parent
0c861870c8
commit
d13a6c4a6e
@ -1,31 +1,47 @@
|
||||
<?php
|
||||
|
||||
namespace App\DataFixtures;
|
||||
|
||||
use App\Entity\User;
|
||||
use Doctrine\Bundle\FixturesBundle\Fixture;
|
||||
use Doctrine\Common\Persistence\ObjectManager;
|
||||
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
|
||||
|
||||
class UserFixtures extends Fixture
|
||||
{
|
||||
|
||||
public const ADMIN_USER_REFERENCE = 'admin-user';
|
||||
public const DUMMY_USER_REFERENCE = 'dummy-user';
|
||||
|
||||
public const DUDE_USER_REFERENCE = 'dummy-user';
|
||||
|
||||
private $passwordEncoder;
|
||||
|
||||
public function __construct(UserPasswordEncoderInterface $passwordEncoder)
|
||||
{
|
||||
$this->passwordEncoder = $passwordEncoder;
|
||||
}
|
||||
|
||||
public function load(ObjectManager $manager)
|
||||
{
|
||||
$userAdmin = new User();
|
||||
$userAdmin->setName('admin');
|
||||
$userAdmin->setPassword('123456789');
|
||||
$userAdmin->setUsername('admin');
|
||||
$this->setPassword($userAdmin, '123456789');
|
||||
$userAdmin->setApiToken('ItsHammerTime!');
|
||||
$manager->persist($userAdmin);
|
||||
|
||||
$userDummy = new User();
|
||||
$userDummy->setName('dummy');
|
||||
$userDummy->setPassword('1234');
|
||||
$manager->persist($userDummy);
|
||||
$userDude = new User();
|
||||
$userDude->setUsername('dude');
|
||||
$this->setPassword($userDude, '1234');
|
||||
$userDude->setApiToken('ItsDuderzeit!');
|
||||
$manager->persist($userDude);
|
||||
|
||||
$manager->flush();
|
||||
|
||||
$this->addReference(self::ADMIN_USER_REFERENCE, $userAdmin);
|
||||
$this->addReference(self::DUMMY_USER_REFERENCE, $userDummy);
|
||||
$this->addReference(self::DUDE_USER_REFERENCE, $userDude);
|
||||
}
|
||||
|
||||
private function setPassword(User& $user, string $plainPassword): void
|
||||
{
|
||||
$user->setPassword($this->passwordEncoder->encodePassword($user, $plainPassword));
|
||||
}
|
||||
}
|
||||
|
@ -0,0 +1,98 @@
|
||||
<?php
|
||||
|
||||
namespace App\Security;
|
||||
|
||||
use App\Entity\User;
|
||||
use Doctrine\ORM\EntityManagerInterface;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\JsonResponse;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Security\Core\User\UserInterface;
|
||||
use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Exception\AuthenticationException;
|
||||
use Symfony\Component\Security\Core\User\UserProviderInterface;
|
||||
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||
use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
|
||||
|
||||
class TokenAuthenticator extends AbstractGuardAuthenticator
|
||||
{
|
||||
private $em;
|
||||
|
||||
public function __construct(EntityManagerInterface $em)
|
||||
{
|
||||
$this->em = $em;
|
||||
}
|
||||
|
||||
/**
|
||||
* Called on every request to decide if this authenticator should be
|
||||
* used for the request. Returning false will cause this authenticator
|
||||
* to be skipped.
|
||||
*/
|
||||
public function supports(Request $request)
|
||||
{
|
||||
return $request->headers->has('X-AUTH-TOKEN');
|
||||
}
|
||||
|
||||
/**
|
||||
* Called on every request. Return whatever credentials you want to
|
||||
* be passed to getUser() as $credentials.
|
||||
*/
|
||||
public function getCredentials(Request $request)
|
||||
{
|
||||
return array(
|
||||
'token' => $request->headers->get('X-AUTH-TOKEN'),
|
||||
);
|
||||
}
|
||||
|
||||
public function getUser($credentials, UserProviderInterface $userProvider)
|
||||
{
|
||||
$apiToken = $credentials['token'];
|
||||
|
||||
if (null === $apiToken) {
|
||||
return;
|
||||
}
|
||||
|
||||
// if a User object, checkCredentials() is called
|
||||
return $this->em->getRepository(User::class)
|
||||
->findOneBy(['apiToken' => $apiToken]);
|
||||
}
|
||||
|
||||
public function checkCredentials($credentials, UserInterface $user)
|
||||
{
|
||||
// check credentials - e.g. make sure the password is valid
|
||||
// no credential check is needed in this case
|
||||
|
||||
// return true to cause authentication success
|
||||
return true;
|
||||
}
|
||||
|
||||
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
|
||||
{
|
||||
// on success, let the request continue
|
||||
return null;
|
||||
}
|
||||
|
||||
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
|
||||
{
|
||||
$message = strtr($exception->getMessageKey(), $exception->getMessageData());
|
||||
// or to translate this message
|
||||
// $this->translator->trans($exception->getMessageKey(), $exception->getMessageData())
|
||||
|
||||
// This should translated by FOSRestBundle!
|
||||
throw new AccessDeniedHttpException($message);
|
||||
}
|
||||
|
||||
/**
|
||||
* Called when authentication is needed, but it's not sent
|
||||
*/
|
||||
public function start(Request $request, AuthenticationException $authException = null)
|
||||
{
|
||||
throw new UnauthorizedHttpException('', 'Authentication Required');
|
||||
}
|
||||
|
||||
public function supportsRememberMe()
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
@ -0,0 +1,12 @@
|
||||
<?php
|
||||
|
||||
namespace Tests\App;
|
||||
|
||||
use Symfony\Component\BrowserKit\Client;
|
||||
use Symfony\Component\DomCrawler\Crawler;
|
||||
|
||||
|
||||
class ClientRequestBuilder
|
||||
{
|
||||
}
|
||||
|
Loading…
Reference in new issue