src/Security/LoginAuthenticator.php line 47

Open in your IDE?
  1. <?php
  2. // src/Security/LoginFormAuthenticator.php
  3. namespace App\Security;
  5. use App\Entity\ApiToken;
  6. use App\Entity\Log;
  7. use App\Entity\User;
  8. use App\Document\Entities;
  9. use DateTime;
  10. use Doctrine\ODM\MongoDB\DocumentManager;
  11. use Doctrine\ORM\EntityManager;
  12. use Doctrine\ORM\EntityManagerInterface;
  13. use Symfony\Component\HttpFoundation\JsonResponse;
  14. use Symfony\Component\HttpFoundation\RedirectResponse;
  15. use Symfony\Component\HttpFoundation\Request;
  16. use Symfony\Component\Routing\RouterInterface;
  17. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  18. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  19. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  20. use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
  21. use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException;
  22. use Symfony\Component\Security\Core\Security;
  23. use Symfony\Component\Security\Core\User\UserInterface;
  24. use Symfony\Component\Security\Core\User\UserProviderInterface;
  25. use Symfony\Component\Security\Csrf\CsrfToken;
  26. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  27. use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
  28. use Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator;
  29. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  30. use Symfony\Component\HttpFoundation\Response;
  32. class LoginAuthenticator extends AbstractGuardAuthenticator
  33. {
  34.     use TargetPathTrait;
  36.     private $entityManager;
  37.     private $router;
  38.     private $csrfTokenManager;
  39.     private $passwordEncoder;
  41.     public function __construct(DocumentManager $dm,EntityManagerInterface $entityManagerRouterInterface $routerCsrfTokenManagerInterface $csrfTokenManagerUserPasswordEncoderInterface $passwordEncoder)
  42.     {
  43.         $this->entityManager $entityManager;
  44.         $this->router $router;
  45.         $this->csrfTokenManager $csrfTokenManager;
  46.         $this->passwordEncoder $passwordEncoder;
  47.         $this->dm=$dm;
  48.     }
  50.     public function supports(Request $request)
  51.     {
  53.         return 'account_login' === $request->attributes->get('_route')
  54.             && $request->isMethod('POST');
  55.     }
  57.     public function getCredentials(Request $request)
  58.     {
  59.         if ($request->request->get('type') == 'facebook') {
  60.             $credentials = [
  61.                 'type' => $request->request->get('type'),
  62.                 'idUser' => $request->request->get('idUser'),
  63.                 'accessToken' => $request->request->get('tokenFacebook'),
  64.             ];
  65.         }
  66.         elseif($request->request->get('type')=='google'){
  68.             $credentials = [
  69.                 'accessToken' => $request->request->get('accessToken'),
  70.                 'idUser' => $request->request->get('idUser'),
  71.                 'type' => $request->request->get('type'),
  72.             ];
  73.         }
  74.         else {
  75.             $credentials = [
  76.                 'email' => $request->request->get('email'),
  77.                 'password' => $request->request->get('password'),
  78.                 'role' => $request->request->get('role')
  79.             ];
  80.         }
  81.         return $credentials;
  82.     }
  84.     public function getUser($credentialsUserProviderInterface $userProvider)
  85.     {
  87.         if (array_key_exists("type"$credentials) && $credentials['type'] == 'facebook') {
  88.             $user $this->entityManager->getRepository(User::class)->findOneBy(['facebook_id' => $credentials['idUser']]);
  89.         }
  90.         
  91.         elseif(array_key_exists("type"$credentials) && $credentials['type'] == 'google')
  92.         {
  93.             $user $this->entityManager->getRepository(User::class)->findOneBy(['google_id' => $credentials['idUser']]);
  94.         }
  95.         else {
  96.             $user $this->entityManager->getRepository(User::class)->findOneBy(['email' => $credentials['email']]);
  97.         }
  98.         if (!$user) {
  100.             throw new CustomUserMessageAuthenticationException('Login incorrecte');
  101.         } else if ($user->getIsActive() == false) {
  103.             throw new CustomUserMessageAuthenticationException('compte innactive');
  104.         } else if ($user->getIsBlocked() == true) {
  105.             throw new CustomUserMessageAuthenticationException('compte supprimé');
  106.         }
  107.         return $user;
  108.     }
  110.     public function checkCredentials($credentialsUserInterface $user)
  111.     {
  113.         if (array_key_exists("type"$credentials) && $credentials['type'] == 'facebook') {
  114.             return $this->facebook_check($credentials);
  115.         }
  116.         elseif(array_key_exists("type"$credentials) && $credentials['type'] == 'google')
  117.        {
  119.         return $this->google_check($credentials);
  120.        }
  121.        else{
  124.         $hasRole=$this->checkRole($credentials['email'],$credentials['role']);
  125.         if($hasRole)
  126.         {
  127.             return $this->passwordEncoder->isPasswordValid($user$credentials['password']);
  128.         }
  129.         else{
  130.             return false;
  131.         }
  132.        
  134.        }
  136.      
