From 18f354c7fc6ced366e7d3bdb65c4a3994dd6cff4 Mon Sep 17 00:00:00 2001
From: Tuhin Bepari <digitaldreams40@gmail.com>
Date: Tue, 24 Oct 2023 16:00:35 +0600
Subject: [PATCH] Custom User Checker Added

---
 config/packages/security.yaml             |  1 +
 src/Controller/Api/ApiLoginController.php | 16 ++++++++++--
 src/Security/UserChecker.php              | 30 +++++++++++++++++++++++
 3 files changed, 45 insertions(+), 2 deletions(-)
 create mode 100644 src/Security/UserChecker.php

diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 7eacb9f..69d1a1b 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -16,6 +16,7 @@ security:
         api:
             pattern: ^/api
             provider: app_user_provider
+            user_checker: App\Security\UserChecker
             access_token:
                 token_handler: App\Security\AccessTokenHandler
                 failure_handler: App\Security\AuthenticationFailureHandler
diff --git a/src/Controller/Api/ApiLoginController.php b/src/Controller/Api/ApiLoginController.php
index 2de53a2..1c48026 100644
--- a/src/Controller/Api/ApiLoginController.php
+++ b/src/Controller/Api/ApiLoginController.php
@@ -31,17 +31,29 @@ public function login(Request $request)
         $user = $this->userRepository->findOneBy(['username' => $username]);
         $expireAt = new \DateTimeImmutable('+24 hours');
         if ($user && $this->hasher->isPasswordValid($user, $password)) {
+            if (is_null($user->getVerifiedAt())) {
+                return $this->json([
+                    'status' => 'error',
+                    'message' => 'Your account is not verified yet.',
+                ]);
+            }
+
             $payload = [
                 'iss' => $this->parameterBag->get('jwt.iss'),
                 'sub' => $user->getUid(),
                 'iat' => (new \DateTimeImmutable())->getTimestamp(),
                 'exp' => $expireAt->getTimestamp()
             ];
-            $jwtToken = JWT::encode($payload, $this->parameterBag->get('jwt.secret'), $this->parameterBag->get('jwt.algorithm'));
+            $jwtToken = JWT::encode(
+                $payload,
+                $this->parameterBag->get('jwt.secret'),
+                $this->parameterBag->get('jwt.algorithm')
+            );
             $this->accessTokenRepository->save($jwtToken, $user);
 
             return $this->json([
-                "username" => $username,
+                'status' => 'success',
+                'user_id' => $user->getUid(),
                 "token" => $jwtToken,
                 'expire_at' => $expireAt->format('c')
             ]);
diff --git a/src/Security/UserChecker.php b/src/Security/UserChecker.php
new file mode 100644
index 0000000..7278c78
--- /dev/null
+++ b/src/Security/UserChecker.php
@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Security;
+
+use App\Entity\User;
+use Symfony\Component\Security\Core\Exception\AccountExpiredException;
+use Symfony\Component\Security\Core\Exception\CustomUserMessageAccountStatusException;
+use Symfony\Component\Security\Core\User\UserCheckerInterface;
+use Symfony\Component\Security\Core\User\UserInterface;
+
+class UserChecker implements UserCheckerInterface
+{
+
+    public function checkPreAuth(UserInterface $user)
+    {
+        if (!$user instanceof User) {
+            return;
+        }
+        if (is_null($user->getVerifiedAt())) {
+            throw new CustomUserMessageAccountStatusException('Your account is not verified yet.');
+        }
+    }
+
+    public function checkPostAuth(UserInterface $user)
+    {
+        //  if (!$user->isActive())) {
+        // throw new CustomUserMessageAccountStatusException('Your user account is $status.');
+        //  }
+    }
+}
\ No newline at end of file