maj: sémantique, révision vérification ppassword
This commit is contained in:
@ -3,14 +3,25 @@
|
||||
namespace App\Controller;
|
||||
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\Routing\Annotation\Route;
|
||||
|
||||
class LocaleController extends AbstractController
|
||||
{
|
||||
#[Route(path: 'locale/{locale}', name: 'locale_change')]
|
||||
public function changeLocal(string $locale, Request $request)
|
||||
private ParameterBagInterface $params;
|
||||
|
||||
public function __construct(ParameterBagInterface $params)
|
||||
{
|
||||
$this->params = $params;
|
||||
}
|
||||
|
||||
#[Route(path: 'locale/{locale?}', name: 'locale_change')]
|
||||
public function changeLocal(?string $locale, Request $request)
|
||||
{
|
||||
if (empty($locale)) {
|
||||
$locale = $this->params->get('default_locale');
|
||||
}
|
||||
// On stocke la langue dans la session
|
||||
$request->getSession()->set('_locale', $locale);
|
||||
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
namespace App\Controller;
|
||||
|
||||
use App\Form\LoginType;
|
||||
use App\Security\PdoUserAuthenticator;
|
||||
use App\Security\SQLLoginUserAuthenticator;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
|
||||
use Symfony\Component\Form\FormError;
|
||||
@ -28,17 +28,17 @@ class SecurityController extends AbstractController
|
||||
$loginForm = $this->createForm(LoginType::class, null);
|
||||
$error = $authenticationUtils->getLastAuthenticationError();
|
||||
if ($error) {
|
||||
if ($request->getSession()->has(PdoUserAuthenticator::ERROR_LOGIN)) {
|
||||
if ($request->getSession()->has(SQLLoginUserAuthenticator::ERROR_LOGIN)) {
|
||||
$loginForm->get('login')->addError(new FormError($trans->trans('error.login', [], 'messages')));
|
||||
$request->getSession()->remove(PdoUserAuthenticator::ERROR_LOGIN);
|
||||
$request->getSession()->remove(SQLLoginUserAuthenticator::ERROR_LOGIN);
|
||||
}
|
||||
if ($request->getSession()->has(PdoUserAuthenticator::ERROR_PASSWORD)) {
|
||||
if ($request->getSession()->has(SQLLoginUserAuthenticator::ERROR_PASSWORD)) {
|
||||
$loginForm->get('password')->addError(new FormError($trans->trans('error.password', [], 'messages')));
|
||||
$request->getSession()->remove(PdoUserAuthenticator::ERROR_PASSWORD);
|
||||
$request->getSession()->remove(SQLLoginUserAuthenticator::ERROR_PASSWORD);
|
||||
}
|
||||
if ($request->getSession()->has(PdoUserAuthenticator::ERROR_PDO)) {
|
||||
if ($request->getSession()->has(SQLLoginUserAuthenticator::ERROR_PDO)) {
|
||||
$loginForm->addError(new FormError($trans->trans('error.pdo', [], 'messages')));
|
||||
$request->getSession()->remove(PdoUserAuthenticator::ERROR_PDO);
|
||||
$request->getSession()->remove(SQLLoginUserAuthenticator::ERROR_PDO);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -1,25 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace App\DependencyInjection;
|
||||
|
||||
use App\Pdo\PdoRequest;
|
||||
use Symfony\Component\Config\Definition\Builder\TreeBuilder;
|
||||
use Symfony\Component\Config\Definition\ConfigurationInterface;
|
||||
|
||||
class PdoConfiguration implements ConfigurationInterface
|
||||
{
|
||||
public function getConfigTreeBuilder()
|
||||
{
|
||||
$treeBuilder = new TreeBuilder('pdo');
|
||||
$treeBuilder->getRootNode()->children()
|
||||
->scalarNode(PdoRequest::COLUMN_LOGIN_NAME)->isRequired()->cannotBeEmpty()->end()
|
||||
->scalarNode(PdoRequest::COLUMN_PASSWORD_NAME)->isRequired()->cannotBeEmpty()->end()
|
||||
->scalarNode(PdoRequest::TABLE_NAME)->isRequired()->cannotBeEmpty()->end()
|
||||
->arrayNode(PdoRequest::DATA_TO_FETCH)
|
||||
->scalarPrototype()->end()
|
||||
->end()
|
||||
->end();
|
||||
|
||||
return $treeBuilder;
|
||||
}
|
||||
}
|
||||
26
src/DependencyInjection/SQLLoginConfiguration.php
Normal file
26
src/DependencyInjection/SQLLoginConfiguration.php
Normal file
@ -0,0 +1,26 @@
|
||||
<?php
|
||||
|
||||
namespace App\DependencyInjection;
|
||||
|
||||
use App\SQLLogin\SQLLoginRequest;
|
||||
use Symfony\Component\Config\Definition\Builder\TreeBuilder;
|
||||
use Symfony\Component\Config\Definition\ConfigurationInterface;
|
||||
|
||||
class SQLLoginConfiguration implements ConfigurationInterface
|
||||
{
|
||||
public function getConfigTreeBuilder()
|
||||
{
|
||||
$treeBuilder = new TreeBuilder('sql_login');
|
||||
$treeBuilder->getRootNode()->children()
|
||||
->scalarNode(SQLLoginRequest::LOGIN_COLUMN_NAME)->isRequired()->cannotBeEmpty()->end()
|
||||
->scalarNode(SQLLoginRequest::PASSWORD_COLUMN_NAME)->isRequired()->cannotBeEmpty()->end()
|
||||
->scalarNode(SQLLoginRequest::SALT_COLUMN_NAME)->end()
|
||||
->scalarNode(SQLLoginRequest::TABLE_NAME)->isRequired()->cannotBeEmpty()->end()
|
||||
->arrayNode(SQLLoginRequest::DATA_TO_FETCH)
|
||||
->scalarPrototype()->end()
|
||||
->end()
|
||||
->end();
|
||||
|
||||
return $treeBuilder;
|
||||
}
|
||||
}
|
||||
@ -2,26 +2,26 @@
|
||||
|
||||
namespace App\DependencyInjection;
|
||||
|
||||
use App\Pdo\PdoRequest;
|
||||
use App\SQLLogin\SQLLoginRequest;
|
||||
use Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface;
|
||||
use Symfony\Component\DependencyInjection\ContainerBuilder;
|
||||
use Symfony\Component\DependencyInjection\Extension\Extension;
|
||||
|
||||
class PdoExtension extends Extension implements CompilerPassInterface
|
||||
class SQLLoginExtension extends Extension implements CompilerPassInterface
|
||||
{
|
||||
/** @var array */
|
||||
protected $pdoConfig;
|
||||
|
||||
public function load(array $configs, ContainerBuilder $container)
|
||||
{
|
||||
$configuration = new PdoConfiguration();
|
||||
$configuration = new SQLLoginConfiguration();
|
||||
$config = $this->processConfiguration($configuration, $configs);
|
||||
$this->pdoConfig = $config;
|
||||
}
|
||||
|
||||
public function process(ContainerBuilder $container)
|
||||
{
|
||||
$definition = $container->getDefinition(PdoRequest::class);
|
||||
$definition = $container->getDefinition(SQLLoginRequest::class);
|
||||
$definition->replaceArgument('$config', $this->pdoConfig);
|
||||
}
|
||||
}
|
||||
@ -6,8 +6,7 @@ use Symfony\Component\Security\Core\User\UserInterface;
|
||||
|
||||
class User implements UserInterface
|
||||
{
|
||||
/** @var array */
|
||||
protected $attributes;
|
||||
protected array $attributes = [];
|
||||
private string $login;
|
||||
private string $password;
|
||||
private bool $rememberMe;
|
||||
|
||||
@ -4,15 +4,16 @@ namespace App\EventListener;
|
||||
|
||||
use App\Hydra\HydraService;
|
||||
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
|
||||
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
|
||||
use Symfony\Component\Security\Http\Event\LogoutEvent;
|
||||
|
||||
class LogoutSubscriber implements EventSubscriberInterface
|
||||
{
|
||||
private HydraService $hydra;
|
||||
|
||||
public function __construct(
|
||||
private UrlGeneratorInterface $urlGenerator,
|
||||
private HydraService $hydra
|
||||
HydraService $hydra
|
||||
) {
|
||||
$this->hydra = $hydra;
|
||||
}
|
||||
|
||||
public static function getSubscribedEvents(): array
