src/Security/FormAuthenticator.php line 70

Open in your IDE?
  1. <?php
  3. namespace App\Security;
  5. use App\Entity\Consultant;
  6. use App\Entity\Jeu;
  7. use App\Entity\Session;
  8. use App\Entity\User;
  9. use App\Entity\Candidat;
  11. use App\Repository\CandidatRepository;
  12. use App\Service\Commun\Utils;
  13. use Doctrine\Common\Util\ClassUtils;
  14. use Doctrine\ORM\EntityManagerInterface;
  15. use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
  16. use Symfony\Component\HttpFoundation\RedirectResponse;
  17. use Symfony\Component\HttpFoundation\Request;
  18. use Symfony\Component\RateLimiter\RateLimiterFactory;
  19. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  20. use Symfony\Component\Routing\RouterInterface;
  21. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  22. use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
  23. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  24. use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException;
  25. use Symfony\Component\Security\Core\Security;
  26. use Symfony\Component\Security\Core\User\UserInterface;
  27. use Symfony\Component\Security\Core\User\UserProviderInterface;
  28. use Symfony\Component\Security\Csrf\CsrfToken;
  29. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  30. use Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator;
  31. use Symfony\Component\Security\Guard\PasswordAuthenticatedInterface;
  32. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  34. use Symfony\Contracts\Translation\TranslatorInterface;
  35. use Symfony\Component\Translation\Translator;
  37. class FormAuthenticator extends AbstractFormLoginAuthenticator implements PasswordAuthenticatedInterface
  38. {
  39.     use TargetPathTrait;
  41.     const USERNAME 'username';
  42.     const PASS 'password';
  44.     private $entityManager;
  45.     private $router;
  46.     private $csrfTokenManager;
  47.     private $passwordEncoder;
  48.     private $security;
  49.     private $params;
  50.     private $translator;
  51.     private $user;
  53.     private $loginLimiterUsername;
  54.     private $loginLimiterIp;
  56. //    public function __construct(EntityManagerInterface $entityManager, UrlGeneratorInterface $urlGenerator, CsrfTokenManagerInterface  $csrfTokenManager, UserPasswordEncoderInterface $passwordEncoder, ParameterBagInterface $params, TranslatorInterface $translator)
  57. //    {
  58. //        $this->entityManager = $entityManager;
  59. //        $this->urlGenerator = $urlGenerator;
  60. //        $this->csrfTokenManager = $csrfTokenManager;
  61. //        $this->passwordEncoder = $passwordEncoder;
  62. //
  63. //                $this->params = $params;
  64. //        $this->translator = $translator;
  65. //    }
  68.     public function __construct(EntityManagerInterface $managerRouterInterface $routerCsrfTokenManagerInterface $csrfTokenManagerUserPasswordHasherInterface $passwordEncoderSecurity $securityParameterBagInterface $paramsTranslatorInterface $translatorRateLimiterFactory $loginAttemptsUsernameLimiterRateLimiterFactory $loginAttemptsIpLimiter)
  69.     {
  70.         $this->manager $manager;
  71.         $this->router $router;
  72.         $this->csrfTokenManager $csrfTokenManager;
  73.         $this->passwordEncoder $passwordEncoder;
  74.         $this->security $security;
  75.         $this->params $params;
  76.         $this->translator $translator;
  77.         $this->loginLimiterUsername $loginAttemptsUsernameLimiter;
  78.         $this->loginLimiterIp $loginAttemptsIpLimiter;
  79.     }
  81.     public function supports(Request $request)
  82.     {
  83.         return 'security_login' === $request->attributes->get('_route')
  84.             && $request->isMethod('POST');
  85.     }
  87.     public function getCredentials(Request $request)
  88.     {
  89.         $credentials = [
  90.             FormAuthenticator::USERNAME => $request->request->get(FormAuthenticator::USERNAME),
  91.             FormAuthenticator::PASS => $request->request->get(FormAuthenticator::PASS),
  92.             'csrf_token' => $request->request->get('_csrf_token'),
  93.         ];
  94.         $request->getSession()->set(
  95.             Security::LAST_USERNAME,
  96.             $credentials[FormAuthenticator::USERNAME]
  97.         );
  99.         return $credentials;
  100.     }
  102.     public function getUser($credentialsUserProviderInterface $userProvider)
  103.     {
  104.         $usernameLimiter $this->loginLimiterUsername->create($credentials[self::USERNAME]);
  105.         $ipLimiter $this->loginLimiterIp->create($_SERVER['REMOTE_ADDR'] ?? 'unknown_ip');
  107.         $usernameLimit $usernameLimiter->consume(1);
  108.         $ipLimit $ipLimiter->consume(1);
  110.         if (!$usernameLimit->isAccepted() || !$ipLimit->isAccepted()) {
  111.             throw new CustomUserMessageAuthenticationException(
  112.                 $this->translator->trans('error.too_many_attempts')
  113.             );
  114.         }
  115.         $token = new CsrfToken('authenticate'$credentials['csrf_token']);
  116.         if (!$this->csrfTokenManager->isTokenValid($token)) {
  117.             throw new InvalidCsrfTokenException();
  118.         }
  119. //        die;
  121.         /** @var User $user */
  122.         $user $this->manager->getRepository(User::class)->findOneBy([FormAuthenticator::USERNAME => $credentials[FormAuthenticator::USERNAME]]);
  123.         if (!$user) {
  124.             // fail authentication with a custom error
  125.             throw new CustomUserMessageAuthenticationException($this->translator->trans('error.identifiant_introuvable'));
  126.         }
  128.         $roles $user->getRoles();
  130.         if (!$user->getIsActive()) {
  131.             throw new CustomUserMessageAuthenticationException($this->translator->trans('error.disable_account'));
  132.         }
  133.         if (!in_array('ROLE_ADMIN'$rolestrue) && !in_array('ROLE_CONSULTANT'$rolestrue) && !in_array('ROLE_PMO'$rolestrue)) {
  134.             /** @var Session $session */
  136.             //TODO: Verifier si le jeu est OK.
