src/Controller/SecurityController.php line 22

Open in your IDE?
  1. <?php
  2. namespace App\Controller;
  3. use App\Repository\UserRepository;
  4. use App\Security\LoginFormAuthenticator;
  5. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  6. use Symfony\Component\HttpFoundation\Request;
  7. use Symfony\Component\HttpFoundation\Response;
  8. use Symfony\Component\Routing\Annotation\Route;
  9. use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;
  10. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  11. /**
  12.  * @Route("/{_locale}/auth")
  13.  */
  14. class SecurityController extends AbstractController
  15. {
  16.     /**
  17.      * @Route("/login", name="app_login")
  18.      */
  19.     public function login(AuthenticationUtils $authenticationUtils): Response
  20.     {
  21.         // if ($this->getUser()) {
  22.         //     return $this->redirectToRoute('target_path');
  23.         // }
  24.         // get the login error if there is one
  25.         $error $authenticationUtils->getLastAuthenticationError();
  26.         // last username entered by the user
  27.         $lastUsername $authenticationUtils->getLastUsername();
  28.         return $this->render('security/login.html.twig', ['last_username' => $lastUsername'error' => $error]);
  29.     }
  30.     /**
  31.      * @Route("/api-login", name="app_api_login")
  32.      */
  33.     public function apiLogin(LoginFormAuthenticator $authenticatorGuardAuthenticatorHandler $guardAuthenticatorHandlerRequest $requestUserRepository $userRepository): Response
  34.     {
  35.         if ($request->query->has('ucrd') && $request->query->has('signature')) {
  36.             parse_str(parse_url($request->getRequestUri(), PHP_URL_QUERY), $params);
  37.             $cipher 'aes256';
  38.             $ucrd openssl_decrypt($params['ucrd'], $cipher$_ENV['APP_SECRET'], 0$params['signature']);
  39.             if($ucrd!==false && null !== $ucrd){
  40.                 $ucrdData=json_decode($ucrd,true);
  41.                 if (isset($ucrdData['u']) && isset($ucrdData['p'])) {
  42.                     $user $userRepository->findOneBy(['email' => $ucrdData['u']]);
  43.                     if ($user) {
  44.                         // check Password
  45.                         if ($user->getPassword() === $ucrdData['p']) {
  46.                             $guardAuthenticatorHandler->authenticateUserAndHandleSuccess($user$request$authenticator'main');
  47.                             $roles=$user->getRoles();
  48.                             dd($roles);
  49.                             return $this->redirectToRoute('index');
  50.                         } else {
  51.                             // TODO: Fasches Passwort
  52.                             throw new \LogicException('Falsches Passwort ' "\n" .$ucrdData['p'] . "\n" $user->getPassword());
  53.                         }
  54.                     } else {
  55.                         // TODO: User existiert nicht
  56.                         throw new \LogicException('User ' $ucrdData['u'] . ' existiert nicht');
  57.                     }
  58.                 }
  59.             }
  60.         }
  61.         // TODO: Fehlende Url Parameter
  62.         throw new \LogicException('Fehlende Url Parameter');
  63.     }
  64.     /**
  65.      * @Route("/logout", name="app_logout")
  66.      */
  67.     public function logout()
  68.     {
  69.         throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
  70.     }
  71. }