Skip to content

Commit

Permalink
Custom User Checker Added
Browse files Browse the repository at this point in the history
  • Loading branch information
digitaldreams committed Oct 24, 2023
1 parent 9978dc9 commit 18f354c
Show file tree
Hide file tree
Showing 3 changed files with 45 additions and 2 deletions.
1 change: 1 addition & 0 deletions config/packages/security.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ security:
api:
pattern: ^/api
provider: app_user_provider
user_checker: App\Security\UserChecker
access_token:
token_handler: App\Security\AccessTokenHandler
failure_handler: App\Security\AuthenticationFailureHandler
Expand Down
16 changes: 14 additions & 2 deletions src/Controller/Api/ApiLoginController.php
Original file line number Diff line number Diff line change
Expand Up @@ -31,17 +31,29 @@ public function login(Request $request)
$user = $this->userRepository->findOneBy(['username' => $username]);
$expireAt = new \DateTimeImmutable('+24 hours');
if ($user && $this->hasher->isPasswordValid($user, $password)) {
if (is_null($user->getVerifiedAt())) {
return $this->json([
'status' => 'error',
'message' => 'Your account is not verified yet.',
]);
}

$payload = [
'iss' => $this->parameterBag->get('jwt.iss'),
'sub' => $user->getUid(),
'iat' => (new \DateTimeImmutable())->getTimestamp(),
'exp' => $expireAt->getTimestamp()
];
$jwtToken = JWT::encode($payload, $this->parameterBag->get('jwt.secret'), $this->parameterBag->get('jwt.algorithm'));
$jwtToken = JWT::encode(
$payload,
$this->parameterBag->get('jwt.secret'),
$this->parameterBag->get('jwt.algorithm')
);
$this->accessTokenRepository->save($jwtToken, $user);

return $this->json([
"username" => $username,
'status' => 'success',
'user_id' => $user->getUid(),
"token" => $jwtToken,
'expire_at' => $expireAt->format('c')
]);
Expand Down
30 changes: 30 additions & 0 deletions src/Security/UserChecker.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
<?php

namespace App\Security;

use App\Entity\User;
use Symfony\Component\Security\Core\Exception\AccountExpiredException;
use Symfony\Component\Security\Core\Exception\CustomUserMessageAccountStatusException;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\User\UserInterface;

class UserChecker implements UserCheckerInterface
{

public function checkPreAuth(UserInterface $user)
{
if (!$user instanceof User) {
return;
}
if (is_null($user->getVerifiedAt())) {
throw new CustomUserMessageAccountStatusException('Your account is not verified yet.');
}
}

public function checkPostAuth(UserInterface $user)
{
// if (!$user->isActive())) {
// throw new CustomUserMessageAccountStatusException('Your user account is $status.');
// }
}
}

0 comments on commit 18f354c

Please sign in to comment.