  137.             /*$candidat = $this->manager->getRepository(Candidat::class)->find($user->getId());
  138.             $jeu = $candidat->getProject()->getJeu();
  139.             if ($jeu->getSocietes()->count() === 0 || $jeu->getCorrespondantsCounter() === 0 || $jeu->isValid() === false || $jeu->getEmailModeles()->count() === 0) {
  140.                 throw new CustomUserMessageAuthenticationException($this->translator->trans('error.jeu_incomplet'));
  141.             }*/
  143.             $session $user->getSession();
  144.             if (!$session) {
  145.                 throw new CustomUserMessageAuthenticationException($this->translator->trans('error.non_inscrit'));
  146.             }
  148.             if ($session->getStatus() == 'CLOSE') {
  149.                 throw new CustomUserMessageAuthenticationException($this->translator->trans('error.session_cloturee'));
  150.             }
  152.             if ($session->getStatus() == 'SOON') {
  153.                 throw new CustomUserMessageAuthenticationException($this->translator->trans('error.session_non_encore_ouverte'));
  154.             }
  156.             $sessionSartTime $this->params->get('session_start_time');
  157.             $sessionCloseTime $this->params->get('session_close_time');
  158.             $sessionSartTime strtotime($sessionSartTime);
  159.             $sessionCloseTime strtotime($sessionCloseTime);
  160.             $currentDateTime = new \DateTime();
  161.             $currentTime $currentDateTime->format('H:i:s');
  162.             $currentTime strtotime($currentTime);
  163.             if ($currentTime $sessionSartTime || $currentTime >= $sessionCloseTime) {
  164.                 throw new CustomUserMessageAuthenticationException($this->translator->trans('error.session_indisponible'));
  165.             }
  166.         }
  169.         return $this->user $user;
  170.     }
  172.     public function checkCredentials($credentialsUserInterface $user)
  173.     {
  174.         return $this->passwordEncoder->isPasswordValid($user$credentials[FormAuthenticator::PASS]);
  175.     }
  177.     /**
  178.      * Used to upgrade (rehash) the user's password automatically over time.
  179.      */
  180.     public function getPassword($credentials): ?string
  181.     {
  182.         return $credentials['password'];
  183.     }
  185.     public function onAuthenticationSuccess(Request $requestTokenInterface $token$providerKey)
  186.     {
  189.         // RĂ©initialiser le compteur du limiter
  190.         $usernameLimiter $this->loginLimiterUsername->create($this->user->getUsername());
  191.         $ipLimiter $this->loginLimiterIp->create($request->getClientIp());
  193.         $usernameLimiter->reset();
  194.         $ipLimiter->reset();
  196.         $currentDateTime = new \DateTime();
  198. //        dump($token->getAttributes());
  199. //        dump($request->attributes);
  201.         $this->user->eraseCredentials();
  202.         $this->user->setConnectionOrigin('form');
  203.         $this->user->setSsoPartner('');
  204.         $this->user->setDateLastConnection($currentDateTime);
  205.         $this->user->addNumberConnection();
  206.         $this->manager->flush();
  208.         if ($targetPath $this->getTargetPath($request->getSession(), $providerKey)) {
  209.             return new RedirectResponse($targetPath);
  210.         }
  212.         $roles $token->getRoleNames();
  213.         if (in_array('ROLE_ADMIN'$rolestrue) || in_array('ROLE_CONSULTANT'$rolestrue) || in_array('ROLE_PMO'$rolestrue)) {
  214.             $redirection = new RedirectResponse($this->router->generate('admin_index'));
  215.         } else {
  216.             /** @var Candidat $candidat */
  217.             $candidat $this->manager->getRepository(Candidat::class)->find($this->user->getId());
  218.             $langueJeu $candidat->getProject()->getJeu()->getLangue();
  219.             $request->setLocale($langueJeu);
  221.             $redirection = new RedirectResponse($this->router->generate('mail_inbox'));
  222.         }
  224.         return $redirection;
  225.     }
  227.     protected function getLoginUrl()
  228.     {
  229.         return $this->router->generate("security_login");
  230.     }
  231. }