src/Security/Accesos/LoginAuthenticator.php line 66

Open in your IDE?
  1. <?php
  3. namespace App\Security\Accesos;
  5. use App\Entity\Accesos\Usuario;
  6. use Doctrine\ORM\EntityManagerInterface;
  7. use Symfony\Component\HttpFoundation\RedirectResponse;
  8. use Symfony\Component\HttpFoundation\Request;
  9. use Symfony\Component\HttpFoundation\Response;
  10. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  11. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  12. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  13. use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
  14. use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException;
  15. use Symfony\Component\Security\Core\Security;
  16. use Symfony\Component\Security\Core\User\UserInterface;
  17. use Symfony\Component\Security\Core\User\UserProviderInterface;
  18. use Symfony\Component\Security\Csrf\CsrfToken;
  19. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  20. use Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator;
  21. use Symfony\Component\Security\Guard\PasswordAuthenticatedInterface;
  22. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  23. use App\Entity\Accesos\Log;
  25. class LoginAuthenticator extends AbstractFormLoginAuthenticator implements PasswordAuthenticatedInterface {
  27.     use TargetPathTrait;
  29.     public const LOGIN_ROUTE 'app_login';
  31.     private $entityManager;
  32.     private $urlGenerator;
  33.     private $csrfTokenManager;
  34.     private $passwordEncoder;
  36.     public function __construct(EntityManagerInterface $entityManagerUrlGeneratorInterface $urlGeneratorCsrfTokenManagerInterface $csrfTokenManagerUserPasswordEncoderInterface $passwordEncoder) {
  37.         $this->entityManager $entityManager;
  38.         $this->urlGenerator $urlGenerator;
  39.         $this->csrfTokenManager $csrfTokenManager;
  40.         $this->passwordEncoder $passwordEncoder;
  41.     }
  43.     public function supports(Request $request): bool {
  44.         return self::LOGIN_ROUTE === $request->attributes->get('_route') && $request->isMethod('POST');
  45.     }
  47.     public function getCredentials(Request $request) {
  48.         $credentials = [
  49.             'email' => $request->request->get('email'),
  50.             'password' => $request->request->get('password'),
  51.             'csrf_token' => $request->request->get('_csrf_token'),
  52.         ];
  53.         $request->getSession()->set(
  54.                 Security::LAST_USERNAME,
  55.                 $credentials['email']
  56.         );
  58.         return $credentials;
  59.     }
  61.     public function getUser($credentialsUserProviderInterface $userProvider): ?Usuario {
  62.         $token = new CsrfToken('authenticate'$credentials['csrf_token']);
  63.         if (!$this->csrfTokenManager->isTokenValid($token)) {
  64.             throw new InvalidCsrfTokenException();
  65.         }
  66.         $user $this->entityManager->getRepository(Usuario::class)->findOneBy(['email' => $credentials['email']]);
  68.         if (!$user) {
  69.             // fail authentication with a custom error
  70.             throw new CustomUserMessageAuthenticationException('emailError.');
  71.         } else {
  72.             if (!$user->getHabilitado()) {
  73.                 throw new CustomUserMessageAuthenticationException('usuarioError.');
  74.             }
  75.         }
  77.         return $user;
  78.     }
  80.     public function checkCredentials($credentialsUserInterface $user): bool {
  81.         return $this->passwordEncoder->isPasswordValid($user$credentials['password']);
  82.     }
  84.     /**
  85.      * Used to upgrade (rehash) the user's password automatically over time.
  86.      */
  87.     public function getPassword($credentials): ?string {
  88.         return $credentials['password'];
  89.     }
  91.     public function onAuthenticationSuccess(Request $requestTokenInterface $token$providerKey): ?Response {
  92.         $this->addUsuarioAlLog($request);
  94.         if ($targetPath $this->getTargetPath($request->getSession(), $providerKey)) {
  95.             return new RedirectResponse($targetPath);
  96.         }
  97.         $usuario $this->entityManager->getRepository(Usuario::class)->findOneBy(['email' => $request->get('email')]);
  98.         if (in_array('ROLE_EXTERNO'$usuario->getRoles(), true)) {
  99.             return new RedirectResponse($this->urlGenerator->generate('app_comun_proyecto_index'));
  100.         }
  103.         return new RedirectResponse($this->urlGenerator->generate('app_default'));
  104.         //  throw new \Exception('TODO: provide a valid redirect inside '.__FILE__);
  105.     }
  107.     protected function getLoginUrl(): string {
  108.         return $this->urlGenerator->generate(self::LOGIN_ROUTE);
  109.     }
  111.     protected function addUsuarioAlLog(Request $request) {
  112.         $user $this->entityManager->getRepository(Usuario::class)->findOneBy(['email' => $request->get('email')]);
  114.         $log = new Log();
  115.         $log->setNombre($user->getNombre());
  116.         $log->setEmail($user->getEmail());
  117.         $log->setFecha(date_create('now'));
  118.         $this->entityManager->persist($log);
  119.         $this->entityManager->flush();
  120.     }
  122. }