src/Infrastructure/Security/Auth/TokenAuthenticator.php line 56

Open in your IDE?
  1. <?php
  3. namespace App\Infrastructure\Security\Auth;
  5. use App\Application\EventBus\Event\User\UserAuthenticatedEvent;
  6. use App\Database\Domain\Repository\AccessTokenRepository;
  7. use App\Database\Domain\Repository\UserRepository;
  8. use App\Infrastructure\Messenger\EventBus\EventBusInterface;
  9. use Symfony\Component\HttpFoundation\Request;
  10. use Symfony\Component\HttpFoundation\Response;
  11. use Symfony\Component\HttpFoundation\JsonResponse;
  12. use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
  13. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  14. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  15. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  16. use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
  17. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  18. use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
  19. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\CustomCredentials;
  21. class TokenAuthenticator extends AbstractAuthenticator
  22. {
  23.     private AccessTokenRepository $accessTokenRepository;
  24.     private EventBusInterface $eventBus;
  25.     private UserRepository $userRepository;
  27.     public function __construct(
  28.         AccessTokenRepository $accessTokenRepository,
  29.         EventBusInterface $eventBus,
  30.         UserRepository $userRepository
  31.     ) {
  32.         $this->accessTokenRepository $accessTokenRepository;
  33.         $this->eventBus $eventBus;
  34.         $this->userRepository $userRepository;
  35.     }
  37.     public function supports(Request $request): ?bool
  38.     {
  39.         return $request->headers->has('X-AUTH-TOKEN') || $request->headers->has('X-NOT-REGISTERED-TOKEN');
  40.     }
  42.     public function authenticate(Request $request): ?Passport
  43.     {
  44.         if ($request->headers->get('X-AUTH-TOKEN')) {
  45.             $userBadge = new UserBadge($request->headers->get('X-AUTH-TOKEN'), function($token) {
  46.                 return $this->accessTokenRepository->findByToken($token)->getUser();
  47.             });
  48.         } else {
  49.             $userBadge = new UserBadge($request->headers->get('X-NOT-REGISTERED-TOKEN'), function($token) {
  50.                 return $this->userRepository->findOneBy(['notRegisteredToken' => $token]);
  51.             });
  52.         }
  54.         return new Passport(
  55.             $userBadge,
  56.             new CustomCredentials(function($input) {
  57.                 return true;
  58.             }, null)
  59.         );
  61.         throw new CustomUserMessageAuthenticationException('Failed to authenticate with given headers');
  62.     }
  64.     public function onAuthenticationSuccess(Request $requestTokenInterface $tokenstring $firewallName): ?Response
  65.     {
  66.         $this->eventBus->fire(new UserAuthenticatedEvent($token->getUser()));
  68.         return null;
  69.     }
  71.     public function onAuthenticationFailure(Request $requestAuthenticationException $exception): JsonResponse
  72.     {
  73.         return new JsonResponse(['errors' => [$exception->getMessage()]], Response::HTTP_FORBIDDEN);
  74.     }
  76.     public function start(Request $request, ?AuthenticationException $authException null): JsonResponse
  77.     {
  78.         return new JsonResponse(['message' => $authException->getMessage()], Response::HTTP_UNAUTHORIZED);
  79.     }
  80. }