/** * Login a user using a username and password * @param Request $request * * @return JsonResponse */ public function login(Request $request) { $username = $request->request->get('username'); $password = $request->request->get('password'); $errors = []; if (!$username) { $errors[] = 'missingUsername'; } if (!$password) { $errors[] = 'missingPassword'; } if ($username && $password) { $authEntity = $this->authManager->findAuthenticationByUsername($username); if ($authEntity) { $user = $authEntity->getUser(); $passwordValid = $this->encoder->isPasswordValid($user, $password); if ($passwordValid) { $this->updateLegacyPassword($authEntity, $password); $jwt = $this->jwtManager->createJwtFromUser($user); return $this->createSuccessResponseFromJWT($jwt); } } $errors[] = 'badCredentials'; } return new JsonResponse(array('status' => 'error', 'errors' => $errors, 'jwt' => null), JsonResponse::HTTP_BAD_REQUEST); }
/** * @param $username * @param $password * @return \SSPSoftware\ApiTokenBundle\Entity\ApiTokenInterface */ public function authenticate($username, $password) { $user = $this->userProvider->loadUserByUsername($username); if (!$this->passwordEncoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) { throw new AuthenticationException('Bad credentials'); } return $this->apiTokenRepository->createApiToken($user); }
/** * {@inheritdoc} */ public function checkCredentials($credentials, UserInterface $user) { $plainPassword = $credentials['password']; if (!$this->encoder->isPasswordValid($user, $plainPassword)) { throw new BadCredentialsException(); } return true; }
public function __invoke($username, $password) { try { $user = $this->userProvider->loadUserByUsername($username); } catch (UsernameNotFoundException $e) { // in order to prevent timing attacks, we call the same method on a dummy user // this way it is not revealed that the user by that username does not exist in DB $this->passwordEncoder->isPasswordValid(AccountUser::dummy(), 'dummy'); return false; } return $this->passwordEncoder->isPasswordValid($user, $password) ? $username : false; }
/** * Authenticates a user. * * @param string $userUniqueIdentifier The username or the email of the user. * @param string $password Plain text password. * @return User */ public function authenticateUser($userUniqueIdentifier, $password) { $user = $this->userManager->getUserByUserNameOrEmail($userUniqueIdentifier); if (!$user) { throw new Exception('There is no user with this email or username.'); } if (!$this->passwordEncoder->isPasswordValid($user, $password)) { throw new Exception('Incorrect password.'); } $user = $this->setUserApiKey($user); return $user; }
/** * @param TokenInterface $token * @param UserProviderInterface $userProvider * @param $providerKey * @return UsernamePasswordToken */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { try { $user = $userProvider->loadUserByUsername($token->getUsername()); } catch (UsernameNotFoundException $e) { throw new CustomUserMessageAuthenticationException('Invalid username or password'); } $passwordValid = $this->encoder->isPasswordValid($user, $token->getCredentials()); if ($passwordValid) { return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, $user->getRoles()); } throw new CustomUserMessageAuthenticationException('Invalid username or password'); }
/** * Authenticate via the form using users defined in authorized_users * * @param AuthenticationEvent $event * * @return bool|void */ public function onUserFormAuthentication(AuthenticationEvent $event) { $username = $event->getUsername(); $password = $event->getToken()->getCredentials(); $user = new User(); $user->setUsername($username); $authorizedUsers = $this->parametersHelper->getParameter('authorized_users'); if (is_array($authorizedUsers) && isset($authorizedUsers[$username])) { $testUser = $authorizedUsers[$username]; $user->setPassword($testUser['password']); if ($this->encoder->isPasswordValid($user, $password)) { $user->setFirstName($testUser['firstname'])->setLastName($testUser['lastname'])->setEmail($testUser['email'])->setRole($this->em->getReference('MauticUserBundle:Role', 1)); $event->setIsAuthenticated('authorized_users', $user, true); } } }
/** * @param TokenInterface $token * @param UserProviderInterface $userProvider * @param $providerKey * @return UsernamePasswordToken */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { try { if ($userProvider instanceof IsidoreApiUserProvider) { $user = $userProvider->loadUser($token->getUsername(), $token->getCredentials()); } else { $user = $userProvider->loadUserByUsername($token->getUsername()); } } catch (UsernameNotFoundException $e) { throw new CustomUserMessageAuthenticationException("Identifiant ou mot de passe incorrect. Veuillez réessayer."); } $passwordValid = $this->encoder->isPasswordValid($user, $token->getCredentials()); if ($passwordValid) { return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, $user->getRoles()); } throw new CustomUserMessageAuthenticationException("Identifiant ou mot de passe incorrect. Veuillez réessayer."); }
/** * @param TokenInterface $token * @param UserProviderInterface $userProvider * @param string $providerKey * * @return UsernamePasswordToken */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { if (empty($this->secretKey) == false) { $captcha = $this->request->get('g-recaptcha-response'); $reCaptcha = new ReCaptcha($this->secretKey); $response = $reCaptcha->verify($captcha, $this->request->getClientIp()); if ($response->isSuccess() == false) { throw new AuthenticationException('Captcha not passed'); } } try { $user = $userProvider->loadUserByUsername($token->getUsername()); } catch (UsernameNotFoundException $e) { throw new AuthenticationException('Invalid username or password'); } $passwordValid = $this->encoder->isPasswordValid($user, $token->getCredentials()); if ($passwordValid) { return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, $user->getRoles()); } throw new AuthenticationException('Invalid username or password'); }
/** * @param TokenInterface $token * @param UserProviderInterface $userProvider * @param $providerKey * * @return UsernamePasswordToken */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { $authenticated = false; $authenticationService = null; $response = null; $failedAuthMessage = null; $user = $token->getUser(); $authenticatingService = $token instanceof PluginToken ? $token->getAuthenticatingService() : null; if (!$user instanceof User) { try { $user = $userProvider->loadUserByUsername($token->getUsername()); } catch (UsernameNotFoundException $e) { } // Will try with the given password unless the plugin explicitly failed authentication $tryWithPassword = true; // Try authenticating with a plugin first if ($this->dispatcher->hasListeners(UserEvents::USER_FORM_AUTHENTICATION)) { $integrations = $this->integrationHelper->getIntegrationObjects($authenticatingService, ['sso_form'], false, null, true); $authEvent = new AuthenticationEvent($user, $token, $userProvider, $this->request, false, $authenticatingService, $integrations); $this->dispatcher->dispatch(UserEvents::USER_FORM_AUTHENTICATION, $authEvent); if ($authenticated = $authEvent->isAuthenticated()) { $user = $authEvent->getUser(); $authenticatingService = $authEvent->getAuthenticatingService(); } elseif ($authEvent->isFailed()) { $tryWithPassword = false; } $response = $authEvent->getResponse(); $failedAuthMessage = $authEvent->getFailedAuthenticationMessage(); } if (!$authenticated && $tryWithPassword && $user instanceof User) { // Try authenticating with local password $authenticated = $this->encoder->isPasswordValid($user, $token->getCredentials()); } } else { // Assume the user is authenticated although the token will tell for sure $authenticated = true; } if ($authenticated) { return new PluginToken($providerKey, $authenticatingService, $user, $user->getPassword(), $user->getRoles(), $response); } elseif ($response) { return new PluginToken($providerKey, $authenticatingService, $user, '', [], $response); } if ($failedAuthMessage) { throw new AuthenticationException($failedAuthMessage); } throw new BadCredentialsException(); }
/** * {@inheritDoc} */ public function checkCredentials($credentials, UserInterface $user) { return $this->passwordEncoder->isPasswordValid($user, $credentials->password); }