src/Controller/SecurityController.php line 33

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Repository\UserRepository;
  6. use App\Security\LoginFormAuthenticator;
  7. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  8. use Symfony\Component\HttpFoundation\Request;
  9. use Symfony\Component\HttpFoundation\Response;
  10. use Symfony\Component\Routing\Annotation\Route;
  11. use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;
  12. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  14. /**
  15.  * @Route("/{_locale}/auth")
  16.  */
  17. class SecurityController extends AbstractController
  18. {
  19.     /**
  20.      * @Route("/login", name="app_login")
  21.      */
  22.     public function login(AuthenticationUtils $authenticationUtils): Response
  23.     {
  24.         // if ($this->getUser()) {
  25.         //     return $this->redirectToRoute('target_path');
  26.         // }
  28.         // get the login error if there is one
  29.         $error $authenticationUtils->getLastAuthenticationError();
  30.         // last username entered by the user
  31.         $lastUsername $authenticationUtils->getLastUsername();
  33.         return $this->render('security/login.html.twig', ['last_username' => $lastUsername'error' => $error]);
  34.     }
  36.     /**
  37.      * @Route("/api-login", name="app_api_login")
  38.      */
  39.     public function apiLogin(LoginFormAuthenticator $authenticatorGuardAuthenticatorHandler $guardAuthenticatorHandlerRequest $requestUserRepository $userRepository): Response
  40.     {
  41.         if ($request->query->has('ucrd') && $request->query->has('signature')) {
  42.             parse_str(parse_url($request->getRequestUri(), PHP_URL_QUERY), $params);
  43.             $cipher 'aes256';
  44.             $ucrd openssl_decrypt($params['ucrd'], $cipher$_ENV['APP_SECRET'], 0$params['signature']);
  45.             if($ucrd!==false && null !== $ucrd){
  46.                 $ucrdData=json_decode($ucrd,true);
  47.                 if (isset($ucrdData['u']) && isset($ucrdData['p'])) {
  48.                     $user $userRepository->findOneBy(['email' => $ucrdData['u']]);
  49.                     if ($user) {
  50.                         // check Password
  51.                         if ($user->getPassword() === $ucrdData['p']) {
  52.                             $guardAuthenticatorHandler->authenticateUserAndHandleSuccess($user$request$authenticator'main');
  53.                             $roles=$user->getRoles();
  54.                             dd($roles);
  55.                             return $this->redirectToRoute('index');
  56.                         } else {
  57.                             // TODO: Fasches Passwort
  58.                             throw new \LogicException('Falsches Passwort ' "\n" .$ucrdData['p'] . "\n" $user->getPassword());
  59.                         }
  60.                     } else {
  61.                         // TODO: User existiert nicht
  62.                         throw new \LogicException('User ' $ucrdData['u'] . ' existiert nicht');
  63.                     }
  64.                 }
  65.             }
  66.         }
  67.         // TODO: Fehlende Url Parameter
  68.         throw new \LogicException('Fehlende Url Parameter');
  69.     }
  71.     /**
  72.      * @Route("/logout", name="app_logout")
  73.      */
  74.     public function logout()
  75.     {
  76.         throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
  77.     }
  78. }