vendor/pimcore/pimcore/bundles/AdminBundle/Security/Authenticator/AdminLoginAuthenticator.php line 37

Open in your IDE?
  1. <?php
  3. /**
  4.  * Pimcore
  5.  *
  6.  * This source file is available under two different licenses:
  7.  * - GNU General Public License version 3 (GPLv3)
  8.  * - Pimcore Commercial License (PCL)
  9.  * Full copyright and license information is available in
  10.  * LICENSE.md which is distributed with this source code.
  11.  *
  12.  *  @copyright  Copyright (c) Pimcore GmbH (http://www.pimcore.org)
  13.  *  @license    http://www.pimcore.org/license     GPLv3 and PCL
  14.  */
  16. namespace Pimcore\Bundle\AdminBundle\Security\Authenticator;
  18. use Pimcore\Bundle\AdminBundle\Security\User\User;
  19. use Pimcore\Event\Admin\Login\LoginFailedEvent;
  20. use Pimcore\Event\Admin\Login\LoginRedirectEvent;
  21. use Pimcore\Event\AdminEvents;
  22. use Pimcore\Tool\Authentication;
  23. use Symfony\Component\HttpFoundation\RedirectResponse;
  24. use Symfony\Component\HttpFoundation\Request;
  25. use Symfony\Component\HttpFoundation\Response;
  26. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  27. use Symfony\Component\Security\Http\Authenticator\InteractiveAuthenticatorInterface;
  28. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\CsrfTokenBadge;
  29. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  30. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\CustomCredentials;
  31. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  32. use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
  34. /**
  35.  * @internal
  36.  */
  37. class AdminLoginAuthenticator extends AdminAbstractAuthenticator implements AuthenticationEntryPointInterfaceInteractiveAuthenticatorInterface
  38. {
  39.     /**
  40.      * {@inheritdoc}
  41.      */
  42.     public function supports(Request $request): ?bool
  43.     {
  44.         return $request->attributes->get('_route') === self::PIMCORE_ADMIN_LOGIN_CHECK
  45.             && $request->getMethod() === 'POST' && $request->get('password');
  46.     }
  48.     /**
  49.      * {@inheritdoc}
  50.      */
  51.     public function start(Request $requestAuthenticationException $authException null): Response
  52.     {
  53.         if ($request->isXmlHttpRequest()) {
  54.             $response = new Response('Session expired or unauthorized request. Please reload and try again!');
  55.             $response->setStatusCode(Response::HTTP_FORBIDDEN);
  57.             return $response;
  58.         }
  60.         $event = new LoginRedirectEvent(self::PIMCORE_ADMIN_LOGIN, ['perspective' => strip_tags($request->get('perspective'))]);
  61.         $this->dispatcher->dispatch($eventAdminEvents::LOGIN_REDIRECT);
  63.         $url $this->router->generate($event->getRouteName(), $event->getRouteParams());
  65.         return new RedirectResponse($url);
  66.     }
  68.     /**
  69.      * {@inheritdoc}
  70.      */
  71.     public function authenticate(Request $request): Passport
  72.     {
  73.         if (!$username $request->get('username')) {
  74.             throw new AuthenticationException('Missing username or password');
  75.         }
  77.         $passport = new Passport(
  78.             new UserBadge($username),
  79.             new CustomCredentials(function ($credentials) {
  80.                 $pimcoreUser Authentication::authenticatePlaintext($credentials['username'], $credentials['password']);
  82.                 if ($pimcoreUser) {
  83.                     $user = new User($pimcoreUser);
  84.                     $this->saveUserToSession($user);
  85.                 } else {
  86.                     // trigger LOGIN_FAILED event if user could not be authenticated via username/password
  87.                     $event = new LoginFailedEvent($credentials);
  88.                     $this->dispatcher->dispatch($eventAdminEvents::LOGIN_FAILED);
  90.                     if ($event->hasUser()) {
  91.                         $user = new User($event->getUser());
  92.                         $this->saveUserToSession($user);
  93.                     } else {
  94.                         throw new AuthenticationException('Failed to authenticate with username and password');
  95.                     }
  96.                 }
  98.                 return true;
  99.             }, ['username' => $username'password' => $request->get('password')])
  100.         );
  102.         if ($csrfToken $request->get('csrf_token')) {
  103.             $passport->addBadge(new CsrfTokenBadge('pimcore_admin_authenticate'$csrfToken));
  104.         }
  106.         return $passport;
  107.     }
  109.     /**
  110.      * {@inheritdoc}
  111.      */
  112.     public function isInteractive(): bool
  113.     {
  114.         return true;
  115.     }
  116. }