src/Security/AppCustomAuthenticator.php line 64

Open in your IDE?
  1. <?php
  3. namespace App\Security;
  5. use App\Entity\User;
  6. use Doctrine\ORM\EntityManagerInterface;
  7. use Symfony\Component\HttpFoundation\RedirectResponse;
  8. use Symfony\Component\HttpFoundation\Request;
  9. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  10. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  11. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  12. use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException;
  13. use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
  14. use Symfony\Component\Security\Core\Security;
  15. use Symfony\Component\Security\Core\User\UserInterface;
  16. use Symfony\Component\Security\Core\User\UserProviderInterface;
  17. use Symfony\Component\Security\Csrf\CsrfToken;
  18. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  19. use Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator;
  20. use Symfony\Component\Security\Guard\PasswordAuthenticatedInterface;
  21. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  23. class AppCustomAuthenticator extends AbstractFormLoginAuthenticator implements PasswordAuthenticatedInterface
  24. {
  25.     use TargetPathTrait;
  27.     public const LOGIN_ROUTE 'app_login';
  29.     private $entityManager;
  30.     private $urlGenerator;
  31.     private $csrfTokenManager;
  32.     private $passwordEncoder;
  33.     private $mail;
  35.     public function __construct(EntityManagerInterface $entityManagerUrlGeneratorInterface $urlGeneratorCsrfTokenManagerInterface $csrfTokenManagerUserPasswordEncoderInterface $passwordEncoder)
  36.     {
  37.         $this->entityManager $entityManager;
  38.         $this->urlGenerator $urlGenerator;
  39.         $this->csrfTokenManager $csrfTokenManager;
  40.         $this->passwordEncoder $passwordEncoder;
  41.     }
  43.     public function supports(Request $request)
  44.     {
  45.         return self::LOGIN_ROUTE === $request->attributes->get('_route')
  46.             && $request->isMethod('POST');
  47.     }
  49.     public function getCredentials(Request $request)
  50.     {
  51.         $credentials = [
  52.             'email' => $request->request->get('email'),
  53.             'password' => $request->request->get('password'),
  54.             'csrf_token' => $request->request->get('_csrf_token'),
  55.         ];
  56.         $request->getSession()->set(
  57.             Security::LAST_USERNAME,
  58.             $credentials['email']
  59.         );
  61.         return $credentials;
  62.     }
  64.     public function getUser($credentialsUserProviderInterface $userProvider)
  65.     {
  66.         $token = new CsrfToken('authenticate'$credentials['csrf_token']);
  67.         if (!$this->csrfTokenManager->isTokenValid($token)) {
  68.             throw new InvalidCsrfTokenException();
  69.         }
  71.         $user $this->entityManager->getRepository(User::class)->findOneBy(['email' => $credentials['email']]);
  73.         if (!$user) {
  74.             throw new UsernameNotFoundException('Email could not be found.');
  75.         }
  77.         return $user;
  78.     }
  80.     public function checkCredentials($credentialsUserInterface $user)
  81.     {
  82.         return $this->passwordEncoder->isPasswordValid($user$credentials['password']);
  83.     }
  85.     /**
  86.      * Used to upgrade (rehash) the user's password automatically over time.
  87.      */
  88.     public function getPassword($credentials): ?string
  89.     {
  90.         return $credentials['password'];
  91.     }
  93.     public function onAuthenticationSuccess(Request $requestTokenInterface $token$providerKey)
  94.     {
  95.         
  96.         $mail $this->getCredentials($request);
  97.         $user $this->entityManager->getRepository(User::class)->findOneBy(['email' => $mail['email']]);
  98.       
  99.         
  101.         if (in_array('ROLE_ADMIN'$user->getRoles())){
  103.             return new RedirectResponse($this->urlGenerator->generate('app_admin'));
  105.         }elseif (in_array('ROLE_SUPER_ADMIN'$user->getRoles())){
  107.             return new RedirectResponse($this->urlGenerator->generate('app_admin'));
  109.         }elseif (in_array('ROLE_ADMIN_INTFEDERAL'$user->getRoles())){
  111.             return new RedirectResponse($this->urlGenerator->generate('province_admin'));
  113.         }elseif (in_array('ROLE_ADMIN_FEDERAL'$user->getRoles())){
  115.             return new RedirectResponse($this->urlGenerator->generate('federation_admin'));
  117.         }elseif (in_array('ROLE_DEMANDE'$user->getRoles())){
  119.             return new RedirectResponse($this->urlGenerator->generate('demande_user'));
  121.         }else{
  123.             return new RedirectResponse($this->urlGenerator->generate('usermembre_profil'));
  125.         }
  127.         return new RedirectResponse($this->urlGenerator->generate('app_admin'));
  128.         throw new \Exception('TODO: provide a valid redirect inside '.__FILE__);
  129.     }
  131.     protected function getLoginUrl()
  132.     {
  133.         return $this->urlGenerator->generate(self::LOGIN_ROUTE);
  134.     }
  135. }