vendor/sonata-project/user-bundle/src/Action/LoginAction.php line 112

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. /*
  6.  * This file is part of the Sonata Project package.
  7.  *
  8.  * (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
  9.  *
  10.  * For the full copyright and license information, please view the LICENSE
  11.  * file that was distributed with this source code.
  12.  */
  14. namespace Sonata\UserBundle\Action;
  16. use Sonata\AdminBundle\Admin\Pool;
  17. use Sonata\AdminBundle\Templating\TemplateRegistryInterface;
  18. use Sonata\UserBundle\Model\UserInterface;
  19. use Symfony\Component\HttpFoundation\RedirectResponse;
  20. use Symfony\Component\HttpFoundation\Request;
  21. use Symfony\Component\HttpFoundation\Response;
  22. use Symfony\Component\HttpFoundation\Session\Session;
  23. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  24. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  25. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  26. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  27. use Symfony\Component\Security\Core\Security;
  28. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  29. use Symfony\Component\Translation\TranslatorInterface;
  30. use Twig\Environment;
  32. final class LoginAction
  33. {
  34.     /**
  35.      * @var Environment
  36.      */
  37.     private $twig;
  39.     /**
  40.      * @var UrlGeneratorInterface
  41.      */
  42.     private $urlGenerator;
  44.     /**
  45.      * @var AuthorizationCheckerInterface
  46.      */
  47.     private $authorizationChecker;
  49.     /**
  50.      * @var Pool
  51.      */
  52.     private $adminPool;
  54.     /**
  55.      * @var TemplateRegistryInterface
  56.      */
  57.     private $templateRegistry;
  59.     /**
  60.      * @var TokenStorageInterface
  61.      */
  62.     private $tokenStorage;
  64.     /**
  65.      * @var Session
  66.      */
  67.     private $session;
  69.     /**
  70.      * @var TranslatorInterface
  71.      */
  72.     private $translator;
  74.     /**
  75.      * @var CsrfTokenManagerInterface
  76.      */
  77.     private $csrfTokenManager;
  79.     // NEXT_MAJOR: Make $translator argument mandatory.
  80.     public function __construct(
  81.         Environment $twig,
  82.         UrlGeneratorInterface $urlGenerator,
  83.         AuthorizationCheckerInterface $authorizationChecker,
  84.         Pool $adminPool,
  85.         TemplateRegistryInterface $templateRegistry,
  86.         TokenStorageInterface $tokenStorage,
  87.         Session $session,
  88.         ?TranslatorInterface $translator null
  89.     ) {
  90.         $this->twig $twig;
  91.         $this->urlGenerator $urlGenerator;
  92.         $this->authorizationChecker $authorizationChecker;
  93.         $this->adminPool $adminPool;
  94.         $this->templateRegistry $templateRegistry;
  95.         $this->tokenStorage $tokenStorage;
  96.         $this->session $session;
  98.         // NEXT_MAJOR: Remove this block.
  99.         if (null === $translator) {
  100.             @trigger_error(sprintf(
  101.                 'Not passing an instance of "%s" as argument 6 to "%s()" is deprecated since'
  102.                 .' sonata-project/user-bundle 4.10 and will be not possible in version 5.0.',
  103.                 TranslatorInterface::class,
  104.                 __METHOD__
  105.             ), \E_USER_DEPRECATED);
  106.             $translator = new IdentityTranslator();
  107.         }
  109.         $this->translator $translator;
  110.     }
  112.     public function __invoke(Request $request): Response
  113.     {
  114.         if ($this->isAuthenticated()) {
  115.             $this->session->getFlashBag()->add(
  116.                 'sonata_user_error',
  117.                 $this->translator->trans('sonata_user_already_authenticated', [], 'SonataUserBundle')
  118.             );
  120.             return new RedirectResponse($this->urlGenerator->generate('sonata_admin_dashboard'));
  121.         }
  123.         $session $request->getSession();
  125.         $authErrorKey Security::AUTHENTICATION_ERROR;
  127.         // get the error if any (works with forward and redirect -- see below)
  128.         if ($request->attributes->has($authErrorKey)) {
  129.             $error $request->attributes->get($authErrorKey);
  130.         } elseif (null !== $session && $session->has($authErrorKey)) {
  131.             $error $session->get($authErrorKey);
  132.             $session->remove($authErrorKey);
  133.         } else {
  134.             $error null;
  135.         }
  137.         if (!$error instanceof AuthenticationException) {
  138.             $error null// The value does not come from the security component.
  139.         }
  141.         if ($this->authorizationChecker->isGranted('ROLE_ADMIN')) {
  142.             $refererUri $request->server->get('HTTP_REFERER');
  143.             $url $refererUri && $refererUri !== $request->getUri() ? $refererUri $this->urlGenerator->generate('sonata_admin_dashboard');
  145.             return new RedirectResponse($url);
  146.         }
  148.         $csrfToken null;
  149.         if ($this->csrfTokenManager) {
  150.             $csrfToken $this->csrfTokenManager->getToken('authenticate')->getValue();
  151.         }
  153.         return new Response($this->twig->render('@SonataUser/Admin/Security/login.html.twig', [
  154.             'admin_pool' => $this->adminPool,
  155.             'base_template' => $this->templateRegistry->getTemplate('layout'),
  156.             'csrf_token' => $csrfToken,
  157.             'error' => $error,
  158.             'last_username' => (null === $session) ? '' $session->get(Security::LAST_USERNAME),
  159.             'reset_route' => $this->urlGenerator->generate('sonata_user_admin_resetting_request'),
  160.         ]));
  161.     }
  163.     public function setCsrfTokenManager(CsrfTokenManagerInterface $csrfTokenManager): void
  164.     {
  165.         $this->csrfTokenManager $csrfTokenManager;
  166.     }
  168.     private function isAuthenticated(): bool
  169.     {
  170.         $token $this->tokenStorage->getToken();
  172.         if (!$token) {
  173.             return false;
  174.         }
  176.         $user $token->getUser();
  178.         return $user instanceof UserInterface;
  179.     }
  180. }