public function handle(GetResponseEvent $event)
{
$sess = \Dev::getDiscuzSession();
if (!isset($sess->var['groupid']) && !$sess->var['groupid']) {
return;
}
$token = new UserToken();
$token->setUserId($sess->var['uid']);
try {
$authToken = $this->authenticationManager->authenticate($token);
$this->securityContext->setToken($authToken);
return;
} catch (AuthenticationException $failed) {
// ... you might log something here
// To deny the authentication clear the token. This will redirect to the login page.
// Make sure to only clear your token, not those of other authentication listeners.
// $token = $this->securityContext->getToken();
// if ($token instanceof WsseUserToken && $this->providerKey === $token->getProviderKey()) {
// $this->securityContext->setToken(null);
// }
// return;
throw $failed;
}
// By default deny authorization
$response = new Response();
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$event->setResponse($response);
}
