vendor/pimcore/pimcore/bundles/AdminBundle/Security/Authenticator/AdminLoginAuthenticator.php line 36

Open in your IDE?
  1. <?php
  3. /**
  4.  * Pimcore
  5.  *
  6.  * This source file is available under two different licenses:
  7.  * - GNU General Public License version 3 (GPLv3)
  8.  * - Pimcore Commercial License (PCL)
  9.  * Full copyright and license information is available in
  10.  * LICENSE.md which is distributed with this source code.
  11.  *
  12.  *  @copyright  Copyright (c) Pimcore GmbH (http://www.pimcore.org)
  13.  *  @license    http://www.pimcore.org/license     GPLv3 and PCL
  14.  */
  16. namespace Pimcore\Bundle\AdminBundle\Security\Authenticator;
  18. use Pimcore\Event\Admin\Login\LoginFailedEvent;
  19. use Pimcore\Event\AdminEvents;
  20. use Pimcore\Security\User\User;
  21. use Pimcore\Tool\Authentication;
  22. use Symfony\Component\HttpFoundation\RedirectResponse;
  23. use Symfony\Component\HttpFoundation\Request;
  24. use Symfony\Component\HttpFoundation\Response;
  25. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  26. use Symfony\Component\Security\Http\Authenticator\InteractiveAuthenticatorInterface;
  27. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\CsrfTokenBadge;
  28. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  29. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\CustomCredentials;
  30. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  31. use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
  33. /**
  34.  * @internal
  35.  */
  36. class AdminLoginAuthenticator extends AdminAbstractAuthenticator implements AuthenticationEntryPointInterfaceInteractiveAuthenticatorInterface
  37. {
  38.     /**
  39.      * {@inheritdoc}
  40.      */
  41.     public function supports(Request $request): ?bool
  42.     {
  43.         return $request->attributes->get('_route') === self::PIMCORE_ADMIN_LOGIN_CHECK
  44.             && $request->getMethod() === 'POST' && $request->get('password');
  45.     }
  47.     /**
  48.      * {@inheritdoc}
  49.      */
  50.     public function start(Request $requestAuthenticationException $authException null): Response
  51.     {
  52.         if ($request->isXmlHttpRequest()) {
  53.             $response = new Response('Session expired or unauthorized request. Please reload and try again!');
  54.             $response->setStatusCode(Response::HTTP_FORBIDDEN);
  56.             return $response;
  57.         }
  59.         return new RedirectResponse($this->router->generate(self::PIMCORE_ADMIN_LOGIN, ['perspective' => strip_tags($request->get('perspective'''))]));
  60.     }
  62.     /**
  63.      * {@inheritdoc}
  64.      */
  65.     public function authenticate(Request $request): Passport
  66.     {
  67.         if (!$username $request->get('username')) {
  68.             throw new AuthenticationException('Missing username or password');
  69.         }
  71.         $passport = new Passport(
  72.             new UserBadge($username),
  73.             new CustomCredentials(function ($credentials) {
  74.                 $pimcoreUser Authentication::authenticatePlaintext($credentials['username'], $credentials['password']);
  76.                 if ($pimcoreUser) {
  77.                     $user = new User($pimcoreUser);
  78.                     $this->saveUserToSession($user);
  79.                 } else {
  80.                     // trigger LOGIN_FAILED event if user could not be authenticated via username/password
  81.                     $event = new LoginFailedEvent($credentials);
  82.                     $this->dispatcher->dispatch($eventAdminEvents::LOGIN_FAILED);
  84.                     if ($event->hasUser()) {
  85.                         $user = new User($event->getUser());
  86.                         $this->saveUserToSession($user);
  87.                     } else {
  88.                         return false;
  89.                     }
  90.                 }
  92.                 return true;
  93.             }, ['username' => $username'password' => $request->get('password')])
  94.         );
  96.         if ($csrfToken $request->get('csrf_token')) {
  97.             $passport->addBadge(new CsrfTokenBadge('pimcore_admin_authenticate'$csrfToken));
  98.         }
  100.         return $passport;
  101.     }
  103.     /**
  104.      * {@inheritdoc}
  105.      */
  106.     public function isInteractive(): bool
  107.     {
  108.         return true;
  109.     }
  110. }