|
||||
|
||||
@ -3,29 +3,23 @@
|
||||
namespace App\Hydra;
|
||||
|
||||
use App\Hydra\Exception\InvalidChallengeException;
|
||||
use App\Services\PdoService;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Component\HttpFoundation\Exception\BadRequestException;
|
||||
use Symfony\Component\HttpFoundation\RedirectResponse;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Session\SessionInterface;
|
||||
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
||||
|
||||
class HydraService extends AbstractController
|
||||
{
|
||||
public SessionInterface $session;
|
||||
public UrlGeneratorInterface $router;
|
||||
public Client $client;
|
||||
public PdoService $pdoServices;
|
||||
public TokenStorageInterface $tokenStorage;
|
||||
|
||||
public function __construct(PdoService $pdoServices, Client $client, SessionInterface $session, UrlGeneratorInterface $router, TokenStorageInterface $tokenStorage)
|
||||
public function __construct(Client $client, SessionInterface $session, TokenStorageInterface $tokenStorage)
|
||||
{
|
||||
$this->pdoServices = $pdoServices;
|
||||
$this->session = $session;
|
||||
$this->client = $client;
|
||||
$this->router = $router;
|
||||
$this->tokenStorage = $tokenStorage;
|
||||
}
|
||||
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
namespace App;
|
||||
|
||||
use App\DependencyInjection\PdoExtension;
|
||||
use App\DependencyInjection\SQLLoginExtension;
|
||||
use Symfony\Bundle\FrameworkBundle\Kernel\MicroKernelTrait;
|
||||
use Symfony\Component\Config\Loader\LoaderInterface;
|
||||
use Symfony\Component\DependencyInjection\ContainerBuilder;
|
||||
@ -22,10 +22,10 @@ class Kernel extends BaseKernel
|
||||
$this->microKernelConfigureContainer($loader);
|
||||
|
||||
$loader->load(function (ContainerBuilder $container) use ($loader) {
|
||||
$envLanguage = \getenv('APP_LOCALES');
|
||||
$envLanguage = getenv('APP_LOCALES');
|
||||
$container->setParameter('app.supported_locales', explode(',', $envLanguage));
|
||||
$container->registerExtension(new PdoExtension());
|
||||
$loader->load($this->getConfigDir().'/pdo_configuration/*.{yml,yaml}', 'glob');
|
||||
$container->registerExtension(new SQLLoginExtension());
|
||||
$loader->load($this->getConfigDir().'/sql_login_configuration/*.{yml,yaml}', 'glob');
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,9 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace App\Pdo\Exception;
|
||||
|
||||
use Exception;
|
||||
|
||||
class InvalidLoginException extends Exception
|
||||
{
|
||||
}
|
||||
@ -1,9 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace App\Pdo\Exception;
|
||||
|
||||
use Exception;
|
||||
|
||||
class InvalidPasswordException extends Exception
|
||||
{
|
||||
}
|
||||
@ -1,66 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace App\Pdo;
|
||||
|
||||
class PdoRequest
|
||||
{
|
||||
public const DATA_TO_FETCH = 'data_to_fetch';
|
||||
public const COLUMN_LOGIN_NAME = 'column_login_name';
|
||||
public const COLUMN_PASSWORD_NAME = 'column_password_name';
|
||||
public const TABLE_NAME = 'table_name';
|
||||
|
||||
protected array $config;
|
||||
protected string $dsn;
|
||||
protected string $user;
|
||||
protected string $password;
|
||||
|
||||
public function __construct(array $config = [], string $dsn, string $user, string $password)
|
||||
{
|
||||
$this->config = $config;
|
||||
$this->dsn = $dsn;
|
||||
$this->user = $user;
|
||||
$this->password = $password;
|
||||
}
|
||||
|
||||
public function getDatabaseDsn()
|
