External/domain-watchdog
1
0
Fork 0
mirror of https://github.com/maelgangloff/domain-watchdog.git synced 2025-12-29 16:15:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
43b341f71f6bd562a0fbbeea81fe8c8bf34a32cd
domain-watchdog/src/Security/JWTAuthenticator.php
Maël Gangloff 2ac9849f86 fix: cookie expiration date same as the token
2024-08-17 20:33:37 +02:00

71 lines
2.3 KiB
PHP
Raw Blame History

<?php
namespace App\Security;
use App\Entity\User;
use Lexik\Bundle\JWTAuthenticationBundle\Event\AuthenticationSuccessEvent;
use Lexik\Bundle\JWTAuthenticationBundle\Events;
use Lexik\Bundle\JWTAuthenticationBundle\Response\JWTAuthenticationSuccessResponse;
use Lexik\Bundle\JWTAuthenticationBundle\Services\JWTTokenManagerInterface;
use Symfony\Component\HttpFoundation\Cookie;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
class JWTAuthenticator implements AuthenticationSuccessHandlerInterface
{
public function __construct(
protected JWTTokenManagerInterface $jwtManager,
protected EventDispatcherInterface $dispatcher,
) {
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token): Response
{
return $this->handleAuthenticationSuccess($token->getUser());
}
public function handleAuthenticationSuccess(UserInterface $user, $jwt = null): Response
{
if (($user instanceof User) && !$user->isVerified()) {
throw new AccessDeniedHttpException('You have not yet validated your email address.');
}
if (null === $jwt) {
$jwt = $this->jwtManager->create($user);
}
$jwtCookies = [
new Cookie(
'BEARER',
$jwt,
time() + 604800, // expiration
'/',
null,
true,
true,
false,
'strict'
),
];
$response = new JWTAuthenticationSuccessResponse($jwt, [], $jwtCookies);
$event = new AuthenticationSuccessEvent(['token' => $jwt], $user, $response);
$this->dispatcher->dispatch($event, Events::AUTHENTICATION_SUCCESS);
$responseData = $event->getData();
if ($responseData) {
$response->setData($responseData);
} else {
$response->setStatusCode(Response::HTTP_NO_CONTENT);
}
return $response;
}
}
Reference in New Issue View Git Blame Copy Permalink