/**
* @param string $username
* @param string $password
* @param null|string $requiredGroupRole
* @return bool
*/
public function login($username, $password, $requiredGroupRole = null)
{
if (empty($username) || empty($password)) {
return false;
}
$user = $this->userProvider->loadUserByUsername($username);
if (!$user) {
$this->logger->warning(sprintf('Login failed for "%s". User not found', $username));
sleep(1);
return false;
}
if (null !== $requiredGroupRole) {
$groupRoles = $user->getGroupRoles();
if (!in_array($requiredGroupRole, $groupRoles)) {
$this->logger->warning(sprintf('Login failed for "%s". Not in requested group role "%s" vs "%s"', $username, $requiredGroupRole, implode(',', $groupRoles)));
sleep(1);
return false;
}
}
$encoder = $this->encoderFactory->getEncoder($user);
if (!$encoder->isPasswordValid($user->getPassword(), $password, null)) {
$this->logger->warning(sprintf('Login failed for "%s". Password missmatch ', $username));
sleep(1);
return false;
}
$this->manualLogin($user);
return true;
}
/**
* @ApiDoc(
* section="Administration",
* description="Logs in a user to the current session"
* )
*
* Result on success:
* {
* token: "c7405b2be7da96b0db784f2dc8b2b974",
* userId: 1,
* username: "******",
* access: true, #administration access
* firstName: "Admini",
* lastName: "strator",
* emailMd5: <emailAsMd5>, //for gravatar
* imagePath: "/path/to/image.jpg"
*}
*
* @Rest\RequestParam(name="username", requirements=".+", strict=true)
* @Rest\RequestParam(name="password", requirements=".+", strict=true)
*
* @Rest\Post("/admin/login")
*
* @param ParamFetcher $paramFetcher
*
* @return array|bool Returns false on failure or a array if successful.
*/
public function loginUserAction(ParamFetcher $paramFetcher, Request $request)
{
$username = $paramFetcher->get('username');
$password = $paramFetcher->get('password');
$user = $this->userProvider->loadUserByUsername($username);
if (!$user) {
$this->logger->warning(sprintf('Login failed for "%s". User not found', $username));
sleep(1);
return false;
}
$encoder = $this->encoderFactory->getEncoder($user);
if (!$encoder->isPasswordValid($user->getPassword(), $password, null)) {
$this->logger->warning(sprintf('Login failed for "%s". Password missmatch ', $username));
sleep(1);
return false;
}
$token = new UsernamePasswordToken($user, null, "main", $user->getGroupRoles());
$this->tokenStorage->setToken($token);
//now dispatch the login event
$event = new InteractiveLoginEvent($request, $token);
$this->get("event_dispatcher")->dispatch("security.interactive_login", $event);
return array('userId' => $user->getId(), 'username' => $user->getUsername(), 'lastLogin' => $user->getLastLogin(), 'access' => $this->acl->check(ACLRequest::create('jarves/entryPoint', ['path' => '/admin'])), 'firstName' => $user->getFirstName(), 'lastName' => $user->getLastName(), 'imagePath' => $user->getImagePath());
}