||||
{
|
||||
return $this->dsn;
|
||||
}
|
||||
|
||||
public function getDbUser()
|
||||
{
|
||||
return $this->user;
|
||||
}
|
||||
|
||||
public function getDbPassword()
|
||||
{
|
||||
return $this->password;
|
||||
}
|
||||
|
||||
public function getNameLogin()
|
||||
{
|
||||
return $this->config[self::COLUMN_LOGIN_NAME];
|
||||
}
|
||||
|
||||
public function getNamePassword()
|
||||
{
|
||||
return $this->config[self::COLUMN_PASSWORD_NAME];
|
||||
}
|
||||
|
||||
public function getRequestScope()
|
||||
{
|
||||
$scope = '';
|
||||
foreach ($this->config[self::DATA_TO_FETCH] as $data) {
|
||||
$scope .= $data.',';
|
||||
}
|
||||
$scope = substr($scope, 0, -1);
|
||||
$request = 'SELECT '.$scope.' FROM '.$this->config[self::TABLE_NAME].' WHERE '.$this->config[self::COLUMN_LOGIN_NAME].' = :'.$this->config[self::COLUMN_LOGIN_NAME].';';
|
||||
|
||||
return $request;
|
||||
}
|
||||
|
||||
public function getRequestLogin()
|
||||
{
|
||||
return 'SELECT '.$this->config[self::COLUMN_PASSWORD_NAME].' FROM '.$this->config[self::TABLE_NAME].' WHERE '.$this->config[self::COLUMN_LOGIN_NAME].' = :'.$this->config[self::COLUMN_LOGIN_NAME].';';
|
||||
}
|
||||
}
|
||||
9
src/SQLLogin/Exception/InvalidSQLLoginException.php
Normal file
9
src/SQLLogin/Exception/InvalidSQLLoginException.php
Normal file
@ -0,0 +1,9 @@
|
||||
<?php
|
||||
|
||||
namespace App\SQLLogin\Exception;
|
||||
|
||||
use Exception;
|
||||
|
||||
class InvalidSQLLoginException extends Exception
|
||||
{
|
||||
}
|
||||
9
src/SQLLogin/Exception/InvalidSQLPasswordException.php
Normal file
9
src/SQLLogin/Exception/InvalidSQLPasswordException.php
Normal file
@ -0,0 +1,9 @@
|
||||
<?php
|
||||
|
||||
namespace App\SQLLogin\Exception;
|
||||
|
||||
use Exception;
|
||||
|
||||
class InvalidSQLPasswordException extends Exception
|
||||
{
|
||||
}
|
||||
@ -1,11 +1,11 @@
|
||||
<?php
|
||||
|
||||
namespace App\Pdo;
|
||||
namespace App\SQLLogin;
|
||||
|
||||
use PDO;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
|
||||
class PdoConnect extends AbstractController
|
||||
class SQLLoginConnect extends AbstractController
|
||||
{
|
||||
/**
|
||||
* @var Singleton
|
||||
@ -35,7 +35,7 @@ class PdoConnect extends AbstractController
|
||||
public static function getInstance()
|
||||
{
|
||||
if (is_null(self::$_instance)) {
|
||||
self::$_instance = new PdoConnect();
|
||||
self::$_instance = new SQLLoginConnect();
|
||||
}
|
||||
|
||||
return self::$_instance;
|
||||
77
src/SQLLogin/SQLLoginRequest.php
Normal file
77
src/SQLLogin/SQLLoginRequest.php
Normal file
@ -0,0 +1,77 @@
|
||||
<?php
|
||||
|
||||
namespace App\SQLLogin;
|
||||
|
||||
class SQLLoginRequest
|
||||
{
|
||||
public const DATA_TO_FETCH = 'data_to_fetch';
|
||||
public const LOGIN_COLUMN_NAME = 'login_column_name';
|
||||
public const SALT_COLUMN_NAME = 'salt_column_name';
|
||||
public const PASSWORD_COLUMN_NAME = 'password_column_name';
|
||||
public const TABLE_NAME = 'table_name';
|
||||
|
||||
protected array $config;
|
||||
protected string $dsn;
|
||||
protected string $user;
|
||||
protected string $password;
|
||||
|
||||
public function __construct(array $config = [], string $dsn, string $user, string $password)
|
||||
{
|
||||
$this->config = $config;
|
||||
$this->dsn = $dsn;
|
||||
$this->user = $user;
|
||||
$this->password = $password;
|
||||
}
|
||||
|
||||
public function getDatabaseDsn()
|
||||
{
|
||||
return $this->dsn;
|
||||
}
|
||||
|
||||
public function getDbUser()
|
||||
{
|
||||
return $this->user;
|
