Created
January 22, 2020 20:46
-
-
Save geoffroycochard/b37f98728685d28bf37d07ffa3782e13 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * Created by PhpStorm. | |
| * User: geoffroycochard | |
| * Date: 22/01/2020 | |
| * Time: 16:49 | |
| */ | |
| // src/Security/TokenAuthenticator.php | |
| namespace App\Security; | |
| use App\Entity\User; | |
| use Doctrine\ORM\EntityManagerInterface; | |
| use Symfony\Component\HttpFoundation\JsonResponse; | |
| use Symfony\Component\HttpFoundation\Request; | |
| use Symfony\Component\HttpFoundation\Response; | |
| use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; | |
| use Symfony\Component\Security\Core\Exception\AuthenticationException; | |
| use Symfony\Component\Security\Core\User\UserInterface; | |
| use Symfony\Component\Security\Core\User\UserProviderInterface; | |
| use Symfony\Component\Security\Guard\AbstractGuardAuthenticator; | |
| class TokenAuthenticator extends AbstractGuardAuthenticator | |
| { | |
| private $em; | |
| public function __construct(EntityManagerInterface $em) | |
| { | |
| $this->em = $em; | |
| } | |
| /** | |
| * Called on every request to decide if this authenticator should be | |
| * used for the request. Returning false will cause this authenticator | |
| * to be skipped. | |
| */ | |
| public function supports(Request $request) | |
| { | |
| return $request->headers->has('X-AUTH-TOKEN'); | |
| } | |
| /** | |
| * Called on every request. Return whatever credentials you want to | |
| * be passed to getUser() as $credentials. | |
| */ | |
| public function getCredentials(Request $request) | |
| { | |
| return [ | |
| 'token' => $request->headers->get('X-AUTH-TOKEN'), | |
| ]; | |
| } | |
| public function getUser($credentials, UserProviderInterface $userProvider) | |
| { | |
| $apiToken = $credentials['token']; | |
| if (null === $apiToken) { | |
| return; | |
| } | |
| // if a User object, checkCredentials() is called | |
| return $this->em->getRepository(User::class) | |
| ->findOneBy(['apiKey' => $apiToken]); | |
| } | |
| public function checkCredentials($credentials, UserInterface $user) | |
| { | |
| // check credentials - e.g. make sure the password is valid | |
| // no credential check is needed in this case | |
| // return true to cause authentication success | |
| return true; | |
| } | |
| public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey) | |
| { | |
| // on success, let the request continue | |
| return null; | |
| } | |
| public function onAuthenticationFailure(Request $request, AuthenticationException $exception) | |
| { | |
| $data = [ | |
| 'message' => strtr($exception->getMessageKey(), $exception->getMessageData()) | |
| // or to translate this message | |
| // $this->translator->trans($exception->getMessageKey(), $exception->getMessageData()) | |
| ]; | |
| return new JsonResponse($data, Response::HTTP_FORBIDDEN); | |
| } | |
| /** | |
| * Called when authentication is needed, but it's not sent | |
| */ | |
| public function start(Request $request, AuthenticationException $authException = null) | |
| { | |
| $data = [ | |
| // you might translate this message | |
| 'message' => 'Authentication Required' | |
| ]; | |
| return new JsonResponse($data, Response::HTTP_UNAUTHORIZED); | |
| } | |
| public function supportsRememberMe() | |
| { | |
| return false; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment