vendor/pimcore/pimcore/bundles/AdminBundle/Security/Authenticator/AdminLoginAuthenticator.php line 60

Open in your IDE?
  1. <?php
  2. /**
  3.  * Pimcore
  4.  *
  5.  * This source file is available under two different licenses:
  6.  * - GNU General Public License version 3 (GPLv3)
  7.  * - Pimcore Commercial License (PCL)
  8.  * Full copyright and license information is available in
  9.  * LICENSE.md which is distributed with this source code.
  10.  *
  11.  *  @copyright  Copyright (c) Pimcore GmbH (http://www.pimcore.org)
  12.  *  @license    http://www.pimcore.org/license     GPLv3 and PCL
  13.  */
  14. namespace Pimcore\Bundle\AdminBundle\Security\Authenticator;
  15. use Pimcore\Bundle\AdminBundle\Security\User\User;
  16. use Pimcore\Event\Admin\Login\LoginFailedEvent;
  17. use Pimcore\Event\Admin\Login\LoginRedirectEvent;
  18. use Pimcore\Event\AdminEvents;
  19. use Pimcore\Tool\Authentication;
  20. use Symfony\Component\HttpFoundation\RedirectResponse;
  21. use Symfony\Component\HttpFoundation\Request;
  22. use Symfony\Component\HttpFoundation\Response;
  23. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  24. use Symfony\Component\Security\Http\Authenticator\InteractiveAuthenticatorInterface;
  25. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\CsrfTokenBadge;
  26. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  27. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\CustomCredentials;
  28. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  29. use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
  30. /**
  31.  * @internal
  32.  */
  33. class AdminLoginAuthenticator extends AdminAbstractAuthenticator implements AuthenticationEntryPointInterfaceInteractiveAuthenticatorInterface
  34. {
  35.     /**
  36.      * {@inheritdoc}
  37.      */
  38.     public function supports(Request $request): ?bool
  39.     {
  40.         return $request->attributes->get('_route') === self::PIMCORE_ADMIN_LOGIN_CHECK
  41.             && $request->getMethod() === 'POST' && $request->get('password');
  42.     }
  43.     /**
  44.      * {@inheritdoc}
  45.      */
  46.     public function start(Request $requestAuthenticationException $authException null): Response
  47.     {
  48.         if ($request->isXmlHttpRequest()) {
  49.             $response = new Response('Session expired or unauthorized request. Please reload and try again!');
  50.             $response->setStatusCode(Response::HTTP_FORBIDDEN);
  51.             return $response;
  52.         }
  53.         $event = new LoginRedirectEvent(self::PIMCORE_ADMIN_LOGIN, ['perspective' => strip_tags($request->get('perspective'))]);
  54.         $this->dispatcher->dispatch($eventAdminEvents::LOGIN_REDIRECT);
  55.         $url $this->router->generate($event->getRouteName(), $event->getRouteParams());
  56.         return new RedirectResponse($url);
  57.     }
  58.     /**
  59.      * {@inheritdoc}
  60.      */
  61.     public function authenticate(Request $request): Passport
  62.     {
  63.         if (!$username $request->get('username')) {
  64.             throw new AuthenticationException('Missing username or password');
  65.         }
  66.         $passport = new Passport(
  67.             new UserBadge($username),
  68.             new CustomCredentials(function ($credentials) {
  69.                 $pimcoreUser Authentication::authenticatePlaintext($credentials['username'], $credentials['password']);
  70.                 if ($pimcoreUser) {
  71.                     $user = new User($pimcoreUser);
  72.                     $this->saveUserToSession($user);
  73.                 } else {
  74.                     // trigger LOGIN_FAILED event if user could not be authenticated via username/password
  75.                     $event = new LoginFailedEvent($credentials);
  76.                     $this->dispatcher->dispatch($eventAdminEvents::LOGIN_FAILED);
  77.                     if ($event->hasUser()) {
  78.                         $user = new User($event->getUser());
  79.                         $this->saveUserToSession($user);
  80.                     } else {
  81.                         throw new AuthenticationException('Failed to authenticate with username and password');
  82.                     }
  83.                 }
  84.                 return true;
  85.             }, ['username' => $username'password' => $request->get('password')])
  86.         );
  87.         if ($csrfToken $request->get('csrf_token')) {
  88.             $passport->addBadge(new CsrfTokenBadge('pimcore_admin_authenticate'$csrfToken));
  89.         }
  90.         return $passport;
  91.     }
  92.     /**
  93.      * {@inheritdoc}
  94.      */
  95.     public function isInteractive(): bool
  96.     {
  97.         return true;
  98.     }
  99. }