src/Security/LoginFormAuthenticator.php line 78

Open in your IDE?
  1. <?php
  4. namespace App\Security;
  7. /* 
  8.     ---------------------------------------------------
  9.     v0.0001
  10.     28.9.2020 (Maša)
  11.     - prva verzija .. dodan tehnolog
  12.     ---------------------------------------------------
  13.     v0.0002
  14.     22.2.2021 (Borut)
  15.     Dodan modul v tabeli zaposleni
  16.     ---------------------------------------------------
  17. */
  19. use Symfony\Component\HttpFoundation\RedirectResponse;
  20. use Symfony\Component\HttpFoundation\Request;
  21. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  22. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  23. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  24. use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
  25. use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException;
  26. use Symfony\Component\Security\Core\Security;
  27. use Symfony\Component\Security\Core\User\UserInterface;
  28. use Symfony\Component\Security\Core\User\UserProviderInterface;
  29. use Symfony\Component\Security\Csrf\CsrfToken;
  30. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  31. use Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator;
  32. use Symfony\Component\Security\Guard\PasswordAuthenticatedInterface;
  33. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  34. use Doctrine\DBAL\Connection;
  36. class LoginFormAuthenticator extends AbstractFormLoginAuthenticator implements PasswordAuthenticatedInterface
  37. {
  38.     use TargetPathTrait;
  40.     private $urlGenerator;
  41.     private $csrfTokenManager;
  42.     private $passwordEncoder;
  43.     private $dbconnection;
  45.     public function __construct(UrlGeneratorInterface $urlGeneratorCsrfTokenManagerInterface $csrfTokenManagerUserPasswordEncoderInterface $passwordEncoderConnection $connection)
  46.     {
  47.         $this->urlGenerator $urlGenerator;
  48.         $this->csrfTokenManager $csrfTokenManager;
  49.         $this->passwordEncoder $passwordEncoder;
  50.         $this->dbconnection $connection;
  51.     }
  53.     public function supports(Request $request)
  54.     {
  55.         return 'app_login' === $request->attributes->get('_route')
  56.             && $request->isMethod('POST');
  57.     }
  59.     public function getCredentials(Request $request)
  60.     {
  61.         $credentials = [
  62.             'username' => $request->request->get('username'),
  63.             'password' => $request->request->get('password'),
  64.             'csrf_token' => $request->request->get('_csrf_token'),
  65.         ];
  66.         $request->getSession()->set(
  67.             Security::LAST_USERNAME,
  68.             $credentials['username']
  69.         );
  71.         return $credentials;
  72.     }
  74.     public function getUser($credentialsUserProviderInterface $userProvider)
  75.     {
  76.         $token = new CsrfToken('authenticate'$credentials['csrf_token']);
  77.         if (!$this->csrfTokenManager->isTokenValid($token)) {
  78.             throw new InvalidCsrfTokenException();
  79.         }
  81.         // Load / create our user however you need.
  82.         // You can do this by calling the user provider, or with custom logic here.
  83.         //$roles[] = array();        
  84.         $lUserName $credentials['username'];
  85.         $lQuery "SELECT * FROM users u, companies c WHERE u.user_username ='$lUserName' AND u.user_status = 1 AND u.company_id = c.company_id";
  86.         
  87.         $lSqlUser $this->dbconnection->fetchAllAssociative($lQuery);
  88.         foreach ($lSqlUser as $userdata)
  89.         {   
  90.              $lQuery "SELECT * FROM actions WHERE ROLE_SUPERUSER = 1";
  91.                 $lSqlAkcije $this->dbconnection->fetchAllAssociative($lQuery);
  92.                 foreach ($lSqlAkcije as $akcije)
  93.                 {
  94.                     $roles[] = $akcije['akcije_rola'];
  95.                 }
  96.             
  97.             $user = new User();
  98.             $user->setUsername($userdata['user_username']);
  99.             $user->setId($userdata['user_id']);
  100.             $user->setName($userdata['user_name'] . ' ' $userdata['user_surname']);
  101.             $user->setPassword($userdata['user_password']);
  102.             $user->setEmail($userdata['user_email']);
  103.             $user->setModul($userdata['user_modul']);
  104.             $user->setCompany($userdata['company_id']);
  105.             $user->setFolder($userdata['company_folder']);
  106.             $user->setCompanyName($userdata['company_name']);
  107.             
  109.             
  110.             $roles[] ='ROLE_ADMIN';
  111.             $user->setRoles($roles);
  112.             
  113.             //file_put_contents("session.log", "/var/www/nota/uploads/moxiemanager/company/". $user->getFolder() . "/files/");
  114.             $_SESSION['filesystem.rootpath']="/var/www/nota/public/vendors/tinymce/js/tinymce/plugins/moxiemanager/data/files/"$user->getFolder();
  115.             //$_SESSION['filesystem.local.wwwroot']="/var/www/html/";
  116.         }
  117.         
  118.         if(empty($user)) 
  119.         {
  120.             throw new CustomUserMessageAuthenticationException('Uporabnik ne obstaja.');
  121.         }
  122.         
  125.         //$user = $userProvider->loadUserByUsername($credentials['username']);
  127.         
  128.         
  129.         //$user->setName('Borut Kacin');
  130.         //$user->setEmail('borut.kacin@gmail.com');
  131.         //$user->setId('10');
  132.         
  134.         /*if (!$user) {
  135.             // fail authentication with a custom error
  136.             throw new CustomUserMessageAuthenticationException('Uporabnik ne obstaja.');
  137.         }*/
  139.         return $user;
  140.     }
  142.     public function checkCredentials($credentialsUserInterface $user)
  143.     {
  144.         //dd($user);
  145.         //file_put_contents("avtorizacija5.log", print_r($user, true));
  146.         //file_put_contents("avtorizacija6.log", print_r($credentials, true));
  147.         
  148.         //$bla = $this->passwordEncoder->isPasswordValid($user, $credentials['password']);
  149.         //file_put_contents("avtorizacija7.log", print_r($bla, true));
  150.         //return $this->passwordEncoder->isPasswordValid($user, $credentials['password']);
  152.         $valid false;
  153.         
  154.         
  156.         file_put_contents("user.log"print_r($user->getUserName(), true));
  157.         
  158.         
  159.             
  160.         $valid $this->passwordEncoder->isPasswordValid($user$credentials['password']);
  161.         
  164.         return $valid;
  165.     }
  167.     /**
  168.      * Used to upgrade (rehash) the user's password automatically over time.
  169.      */
  170.     public function getPassword($credentials): ?string
  171.     {
  172.         return $credentials['password'];
  173.     }
  175.     public function onAuthenticationSuccess(Request $requestTokenInterface $token$providerKey)
  176.     {
  178.         
  179.         if ($targetPath $this->getTargetPath($request->getSession(), $providerKey)) {
  180.             return new RedirectResponse($targetPath);
  181.         }
  183.         return new RedirectResponse($this->urlGenerator->generate('content'));
  184.         // For example : return new RedirectResponse($this->urlGenerator->generate('some_route'));
  185.         throw new \Exception('TODO: provide a valid redirect inside '.__FILE__);
  186.     }
  188.     protected function getLoginUrl()
  189.     {
  190.         return $this->urlGenerator->generate('app_login');
  191.     }
  192. }