||||
}
|
||||
|
||||
public function getDbPassword()
|
||||
{
|
||||
return $this->password;
|
||||
}
|
||||
|
||||
public function getLoginColumnName()
|
||||
{
|
||||
return $this->config[self::LOGIN_COLUMN_NAME];
|
||||
}
|
||||
|
||||
public function egtPasswordColumnName()
|
||||
{
|
||||
return $this->config[self::PASSWORD_COLUMN_NAME];
|
||||
}
|
||||
|
||||
public function getSaltColumnName()
|
||||
{
|
||||
return $this->config[self::SALT_COLUMN_NAME];
|
||||
}
|
||||
|
||||
public function getRequestScope()
|
||||
{
|
||||
$scope = '';
|
||||
foreach ($this->config[self::DATA_TO_FETCH] as $data) {
|
||||
$scope .= $data.',';
|
||||
}
|
||||
$scope = substr($scope, 0, -1);
|
||||
$request = 'SELECT '.$scope.' FROM '.$this->config[self::TABLE_NAME].' WHERE '.$this->config[self::LOGIN_COLUMN_NAME].' = :'.$this->config[self::LOGIN_COLUMN_NAME].';';
|
||||
|
||||
return $request;
|
||||
}
|
||||
|
||||
public function getRequestPassword()
|
||||
{
|
||||
$passwordColumns = $this->config[self::PASSWORD_COLUMN_NAME];
|
||||
if (!empty($this->config[self::SALT_COLUMN_NAME])) {
|
||||
$passwordColumns .= ', '.$this->config[self::SALT_COLUMN_NAME];
|
||||
}
|
||||
|
||||
return 'SELECT '.$passwordColumns.' FROM '.$this->config[self::TABLE_NAME].' WHERE '.$this->config[self::LOGIN_COLUMN_NAME].' = :'.$this->config[self::LOGIN_COLUMN_NAME].';';
|
||||
}
|
||||
}
|
||||
49
src/Security/Hasher/PasswordEncoder.php
Normal file
49
src/Security/Hasher/PasswordEncoder.php
Normal file
@ -0,0 +1,49 @@
|
||||
<?php
|
||||
|
||||
namespace App\Security\Hasher;
|
||||
|
||||
use App\SQLLogin\Exception\InvalidSQLPasswordException;
|
||||
use Symfony\Component\PasswordHasher\Exception\InvalidPasswordException;
|
||||
use Symfony\Component\PasswordHasher\Hasher\CheckPasswordLengthTrait;
|
||||
use Symfony\Component\PasswordHasher\LegacyPasswordHasherInterface;
|
||||
|
||||
class PasswordEncoder implements LegacyPasswordHasherInterface
|
||||
{
|
||||
use CheckPasswordLengthTrait;
|
||||
protected ?string $pepper;
|
||||
protected string $hashAlgo;
|
||||
|
||||
public function __construct(?string $pepper, string $hashAlgo)
|
||||
{
|
||||
$this->pepper = $pepper;
|
||||
$this->hashAlgo = $hashAlgo;
|
||||
}
|
||||
|
||||
public function hash(string $plainPassword, string $salt = null): string
|
||||
{
|
||||
if ($this->isPasswordTooLong($plainPassword)) {
|
||||
throw new InvalidPasswordException();
|
||||
}
|
||||
$hash = hash($this->hashAlgo, $plainPassword.$salt.$this->pepper);
|
||||
|
||||
return $hash;
|
||||
}
|
||||
|
||||
public function verify(string $hashedPassword, string $plainPassword, string $salt = null): bool
|
||||
{
|
||||
if ('' === $plainPassword || $this->isPasswordTooLong($plainPassword)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if ($this->hash($plainPassword, $salt) === $hashedPassword) {
|
||||
return true;
|
||||
} else {
|
||||
throw new InvalidSQLPasswordException();
|
||||
}
|
||||
}
|
||||
|
||||
public function needsRehash(string $hashedPassword): bool
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
@ -3,8 +3,9 @@
|
||||
namespace App\Security;
|
||||
|
||||
use App\Entity\User;
|
||||
use App\Pdo\Exception\InvalidPasswordException;
|
||||
use App\Services\PdoService;
|
||||
use App\Security\Hasher\PasswordEncoder;
|
||||
use App\Service\SQLLoginService;
|
||||
use App\SQLLogin\Exception\InvalidSQLPasswordException;
|
||||
use PDOException;
|
||||
use Symfony\Component\HttpFoundation\RedirectResponse;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
