src/AppBundle/EventListener/AuthenticationSuccessListener.php line 74

Open in your IDE?
  1. <?php
  3. namespace AppBundle\EventListener;
  5. use AppBundle\Entity\User;
  6. use CodersLab\Lms\SharedKernel\Application\Command\UpdateUserLanguage;
  7. use CodersLab\Lms\SharedKernel\Application\Listener\IAuthenticationListener;
  8. use CodersLab\Lms\SharedKernel\Common\Exception\UserMismatchException;
  9. use CodersLab\Lms\SharedKernel\Domain\Bus\CommandBus;
  10. use CodersLab\Lms\SharedKernel\Domain\IdentityAccess\UserLanguage;
  11. use DateInterval;
  12. use DateTime;
  13. use Lexik\Bundle\JWTAuthenticationBundle\Encoder\JWTEncoderInterface;
  14. use Lexik\Bundle\JWTAuthenticationBundle\Exception\JWTDecodeFailureException;
  15. use Lexik\Bundle\JWTAuthenticationBundle\Services\JWTTokenManagerInterface;
  16. use Symfony\Component\HttpFoundation\Cookie;
  17. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  18. use Symfony\Component\HttpKernel\Event\ResponseEvent;
  19. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  20. use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
  22. final class AuthenticationSuccessListener implements IAuthenticationListener
  23. {
  24.     private const JWT_ATTRIBUTE_NAME 'jwt';
  27.     private JWTTokenManagerInterface $jwtManager;
  28.     private JWTEncoderInterface $JWTEncoder;
  29.     private TokenStorageInterface $tokenStorage;
  30.     private SessionInterface $session;
  31.     private CommandBus $commandBus;
  33.     public function __construct(
  34.         JWTTokenManagerInterface $jwtManager,
  35.         JWTEncoderInterface $JWTEncoder,
  36.         TokenStorageInterface $tokenStorage,
  37.         SessionInterface $session,
  38.         CommandBus $commandBus
  39.     ) {
  40.         $this->jwtManager $jwtManager;
  41.         $this->JWTEncoder $JWTEncoder;
  42.         $this->tokenStorage $tokenStorage;
  43.         $this->session $session;
  44.         $this->commandBus $commandBus;
  45.     }
  47.     public function onSecurityInteractiveLogin(InteractiveLoginEvent $event): void
  48.     {
  49.         $request $event->getRequest();
  50.         $jwt $request->cookies->get(IAuthenticationListener::COOKIE_NAME'');
  51.         $sessionUser $this->tokenStorage->getToken()->getUser();
  52.         try {
  53.             $token $this->JWTEncoder->decode($jwt);
  54.             if ($sessionUser->getUsername() !== $token['username']) {
  55.                 throw new UserMismatchException();
  56.             }
  57.         } catch (JWTDecodeFailureException UserMismatchException $exception) {
  58.             /** @var User $user */
  59.             $user $event->getAuthenticationToken()->getUser();
  60.             $jwt $this->jwtManager->create($user);
  61.             if ($this->session->get('_locale') !== null) {
  62.                 $this->commandBus->dispatch(
  63.                     new UpdateUserLanguage(
  64.                         $user->getId(),
  65.                         new UserLanguage($this->session->get('_locale'))
  66.                     )
  67.                 );
  68.             }
  69.         }
  71.         $request->attributes->set(self::JWT_ATTRIBUTE_NAME$jwt);
  72.     }
  74.     public function onKernelResponse(ResponseEvent $event): void
  75.     {
  76.         $attributes $event->getRequest()->attributes;
  78.         if (!$attributes->has(self::JWT_ATTRIBUTE_NAME)) {
  79.             return;
  80.         }
  82.         $cookie = new Cookie(
  83.             IAuthenticationListener::COOKIE_NAME,
  84.             $attributes->get(self::JWT_ATTRIBUTE_NAME),
  85.             (new DateTime())->add(new DateInterval('P365D')),
  86.             '/',
  87.             null,
  88.             false,
  89.             false
  90.         );
  91.         $headers $event->getResponse()->headers;
  92.         $headers->setCookie($cookie);
  93.     }
  94. }