src/EventSubscriber/SecuritySubscriber.php line 69

Open in your IDE?
  1. <?php
  2. namespace App\EventSubscriber;
  4. use App\Entity\Log;
  5. use App\Entity\SysUsers;
  6. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  7. use Symfony\Component\Security\Core\AuthenticationEvents;
  8. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  9. /*use Symfony\Component\Security\Core\Event\AuthenticationFailureEvent;*/
  10. use Symfony\Component\Security\Http\Event\LoginFailureEvent;
  11. use Symfony\Component\Security\Core\Event\AuthenticationEvent;
  12. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  13. use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
  14. use Symfony\Component\Security\Http\SecurityEvents;
  15. use Symfony\Component\HttpFoundation\RequestStack;
  16. use Doctrine\ORM\EntityManagerInterface;
  17. use Psr\Log\LoggerInterface;
  19. /**
  20.  * Subscribes to the following security events :
  21.  *      - AuthenticationEvents::AUTHENTICATION_FAILURE
  22.  *      - SecurityEvents::INTERACTIVE_LOGIN
  23.  *
  24.  * So it can log successful and failed login
  25.  * Some informations here: https://thisdata.com/blog/subscribing-to-symfonys-security-events/
  26.  *
  27.  * Class SecuritySubscriber
  28.  * @package App\EventSubscriber
  29.  */
  30. class SecuritySubscriber implements EventSubscriberInterface
  31. {
  32.     private $entityManager;
  33.     private $tokenStorage;
  34.     private $authenticationUtils;
  35.     private $logger;
  36.     private $requestStack;
  38.     public function __construct(LoggerInterface $loggerEntityManagerInterface $entityManagerTokenStorageInterface $tokenStorageAuthenticationUtils $authenticationUtilsRequestStack $requestStack)
  39.     {
  40.         $this->entityManager $entityManager;
  41.         $this->tokenStorage $tokenStorage;
  42.         $this->authenticationUtils $authenticationUtils;
  43.         $this->logger $logger;
  44.         $this->requestStack $requestStack;
  45.     }
  47.     public static function getSubscribedEvents()
  48.     {
  49.         return array(
  50.             //AuthenticationEvents::AUTHENTICATION_FAILURE => 'onAuthenticationFailure',
  51.             SecurityEvents::INTERACTIVE_LOGIN => 'onSecurityInteractiveLogin',
  52.         );
  53.     }
  55.     public function onAuthenticationFailureLoginFailureEvent $event )
  56.     {
  57.         $username $this->authenticationUtils->getLastUsername();
  58.         $existingUser $this->entityManager->getRepository(SysUsers::class)->findOneBy(['username' => $username]);
  59.         if ($existingUser) {
  60.             $message "Log In Denied: Wrong password for User #" $existingUser->getId()  . " (" $existingUser->getEmail() . ")";
  61.             $this->logger->error($message);
  62.         } else {
  63.             $message "Log In Denied: User doesn't exist: " $username;
  64.             $this->logger->error($message);
  65.         }
  66.         $this->addEntry($message$username);
  67.     }
  69.     public function onSecurityInteractiveLoginInteractiveLoginEvent $event )
  70.     {
  71.         $user $this->tokenStorage->getToken()->getUser();
  72.         $message "Log In Granted: User #" $user->getId()  . " (" $user->getEmail() . ")";
  73.         $this->logger->info($message);
  74.         $this->addEntry($message$user->getEmail());
  75.     }
  77.     private function addEntry($message$username="")
  78.     {
  79.         $ip $this->requestStack->getCurrentRequest()->getClientIp();
  80.         if($ip == 'unknown'){
  81.             $ip $_SERVER['REMOTE_ADDR'];
  82.         }
  84.         $entry = new Log();
  85.         $entry->setIp($ip);
  86.         $entry->setUsername($username);
  87.         $entry->setMessage($message);
  89.         $this->entityManager->persist($entry);
  90.         $this->entityManager->flush();
  91.     }
  92. }