@ -19,7 +20,7 @@ use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
|
||||
use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
|
||||
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
|
||||
|
||||
class PdoUserAuthenticator extends AbstractAuthenticator
|
||||
class SQLLoginUserAuthenticator extends AbstractAuthenticator
|
||||
{
|
||||
public const LOGIN_ROUTE = 'app_login';
|
||||
public const ERROR_LOGIN = 'error_login';
|
||||
@ -27,14 +28,16 @@ class PdoUserAuthenticator extends AbstractAuthenticator
|
||||
public const ERROR_PDO = 'error_pdo';
|
||||
|
||||
protected string $baseUrl;
|
||||
private PdoService $pdoService;
|
||||
private SQLLoginService $pdoService;
|
||||
private UrlGeneratorInterface $router;
|
||||
private PasswordEncoder $passwordHasher;
|
||||
|
||||
public function __construct(string $baseUrl, PdoService $pdoService, UrlGeneratorInterface $router)
|
||||
public function __construct(string $baseUrl, SQLLoginService $pdoService, UrlGeneratorInterface $router, PasswordEncoder $passwordHasher)
|
||||
{
|
||||
$this->baseUrl = $baseUrl;
|
||||
$this->pdoService = $pdoService;
|
||||
$this->router = $router;
|
||||
$this->passwordHasher = $passwordHasher;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -65,20 +68,22 @@ class PdoUserAuthenticator extends AbstractAuthenticator
|
||||
{
|
||||
$form = $request->request->get('login');
|
||||
$login = $form['login'];
|
||||
$password = $form['password'];
|
||||
$plaintextPassword = $form['password'];
|
||||
$rememberMe = isset($form['_remember_me']) ? true : false;
|
||||
try {
|
||||
// requête préparée
|
||||
$remoteHashedPassword = $this->pdoService->fetchPassword($login);
|
||||
list($remoteHashedPassword, $remoteSalt) = $this->pdoService->fetchPassword($login);
|
||||
} catch (PDOException $e) {
|
||||
$request->getSession()->set(self::ERROR_PDO, true);
|
||||
throw new AuthenticationException();
|
||||
}
|
||||
if ($remoteHashedPassword) {
|
||||
try {
|
||||
$this->pdoService->verifyPassword($password, $remoteHashedPassword);
|
||||
// Comparaison remote hash et hash du input password + salt
|
||||
$this->passwordHasher->verify($remoteHashedPassword, $plaintextPassword, $remoteSalt);
|
||||
$attributes = $this->pdoService->fetchDatas($login);
|
||||
$user = new User($login, $password, $attributes, $rememberMe);
|
||||
$user = new User($login, $remoteHashedPassword, $attributes, $rememberMe);
|
||||
|
||||
$loader = function (string $userIdentifier) use ($user) {
|
||||
return $user->getLogin() == $userIdentifier ? $user : null;
|
||||
};
|
||||
@ -89,7 +94,7 @@ class PdoUserAuthenticator extends AbstractAuthenticator
|
||||
$passport->setAttribute('attributes', $user->getAttributes());
|
||||
|
||||
return $passport;
|
||||
} catch (InvalidPasswordException $e) {
|
||||
} catch (InvalidSQLPasswordException $e) {
|
||||
$request->getSession()->set(self::ERROR_PASSWORD, true);
|
||||
throw new AuthenticationException();
|
||||
} catch (PDOException $e) {
|
||||
@ -9,7 +9,7 @@ use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
|
||||
use Symfony\Component\Security\Core\User\UserInterface;
|
||||
use Symfony\Component\Security\Core\User\UserProviderInterface;
|
||||
|
||||
class PdoUserProvider implements UserProviderInterface
|
||||
class SQLLoginUserProvider implements UserProviderInterface
|
||||
{
|
||||
protected RequestStack $requestStack;
|
||||
|
||||
@ -1,25 +1,23 @@
|
||||
<?php
|
||||
|
||||
namespace App\Services;
|
||||
