src/EventSubscriber/FirewallSubscriber.php line 66

Open in your IDE?
  1. <?php
  2. /**
  3.  * Created by PhpStorm.
  4.  * User: sbrun
  5.  * Date: 2018-03-19
  6.  * Time: 14:03
  7.  */
  8. namespace App\EventSubscriber;
  10. use App\Entity\Log;
  11. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  12. use Symfony\Component\HttpFoundation\Request;
  13. use Symfony\Component\HttpFoundation\RequestStack;
  14. use Symfony\Component\HttpKernel\Event\RequestEvent;
  15. use Symfony\Component\HttpKernel\Exception\HttpException;
  16. use Symfony\Component\HttpKernel\KernelEvents;
  17. use Symfony\Component\Routing\Matcher\RequestMatcherInterface;
  18. use Symfony\Component\Routing\RouterInterface;
  19. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  20. /*use Symfony\Component\Translation\TranslatorInterface;*/
  21. use Doctrine\ORM\EntityManagerInterface;
  22. use Symfony\Component\DependencyInjection\ContainerInterface;
  23. use Symfony\Contracts\Translation\TranslatorInterface;
  25. /**
  26.  * Subscribes to the KernelEvents::REQUEST events :
  27.  * So it can check for brute force attacks
  29.  * Class FirewallSubscriber
  30.  * @package App\EventSubscriber
  31.  */
  32. class FirewallSubscriber implements EventSubscriberInterface
  33. {
  34.     private $request;
  35.     private $router;
  36.     private $entityManager;
  37.     private $authenticationUtils;
  38.     private $translator;
  39.     private $timeout;
  40.     private $max_login;
  42.     public function __construct(ContainerInterface $containerTranslatorInterface $translatorEntityManagerInterface $entityManagerAuthenticationUtils $authenticationUtilsRequestStack $requestStackRouterInterface $router)
  43.     {
  44.         $this->request $requestStack->getCurrentRequest();
  45.         $this->router $router;
  46.         $this->entityManager $entityManager;
  47.         $this->authenticationUtils $authenticationUtils;
  48.         $this->translator $translator;
  49.         $this->timeout $container->getParameter('bruteforce_timeout');
  50.         $this->max_login $container->getParameter('bruteforce_max_login');
  51.     }
  53.     public static function getSubscribedEvents()
  54.     {
  55.         return [
  56.             KernelEvents::REQUEST => ['beforeFirewall'10]
  57.         ];
  58.     }
  60.     /**
  61.      * Check if there are too many connexion failures from the same ip within a defined time
  62.      * Only when on fos_user_security_check route and a POST request
  63.      *
  64.      * @param RequestEvent $event
  65.      */
  66.     public function beforeFirewall(RequestEvent $event)
  67.     {
  68.         $request $event->getRequest();
  69.         if ($request->isMethod(Request::METHOD_POST)) {
  70.             $routeInfos $this->router->matchRequest($request);
  71.             if (isset($routeInfos['_route']) && $routeInfos['_route'] === 'fos_user_security_check') {
  73.                 $username $this->authenticationUtils->getLastUsername();
  75.                 if ($this->entityManager->getRepository(Log::class)->checkBruteForce($username$this->max_login$this->timeout)) {
  76.                     $minutes date("i"$this->timeout);
  77.                     throw new HttpException(
  78.                         429,
  79.                         $this->translator->transChoice(
  80.                             'too.many.failed.authentication',
  81.                             $minutes,
  82.                             ['%minutes%'=>$minutes],
  83.                             'security'
  84.                         )
  85.                     );
  86.                 }
  87.             }
  88.         }
  89.     }
  90. }