Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save ephrin/9f29c4bcae755d7892e1 to your computer and use it in GitHub Desktop.
Save ephrin/9f29c4bcae755d7892e1 to your computer and use it in GitHub Desktop.
security:
providers:
fos_userbundle:
id: fos_user.user_provider.username
encoders:
FOS\UserBundle\Model\UserInterface: sha512
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
success_handler: acme.demo.xhr_authentication_success_handler
failure_handler: acme.demo.xhr_authentication_failure_handler
logout: true
anonymous: ~
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, role: ROLE_USER }
role_hierarchy:
ROLE_SUPER_ADMIN: ROLE_USER
<?xml version="1.0" ?>
<container xmlns="http://symfony.com/schema/dic/services"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
<parameters>
<parameter key="acme.demo.xhr_core_exception_listener.class">Acme\DemoBundle\Listener\XHRCoreExceptionListener</parameter>
<parameter key="acme.demo.xhr_authentication_success_handler.class">Acme\DemoBundle\Handler\XHRAuthenticationSuccessHandler</parameter>
<parameter key="acme.demo.xhr_authentication_failure_handler.class">Acme\DemoBundle\Handler\XHRAuthenticationFailureHandler</parameter>
</parameters>
<services>
<service id="acme.demo.xhr_core_exception_listener" class="%acme.demo.xhr_core_exception_listener.class%">
<tag name="kernel.event_listener" event="kernel.exception" method="onCoreException" priority="1000" />
</service>
<service id="acme.demo.xhr_authentication_success_handler" class="%acme.demo.xhr_authentication_success_handler.class%">
<argument type="service" id="security.http_utils" />
<argument type="collection" /> <!-- Options -->
</service>
<service id="acme.demo.xhr_authentication_failure_handler" class="%acme.demo.xhr_authentication_failure_handler.class%">
<argument type="service" id="http_kernel" />
<argument type="service" id="security.http_utils" />
<argument type="collection" /> <!-- Options -->
<argument type="service" id="logger" on-invalid="null" />
</service>
</services>
</container>
<?php
namespace Acme\DemoBundle\Handler;
use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationFailureHandler;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\JsonResponse;
class XHRAuthenticationFailureHandler extends DefaultAuthenticationFailureHandler
{
/**
* @param Request $request
* @param AuthenticationException $exception
*
* @return Response
*/
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
{
if ($request->isXmlHttpRequest()) {
$content = array(
'success' => false,
'message' => $exception->getMessage()
);
return new JsonResponse($content, 400);
}
return parent::onAuthenticationFailure($request, $exception);
}
}
<?php
namespace Acme\DemoBundle\Handler;
use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\JsonResponse;
class XHRAuthenticationSuccessHandler extends DefaultAuthenticationSuccessHandler
{
/**
* @param Request $request
* @param TokenInterface $token
*
* @return Response
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
{
if ($request->isXmlHttpRequest()) {
$content = array(
'success' => true
);
return new JsonResponse($content, 200);
}
return parent::onAuthenticationSuccess($request, $token);
}
}
<?php
namespace Acme\DemoBundle\Listener;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
use Symfony\Component\HttpFoundation\Response;
class XHRCoreExceptionListener
{
/**
* Handles security related exceptions.
*
* @param GetResponseForExceptionEvent $event
*/
public function onCoreException(GetResponseForExceptionEvent $event)
{
$exception = $event->getException();
$request = $event->getRequest();
if (! $request->isXmlHttpRequest()) {
return;
}
// Assume a server error if no explicit code is given
$statusCode = $exception->getCode();
if (!array_key_exists($statusCode, Response::$statusTexts)) {
$statusCode = 500;
}
$content = array('success' => false, 'message' => $exception->getMessage());
$response = new JsonResponse($content, $statusCode);
$event->setResponse($response);
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment