src/EventListener/AuthenticationListener.php line 95

Open in your IDE?
  1. <?php
  3. namespace App\EventListener;
  5. use Doctrine\ORM\EntityManagerInterface;
  6. use Doctrine\ORM\EntityManager;
  7. use Psr\Log\LoggerInterface;
  8. use App\Entity\Auth\LoginAttempt;
  9. use App\Entity\User;
  10. use App\Repository\Auth\LoginAttemptRepository;
  11. use App\Service\Auth\LoginAttemptService;
  12. use Symfony\Component\DependencyInjection\ContainerInterface;
  13. use Symfony\Component\HttpFoundation\RedirectResponse;
  14. use Symfony\Component\HttpFoundation\Request;
  15. use Symfony\Component\HttpFoundation\RequestStack;
  16. use Symfony\Component\HttpFoundation\Response;
  17. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  18. use Symfony\Component\Security\Core\Event\AuthenticationEvent;
  19. use Symfony\Component\Security\Core\Event\AuthenticationFailureEvent;
  20. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  21. use Symfony\Component\Security\Core\User\UserInterface;
  22. use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
  23. use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
  24. use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
  27. /**
  28.  * Class AuthenticationListener
  29.  * @see https://www.nomisoft.co.uk/articles/symfony-fail2ban-ip-blocking
  30.  * @see https://packagist.org/packages/anyx/login-gate-bundle#0.5
  31.  */
  32. class AuthenticationListener // implements AuthenticationSuccessHandlerInterface, AuthenticationFailureHandlerInterface
  33. {
  34.     /** @var null|ContainerInterface */
  35.     private $container null;
  37.     /**
  38.      * @var EntityManagerInterface
  39.      */
  40.     private $em;
  42.     /**
  43.      * @var LoggerInterface
  44.      */
  45.     private $logger;
  47.     /**
  48.      * @var RequestStack
  49.      */
  50.     private $requestStack;
  52.     /**
  53.      * @var Request
  54.      */
  55.     private $request;
  57.     /**
  58.      * @var LoginAttemptService
  59.      */
  60.     private $loginAttemptService;
  62.     private $token;
  64.     /**
  65.      * @param ContainerInterface $container
  66.      * @param EntityManagerInterface $em
  67.      * @param LoggerInterface $logger
  68.      * @param RequestStack $request
  69.      */
  70.     public function __construct(ContainerInterface $containerEntityManagerInterface $emRequestStack $requestStackLoggerInterface $loggerLoginAttemptService $loginAttemptService)
  71.     {
  72.         $this->container $container;
  73.         $this->em $em;
  74.         $this->requestStack $requestStack;
  75.         $this->request $requestStack->getCurrentRequest();
  76.         $this->logger $logger;
  78.         $this->loginAttemptService $loginAttemptService;
  79.     }
  81.     public function onSecurityInteractiveLogin(InteractiveLoginEvent $event)
  82.     {
  83.         $this->token $event->getAuthenticationToken();
  84.         // $request = $event->getRequest();
  86.         // $this->onAuthenticationSuccess($request, $token);
  87.         // $this->onAuthenticationFailure($request, null);
  89.         $canLogin $this->loginAttemptService->canLogin($this->request);
  91.         // dump(@compact('canLogin'));
  92.         $this->logger->info(sprintf("canLogin = %d"$canLogin));
  93.     }
  95.     public function onAuthenticationSuccess(AuthenticationEvent $event// , Request $request, TokenInterface $token
  96.     {
  97.         $this->token $event->getAuthenticationToken();
  99.         if ($this->token && $this->token->getUser() instanceof UserInterface) {
  100.             $loginAttempt = new LoginAttempt();
  101.             $loginAttempt->setUser($this->token->getUser());
  102.             $loginAttempt->setIpAddress($this->request->getClientIp());
  103.             $loginAttempt->setUsername($this->request->get('_username'));
  105.             $this->em->persist($loginAttempt);
  106.             $this->em->flush();
  108.             // $this->loginAttemptService->clearCountAttempts($this->request, $this->token->getUser());
  109.             $this->loginAttemptService->clearCountAttempts($this->request$this->token->getUser()->getUsername());
  111.             return new RedirectResponse($this->container->get('router')->generate('home_page'));
  112.         }
  114.         if ($this->request->headers->get('referer')) {
  115.             return new RedirectResponse($this->request->headers->get('referer'));
  116.         }
  118.         return new RedirectResponse($this->container->get('router')->generate('app_login'));
  119.     }
  121.     /**
  122.      * {@inheritdoc}
  123.      */
  124.     public function onAuthenticationFailure(AuthenticationFailureEvent $event// Request $request, AuthenticationException $exception
  125.     {
  126.         $exception $event->getAuthenticationException();
  128.         $data = [
  129.             'exception' => $exception->getMessage(),
  130.             'clientIp'  => $this->request->getClientIp(),
  131.             'sessionId' => $this->request->getSession()->getId()
  132.         ];
  134.         $ipAddress $this->request->getClientIp();
  135.         $this->logger->error('Authentication failed for IP: ' $ipAddress);
  137.         $this->loginAttemptService->addAttemptByUsername($this->request->get('_username')== null ?"" $this->request->get('_username'), $data);
  139.         return new RedirectResponse($this->container->get('router')->generate('app_login'));
  140.     }
  142.     
  143. }