unti1x/AuthFailureHandler.php

## AuthFailureHandler.php
<?php

namespace AppBundle\Form\Handler;

use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationFailureHandler;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\Exception\AuthenticationException;

class AuthFailureHandler extends DefaultAuthenticationFailureHandler
{
    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
    {
        $session = $request->getSession();
        $session->set('auth_fails', $session->get('auth_fails', 0) + 1);

        return parent::onAuthenticationFailure($request, $exception);
    }
}

## AuthListener.php
<?php

namespace AppBundle\Listener;

use Symfony\Component\Security\Http\Firewall\UsernamePasswordFormAuthenticationListener;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\DependencyInjection\Container;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;

use AppBundle\Form\Type\LoginType;

class AuthListener extends UsernamePasswordFormAuthenticationListener
{
    /**
     *
     * @var Container
     */
    private $container;

    public function setContainer(Container $container)
    {
        $this->container = $container;
        return $this;
    }

    public function attemptAuthentication(Request $request)
    {
        /* @var $form \Symfony\Component\Form\Form */
        $form = $this->container->get('form.factory')->create(LoginType::class);
        $form->handleRequest($request);

        if(!$form->isValid()) {
            throw new BadCredentialsException('Invalid verification code.');
        }

        return parent::attemptAuthentication($request);
    }

}

## AuthSuccessHandler.php
<?php

namespace AppBundle\Form\Handler;

use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler;

class AuthSuccessHandler extends DefaultAuthenticationSuccessHandler
{
}

## services.yml
services:
    security.authentication.failure_handler:
        class: AppBundle\Form\Handler\AuthFailureHandler
        arguments:  ["@http_kernel", "@security.http_utils"]

    security.authentication.success_handler:
        class: AppBundle\Form\Handler\AuthSuccessHandler
        arguments:  ["@security.http_utils"]

    security.authentication.listener.form:
        class: AppBundle\Listener\AuthListener
        arguments:
            - "@security.token_storage"
            - "@security.authentication.manager"
            - "@security.authentication.session_strategy"
            - "@security.http_utils"
            - ""
            - "@security.authentication.failure_handler"
            - "@security.authentication.success_handler"
            - []
            - "@logger"
            - "@event_dispatcher"
        calls:
            - [setContainer, ["@service_container"]]
	<?php

	namespace AppBundle\Form\Handler;

	use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationFailureHandler;
	use Symfony\Component\HttpFoundation\Request;
	use Symfony\Component\Security\Core\Exception\AuthenticationException;

	class AuthFailureHandler extends DefaultAuthenticationFailureHandler
	{
	public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
	{
	$session = $request->getSession();
	$session->set('auth_fails', $session->get('auth_fails', 0) + 1);

	return parent::onAuthenticationFailure($request, $exception);
	}
	}
	<?php

	namespace AppBundle\Listener;

	use Symfony\Component\Security\Http\Firewall\UsernamePasswordFormAuthenticationListener;
	use Symfony\Component\HttpFoundation\Request;
	use Symfony\Component\DependencyInjection\Container;
	use Symfony\Component\Security\Core\Exception\BadCredentialsException;

	use AppBundle\Form\Type\LoginType;

	class AuthListener extends UsernamePasswordFormAuthenticationListener
	{
	/**
	*
	* @var Container
	*/
	private $container;

	public function setContainer(Container $container)
	{
	$this->container = $container;
	return $this;
	}

	public function attemptAuthentication(Request $request)
	{
	/* @var $form \Symfony\Component\Form\Form */
	$form = $this->container->get('form.factory')->create(LoginType::class);
	$form->handleRequest($request);

	if(!$form->isValid()) {
	throw new BadCredentialsException('Invalid verification code.');
	}

	return parent::attemptAuthentication($request);
	}

	}
	services:
	security.authentication.failure_handler:
	class: AppBundle\Form\Handler\AuthFailureHandler
	arguments: ["@http_kernel", "@security.http_utils"]

	security.authentication.success_handler:
	class: AppBundle\Form\Handler\AuthSuccessHandler
	arguments: ["@security.http_utils"]

	security.authentication.listener.form:
	class: AppBundle\Listener\AuthListener
	arguments:
	- "@security.token_storage"
	- "@security.authentication.manager"
	- "@security.authentication.session_strategy"
	- "@security.http_utils"
	- ""
	- "@security.authentication.failure_handler"
	- "@security.authentication.success_handler"
	- []
	- "@logger"
	- "@event_dispatcher"
	calls:
	- [setContainer, ["@service_container"]]