wouterj/0-the-case.md

## 0-the-case.md

      
    Raw
  

              0-the-case.md
            
          
    Every request, get the current logged in user (on the PC, no idea how they plan to implement this) and authenticate this user in the app (creating a new user if it doesn't exists yet).

  
## 1-old-security.php
<?php

class CurrentUserProvider implements UserProviderInterface
{
    // ...

    public function loadByUsername($username)
    {
        $user = $this->someBackend->findByUsername($username);

        if (null === $user) {
            $user = new User($username, null);
            $this->someBackend->saveUser($user);

            return $user;
        }

        return $user;
    }

    public function refreshUser(UserInterfacee $user)
    {
        if (!$user instanceof CurrentUser)
            throw new UnsupportedUserException;

        return $this->someBackend->findByUsername($user->username());
    }

    public function supports($class)
    {
        return $class === CurrentUser::class;
    }
}

class CurrentUserAuthentication implements SimplePreAuthenticatorInterface
{
    // get current logged in user and return the token
    public function createToken(Request $request, $providerKey)
    {
        return new PreAuthenticatedToken(get_user(), '', $providerKey);
    }

    // authenticate the previously created token
    public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
    {
        $username = $token->getUsername();

        if ('' === $username) {
            return;
        }
        $user = $userProvider->loadByUsername($username);

        return new PreAuthenticatedToken($user, null, $providerKey, $user->getRoles());
    }

    public function supportsToken(TokenInterface $token, $providerKey)
    {
        return $token instanceof PreAuthenticatedToken && $providerKey === $token->getProviderKey();
    }
}

## 2-guard-security.php
<?php

class CurrentUserAuthenticator extends AbstractGuardAuthenticator
{
    // ...

    public function getCredentials(Request $request)
    {
        return ['username' => get_user()];
    }

    public function getUser($credentials, UserProviderInterface $userProvider)
    {
        $user = $this->someBackend->findByUsername($credentials['username']);

        if (null === $user) {
            $user = new User($credentials['username'], null);
            $this->someBackend->saveUser($user);

            return $user;
        }

        return $user;
    }

    public function checkCredentials($credentials, UserInterface $user)
    {
        return true;
    }

    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
    {
        return null;
    }

    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
    {
        return new Response('Bummer! Authentication failed...', 403);
    }

    public function supportsRememberMe()
    {
        return false;
    }
}
	<?php

	class CurrentUserProvider implements UserProviderInterface
	{
	// ...

	public function loadByUsername($username)
	{
	$user = $this->someBackend->findByUsername($username);

	if (null === $user) {
	$user = new User($username, null);
	$this->someBackend->saveUser($user);

	return $user;
	}

	return $user;
	}

	public function refreshUser(UserInterfacee $user)
	{
	if (!$user instanceof CurrentUser)
	throw new UnsupportedUserException;

	return $this->someBackend->findByUsername($user->username());
	}

	public function supports($class)
	{
	return $class === CurrentUser::class;
	}
	}

	class CurrentUserAuthentication implements SimplePreAuthenticatorInterface
	{
	// get current logged in user and return the token
	public function createToken(Request $request, $providerKey)
	{
	return new PreAuthenticatedToken(get_user(), '', $providerKey);
	}

	// authenticate the previously created token
	public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
	{
	$username = $token->getUsername();

	if ('' === $username) {
	return;
	}
	$user = $userProvider->loadByUsername($username);

	return new PreAuthenticatedToken($user, null, $providerKey, $user->getRoles());
	}

	public function supportsToken(TokenInterface $token, $providerKey)
	{
	return $token instanceof PreAuthenticatedToken && $providerKey === $token->getProviderKey();
	}
	}
	<?php

	class CurrentUserAuthenticator extends AbstractGuardAuthenticator
	{
	// ...

	public function getCredentials(Request $request)
	{
	return ['username' => get_user()];
	}

	public function getUser($credentials, UserProviderInterface $userProvider)
	{
	$user = $this->someBackend->findByUsername($credentials['username']);

	if (null === $user) {
	$user = new User($credentials['username'], null);
	$this->someBackend->saveUser($user);

	return $user;
	}

	return $user;
	}

	public function checkCredentials($credentials, UserInterface $user)
	{
	return true;
	}

	public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
	{
	return null;
	}

	public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
	{
	return new Response('Bummer! Authentication failed...', 403);
	}

	public function supportsRememberMe()
	{
	return false;
	}
	}