namespace App\Service;
|
||||
|
||||
use App\SQLLogin\SQLLoginConnect;
|
||||
use App\SQLLogin\SQLLoginRequest;
|
||||
use PDO;
|
||||
use PDOException;
|
||||
use App\Pdo\PdoConnect;
|
||||
use App\Pdo\PdoRequest;
|
||||
use Sentry\captureException;
|
||||
use App\Pdo\Exception\InvalidPasswordException;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
|
||||
|
||||
class PdoService extends AbstractController
|
||||
class SQLLoginService extends AbstractController
|
||||
{
|
||||
private $params;
|
||||
public PdoRequest $pdoRequest;
|
||||
public SQLLoginRequest $sqlLoginRequest;
|
||||
|
||||
public function __construct(ParameterBagInterface $params, PdoRequest $pdoRequest)
|
||||
public function __construct(ParameterBagInterface $params, SQLLoginRequest $sqlLoginRequest)
|
||||
{
|
||||
$this->params = $params;
|
||||
$this->pdoRequest = $pdoRequest;
|
||||
$this->sqlLoginRequest = $sqlLoginRequest;
|
||||
}
|
||||
|
||||
public function fetchDatas($login)
|
||||
@ -28,11 +26,11 @@ class PdoService extends AbstractController
|
||||
$dbh = $this->getConnection();
|
||||
|
||||
// forge de la requête
|
||||
$request = $this->pdoRequest->getRequestScope();
|
||||
$request = $this->sqlLoginRequest->getRequestScope();
|
||||
|
||||
// Préparation de la requête
|
||||
$query = $dbh->prepare($request);
|
||||
$query->execute([$this->pdoRequest->getNameLogin() => $login]);
|
||||
$query->execute([$this->sqlLoginRequest->getLoginColumnName() => $login]);
|
||||
$datas = $query->fetch(PDO::FETCH_ASSOC);
|
||||
} catch (PDOException $e) {
|
||||
\Sentry\captureException($e);
|
||||
@ -52,9 +50,9 @@ class PdoService extends AbstractController
|
||||
{
|
||||
try {
|
||||
$dbh = $this->getConnection();
|
||||
$request = $this->pdoRequest->getRequestLogin();
|
||||
$request = $this->sqlLoginRequest->getRequestPassword();
|
||||
$query = $dbh->prepare($request);
|
||||
$query->execute([$this->pdoRequest->getNameLogin() => $login]);
|
||||
$query->execute([$this->sqlLoginRequest->getLoginColumnName() => $login]);
|
||||
$password = $query->fetch(PDO::FETCH_ASSOC);
|
||||
} catch (PDOException $e) {
|
||||
\Sentry\captureException($e);
|
||||
@ -62,7 +60,10 @@ class PdoService extends AbstractController
|
||||
throw new PDOException();
|
||||
}
|
||||
if ($password) {
|
||||
return $password[$this->pdoRequest->getNamePassword()];
|
||||
return [
|
||||
$password[$this->sqlLoginRequest->egtPasswordColumnName()],
|
||||
isset($password[$this->sqlLoginRequest->getSaltColumnName()]) ? $password[$this->sqlLoginRequest->getSaltColumnName()] : null,
|
||||
];
|
||||
}
|
||||
|
||||
return false;
|
||||
@ -71,19 +72,8 @@ class PdoService extends AbstractController
|
||||
public function getConnection()
|
||||
{
|
||||
// Appel du singleton
|
||||
$pdo = PdoConnect::getInstance();
|
||||
$pdo = SQLLoginConnect::getInstance();
|
||||
// Connection bdd
|
||||
return $pdo->connect($this->pdoRequest->getDatabaseDsn(), $this->pdoRequest->getDbUser(), $this->pdoRequest->getDbPassword());
|
||||
}
|
||||
|
||||
public function verifyPassword($password, $hashedPassword)
|
||||
{
|
||||
$hashAlgo = $this->params->get('hashAlgo') ?? 'sha256';
|
||||
|
||||
if ($hashedPassword === hash($hashAlgo, $password)) {
|
||||
return true;
|
||||
} else {
|
||||
throw new InvalidPasswordException();
|
||||
}
|
||||
return $pdo->connect($this->sqlLoginRequest->getDatabaseDsn(), $this->sqlLoginRequest->getDbUser(), $this->sqlLoginRequest->getDbPassword());
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user