  137.     }
  139.     public function checkRole($email,$role)
  140.     {
  142.         $user $this->entityManager->getRepository(User::class)->findOneBy(['email' => $email]);
  144.         if($user)
  145.         {
  146.             if (in_array($role$user->getRoles())) {
  147.                 return true;
  148.             }
  149.             else{
  150.                 return false;
  151.             }
  153.         }
  154.         else{
  155.             return false;
  156.         }
  158.     }
  159.     public function facebook_check($credentials)
  160.     {
  162.         $token $credentials['tokenFacebook'];
  163.         // Get the token's FB app info.
  164.         $tokenAppResp file_get_contents('https://graph.facebook.com/app/?access_token=' $token);
  165.         //   var_dump($tokenAppResp);
  166.         if (!$tokenAppResp) {
  167.             return false;
  168.         }
  169.         // Make sure it's the correct app.
  170.         $tokenApp json_decode($tokenAppResptrue);
  171.         if (!$tokenApp || !isset($tokenApp['id']) || $tokenApp['id'] != 654143709352565) {
  172.             return false;
  173.         }
  174.         // Get the token's FB user info.
  175.         $tokenUserResp file_get_contents('https://graph.facebook.com/me/?access_token=' $token);
  176.         // var_dump($tokenUserResp);
  177.         if (!$tokenUserResp) {
  178.             return false;
  179.         }
  180.         // Try to fetch user by it's token ID, create it otherwise.
  181.         $tokenUser json_decode($tokenUserResptrue);
  182.         if (!$tokenUser || !isset($tokenUser['id'])) {
  183.             return false;
  184.         }
  185.         if ($tokenUser['id'] == $credentials['idUser']) {
  186.             return true;
  187.         } else {
  188.             return false;
  189.         }
  190.     }
  193.     public function google_check($credentials)
  194.     {
  196.         $token $credentials['accessToken'];
  197.         // Get the token's FB app info.
  198.        
  199.         // Get the token's FB user info.
  200.         $tokenUserResp file_get_contents('https://www.googleapis.com/oauth2/v3/tokeninfo?access_token=' $token);
  201.         // var_dump($tokenUserResp);
  202.         if (!$tokenUserResp) {
  203.             return false;
  204.         }
  205.         // Try to fetch user by it's token ID, create it otherwise.
  206.         $tokenUser json_decode($tokenUserResptrue);
  207.         if (!$tokenUser || !isset($tokenUser['sub'])) {
  208.             return false;
  209.         }
  210.         if ($tokenUser['sub'] == $credentials['idUser']) {
  211.             return true;
  212.         } else {
  213.             return false;
  214.         }
  215.     }
  216.     public function onAuthenticationSuccess(Request $requestTokenInterface $token$providerKey)
  217.     {
  219.         $auth_user $token->getUser();
  221.         $apiT = new ApiToken($auth_user);
  222.         # if($request->has('device_token')){
  223. //        $apiT->setDeviceTokken($request->get('device_token'));
  224.         #}
  225.         $this->entityManager->persist($apiT);
  226.         $this->entityManager->flush();
  229.         $acountMongo $this->dm->getRepository(Entities::class)->find($auth_user->getUserIdentifier());
  230.         $checkAdresseLivraison=false;
  231.         if($acountMongo)
  232.         {
  234.             if($acountMongo)
  235.             {
  236.                 if($acountMongo->getExtraPayload()['timeLivraison']==""||$acountMongo->getExtraPayload()['tempsLivraison'])
  237.                 {
  238.                     $comptes $this->dm->createQueryBuilder(Entities::class)
  239.                     ->field('name')->equals('comptes')
  240.                     ->field('extraPayload.Identifiant')->equals($auth_user->getUserIdentifier())
  241.                     ->findAndUpdate()
  242.                     ->field('extraPayload.timeLivraison')->set("Now")
  243.                     ->field('extraPayload.tempsLivraison')->set("Midi")
  244.                     ->getQuery()
  245.                     ->execute();
  246.                 }
  248.                 $adresseLivraison $this->dm->createQueryBuilder(Entities::class)
  249.                 ->field('name')->equals('adresseLivraison')
  250.                 ->field('extraPayload.linkedCompte')->equals($auth_user->getUserIdentifier())
  251.                 ->getQuery()
  252.                 ->getSingleResult();
  254.                 if($adresseLivraison)
  255.                 {
  256.                     $checkAdresseLivraison=true;
  257.                 }
  259.             }
  261.         }
  266.         return new JsonResponse(['checkAdresseLivraison'=>$checkAdresseLivraison,'token' => $apiT->getToken(),'identifiantMongo'=>$auth_user->getUserIdentifier(), 'role' => $auth_user->getRoles(), 'message' => 'login success'200, [], true]);
  267.     }
  268.     // on failure, that authenticator class is calling getLoginUrl() and trying to redirect there. 
  269.     protected function getLoginUrl()
  270.     {
  271.         return $this->router->generate('account_login');
  272.     }
  274.     public function start(Request $requestAuthenticationException $authException null)
  275.     {
  276.         // TODO: Implement start() method.
  277.         return new Response('must been authenticated');
  278.     }
  280.     public function onAuthenticationFailure(Request $requestAuthenticationException $exception)
  281.     {
  282.         return new JsonResponse([
  283.             'message' => $exception->getMessageKey()
  284.         ], 401);
  285.     }
  287.     public function supportsRememberMe()
  288.     {
  289.         // TODO: Implement supportsRememberMe() method.
  290.     }
  291. }