Last active
February 27, 2017 11:31
-
-
Save nickmalcolm/0d937d36b7dccf5cab7a0a3e62314bfa to your computer and use it in GitHub Desktop.
Code example from "Subscribing to Symfony's Security Events" https://thisdata.com/blog/subscribing-to-symfonys-security-events/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| namespace AppBundle\EventSubscriber; | |
| use AppBundle\Entity\User; | |
| ... | |
| use ThisData\Api\ThisData; | |
| use ThisData\Api\Endpoint\EventsEndpoint; | |
| class SecuritySubscriber implements EventSubscriberInterface | |
| { | |
| private $entityManager; | |
| private $tokenStorage; | |
| private $authenticationUtils; | |
| private $thisData; | |
| public function __construct(EntityManager $entityManager, TokenStorageInterface $tokenStorage, AuthenticationUtils $authenticationUtils, $thisDataApiKey) | |
| { | |
| $this->entityManager = $entityManager; | |
| $this->tokenStorage = $tokenStorage; | |
| $this->authenticationUtils = $authenticationUtils; | |
| $this->thisData = ThisData::create($thisDataApiKey); | |
| } | |
| public static function getSubscribedEvents() | |
| { | |
| return array( | |
| AuthenticationEvents::AUTHENTICATION_FAILURE => 'onAuthenticationFailure', | |
| SecurityEvents::INTERACTIVE_LOGIN => 'onSecurityInteractiveLogin', | |
| ); | |
| } | |
| public function onAuthenticationFailure( AuthenticationFailureEvent $event ) | |
| { | |
| $username = $this->authenticationUtils->getLastUsername(); | |
| $existingUser = $this->entityManager->getRepository(User::class)->findOneBy(['username' => $username]); | |
| if ($existingUser) { | |
| $userDetails = [ | |
| 'id' => $existingUser->getId(), | |
| 'name' => $existingUser->getUsername(), | |
| 'email' => $existingUser->getEmail(), | |
| 'authenticated' => false | |
| ]; | |
| } else { | |
| $userDetails = [ | |
| 'name' => $username, | |
| 'authenticated' => false | |
| ]; | |
| } | |
| $ip = $_SERVER['REMOTE_ADDR']; | |
| $userAgent = $_SERVER['HTTP_USER_AGENT']; | |
| $endpoint = $this->thisData->getEventsEndpoint(); | |
| $endpoint->trackEvent(EventsEndpoint::VERB_LOG_IN_DENIED, $ip, $userDetails, $userAgent); | |
| } | |
| public function onSecurityInteractiveLogin( InteractiveLoginEvent $event ) | |
| { | |
| $user = $this->tokenStorage->getToken()->getUser(); | |
| $userDetails = [ | |
| 'id' => $user->getId(), | |
| 'name' => $user->getUsername(), | |
| 'email' => $user->getEmail() | |
| ]; | |
| $ip = $_SERVER['REMOTE_ADDR']; | |
| $userAgent = $_SERVER['HTTP_USER_AGENT']; | |
| $endpoint = $this->thisData->getEventsEndpoint(); | |
| $endpoint->trackEvent(EventsEndpoint::VERB_LOG_IN, $ip, $userDetails, $userAgent); | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| * Listens to security related events like log-ins, failed logins, etc, | |
| * and sends them to ThisData. | |
| * | |
| */ | |
| namespace AppBundle\EventSubscriber; | |
| use Symfony\Component\EventDispatcher\EventSubscriberInterface; | |
| use Symfony\Component\Security\Core\AuthenticationEvents; | |
| use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; | |
| use Symfony\Component\Security\Core\Event\AuthenticationFailureEvent; | |
| use Symfony\Component\Security\Http\Authentication\AuthenticationUtils; | |
| use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; | |
| use Symfony\Component\Security\Http\SecurityEvents; | |
| class SecuritySubscriber implements EventSubscriberInterface | |
| { | |
| private $entityManager; | |
| private $tokenStorage; | |
| private $authenticationUtils; | |
| public function __construct(EntityManager $entityManager, TokenStorageInterface $tokenStorage, AuthenticationUtils $authenticationUtils) | |
| { | |
| $this->entityManager = $entityManager; | |
| $this->tokenStorage = $tokenStorage; | |
| $this->authenticationUtils = $authenticationUtils; | |
| } | |
| public static function getSubscribedEvents() | |
| { | |
| return array( | |
| AuthenticationEvents::AUTHENTICATION_FAILURE => 'onAuthenticationFailure', | |
| SecurityEvents::INTERACTIVE_LOGIN => 'onSecurityInteractiveLogin', | |
| ); | |
| } | |
| public function onAuthenticationFailure( AuthenticationFailureEvent $event ) | |
| { | |
| $username = $this->authenticationUtils->getLastUsername(); | |
| $existingUser = $this->entityManager->getRepository(User::class)->findOneBy(['username' => $username]); | |
| if ($existingUser) { | |
| error_log("Log In Denied: Wrong password for User #" . $existingUser->getId() . " (" . $existingUser->getEmail() . ")"); | |
| } else { | |
| error_log("Log In Denied: User doesn't exist: " . $username); | |
| } | |
| } | |
| public function onSecurityInteractiveLogin( InteractiveLoginEvent $event ) | |
| { | |
| $user = $this->tokenStorage->getToken()->getUser(); | |
| error_log("Log In: User #" . $user->getId() . " (" . $user->getEmail() . ")"); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment