/Security/AppCustomAuthenticator.php line 22

Open in your IDE?
  1. <?php
  3. namespace App\Security;
  5. use Symfony\Component\HttpFoundation\RedirectResponse;
  6. use Symfony\Component\HttpFoundation\Request;
  7. use Symfony\Component\HttpFoundation\Response;
  8. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  9. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  10. use Symfony\Component\Security\Core\Security;
  11. use Symfony\Component\Security\Http\Authenticator\AbstractLoginFormAuthenticator;
  12. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\CsrfTokenBadge;
  13. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  14. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
  15. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  16. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  17. use App\Repository\UserRepository;
  18. use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
  19. use Psr\Log\LoggerInterface;
  22. class AppCustomAuthenticator extends AbstractLoginFormAuthenticator
  23. {
  24.     use TargetPathTrait;
  26.     public const LOGIN_ROUTE 'app_login';
  28.     public function __construct(LoggerInterface $loggerUserRepository $userRepository, private UrlGeneratorInterface $urlGenerator)
  29.     {
  30.             $this->userRepository $userRepository;
  31.             $this->logger $logger;
  32.     }
  34.     public function authenticate(Request $request): Passport
  35.     {
  36.         $email $request->request->get('email''');
  38.         $request->getSession()->set(Security::LAST_USERNAME$email);
  39.                 
  40.                 $user $this->userRepository->findOneByEmail($email);
  42.                 if (!$user) {
  43.             throw new CustomUserMessageAuthenticationException('User does not exists.');
  44.         } elseif (!$user->isVerified()) {
  45.             throw new CustomUserMessageAuthenticationException('Your account is not verified.');
  46.                 }
  48.         return new Passport(
  49.             new UserBadge($email),
  50.             new PasswordCredentials($request->request->get('password''')),
  51.             [
  52.                 new CsrfTokenBadge('authenticate'$request->request->get('_csrf_token')),
  53.             ]
  54.         );
  55.     }
  57.     public function onAuthenticationSuccess(Request $requestTokenInterface $tokenstring $firewallName): ?Response
  58.     {
  59.         if ($targetPath $this->getTargetPath($request->getSession(), $firewallName)) {
  60.             return new RedirectResponse($targetPath);
  61.         }
  63.         // For example:
  64.         return new RedirectResponse($this->urlGenerator->generate('admin_dashboard'));
  65.         // throw new \Exception('TODO: provide a valid redirect inside '.__FILE__);
  66.     }
  68.     protected function getLoginUrl(Request $request): string
  69.     {
  70.         return $this->urlGenerator->generate(self::LOGIN_ROUTE);
  71.     }
  72. }