/** * Validates WordPress authentication cookie * * @param UserProviderInterface $userProvider * @param Cookie $cookie * @return UserInterface UserInterface if valid. * @throws RuntimeException * @throws AuthenticationException */ public function validateCookie(UserProviderInterface $userProvider, $cookie) { $cookieParts = $this->decodeCookie($cookie); switch (count($cookieParts)) { case 3: list($username, $expiration, $hmac) = $cookieParts; $token = null; break; case 4: list($username, $expiration, $token, $hmac) = $cookieParts; break; default: throw new AuthenticationException('Invalid WordPress cookie.'); } if ($expiration < time()) { throw new AuthenticationException('The WordPress cookie has expired.'); } try { $user = $userProvider->loadUserByUsername($username); } catch (Exception $exception) { if (!$exception instanceof AuthenticationException) { $exception = new AuthenticationException($exception->getMessage(), $exception->getCode(), $exception); } throw $exception; } if (!$user instanceof UserInterface) { throw new RuntimeException(sprintf('The UserProviderInterface implementation must return an instance of UserInterface, but returned "%s".', get_class($user))); } if ($token && $hmac !== $this->generateHmacWithToken($username, $expiration, $token, $user->getPassword()) || !$token && $hmac !== $this->generateHmac($username, $expiration, $user->getPassword())) { throw new AuthenticationException('The WordPress cookie\'s hash is invalid. Your logged in key and salt settings could be wrong.'); } return $user; }
/** * @inheritDocs */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { $request->getSession()->setFlash('error', $exception->getMessage()); $this->disconnectAllConnections($request); $url = $this->container->get('router')->generate('login'); return new RedirectResponse($url); }
public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { //ladybug_dump_die($exception->getMessage()); $url = $this->router->generate('fos_user_security_login', array("slug" => $exception->getMessage())); return new RedirectResponse($url); //$this->container->re }
{ if ($request->isXmlHttpRequest()) { $result = array('success' => true); $response = new Response(json_encode($result)); $response->headers->set('Content-Type', 'application/json'); return $response; } else { // Create a flash message with the authentication error message
public function start(Request $request, AuthenticationException $authException = null) { $response = new Response(); $response->headers->set('WWW-Authenticate', sprintf('Basic realm="%s"', $this->realmName)); $response->setStatusCode(401, $authException->getMessage()); return $response; }
public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { if ($request->request->has('_username')) { $username = $request->request->get('_username'); } else { $username = ''; } //if ($exception->getMessage() === 'Captcha is invalid') { //} else { $failedLoginIp = $request->getClientIp(); $user = $this->fosUM->findUserByUsername($username); if ($user) { $failedLogin = $user->getFailedLogin(); $failedLogin++; $user->setFailedLogin($failedLogin); $user->setFailedLoginIp($failedLoginIp); if ($failedLogin === 3) { //email do użytkownika i admina $message = \Swift_Message::newInstance()->setSubject('Nieautoryzowane próby dostępu do konta')->setFrom('*****@*****.**')->setTo(array('*****@*****.**', $user->getEmail()))->setBody($username . ' próbował zalogować się zbyt wiele razy z adresu IP: ' . $failedLoginIp . ' ' . $exception->getMessage()); $this->mailer->send($message); } if ($failedLogin === 5) { $user->setLocked(1); } $this->fosUM->updateUser($user); } //} $url = 'fos_user_security_login'; $response = new RedirectResponse($this->router->generate($url)); return $response; }
/** * {@inheritDoc} */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { if ($request->isXmlHttpRequest()) { return new Response(json_encode(array('has_error' => true, 'error' => $this->translator->trans($exception->getMessage())))); } return parent::onAuthenticationFailure($request, $exception); }
/** * {@inheritdoc} */ protected function processAutoLoginCookie(array $cookieParts, Request $request) { if (count($cookieParts) !== 4) { throw new AuthenticationException('The cookie is invalid.'); } list($class, $username, $expires, $hash) = $cookieParts; if (false === ($username = base64_decode($username, true))) { throw new AuthenticationException('$username contains a character from outside the base64 alphabet.'); } try { $user = $this->getUserProvider($class)->loadUserByUsername($username); } catch (\Exception $ex) { if (!$ex instanceof AuthenticationException) { $ex = new AuthenticationException($ex->getMessage(), $ex->getCode(), $ex); } throw $ex; } if (!$user instanceof UserInterface) { throw new \RuntimeException(sprintf('The UserProviderInterface implementation must return an instance of UserInterface, but returned "%s".', get_class($user))); } if (true !== $this->compareHashes($hash, $this->generateCookieHash($class, $username, $expires, $user->getPassword()))) { throw new AuthenticationException('The cookie\'s hash is invalid.'); } if ($expires < time()) { throw new AuthenticationException('The cookie has expired.'); } return $user; }
/** * {@inheritdoc} */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { if ($request->isXmlHttpRequest()) { $result = array('success' => false, 'message' => $exception->getMessage()); return new JsonResponse($result); } }
/** * This is called when an interactive authentication attempt fails. This is * called by authentication listeners inheriting from * AbstractAuthenticationListener. * * @param Request $request * @param AuthenticationException $exception * * @return Response The response to return, never null */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { $session = $this->entityManager->getRepository('BDNUserBundle:Session')->createBlock($request->getClientIp()); $this->entityManager->persist($session); $this->entityManager->flush(); return new JsonResponse(['result' => $exception->getMessage()], 401); }
public function handle(GetResponseEvent $event) { // Don't do anything when the auto_login query parameter is not found if (!($autoLogin = $event->getRequest()->get('auto_login', false))) { return; } # Decode the parameter and split into username and key. $autoLogin = base64_decode($autoLogin); list($username, $autoLoginKey) = explode(':', $autoLogin); # Find the user in the user provider for the given class try { $user = $this->userProvider->loadUserByUsername($username); } catch (\Exception $ex) { if (!$ex instanceof AuthenticationException) { $ex = new AuthenticationException($ex->getMessage(), $ex->getCode(), $ex); } throw $ex; } // Try and authenticate the token try { $token = $this->authenticationManager->authenticate(new AutoLoginToken($user, $this->providerKey, $autoLoginKey)); } catch (AuthenticationException $e) { return; } // If everything is ok, store the received authenticated token if ($token) { $this->tokenStorage->setToken($token); } }
/** * This is called when an interactive authentication attempt fails. This is * called by authentication listeners inheriting from * AbstractAuthenticationListener. * * @param Request $request * @param AuthenticationException $exception * @return Response the response to return */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { $response = $this->rf->getErrorResponse(); $response->setStatusCode(Response::HTTP_UNAUTHORIZED); $response->setErrors(array('message' => $exception->getMessage())); $response->setStatusCode(400); return $response; }
/** * {@inheritDoc} */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { if ($request->isXmlHttpRequest() || $request->getRequestFormat() !== 'html') { $json = array('code' => 401, 'message' => $this->translator->trans($exception->getMessage())); return new Response(json_encode($json), 401); } return parent::onAuthenticationFailure($request, $exception); }
/** * {@inheritDoc} */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { if ($request->isXmlHttpRequest()) { $json = array('has_error' => true, 'error' => $exception->getMessage()); return new JsonResponse($json); } return parent::onAuthenticationFailure($request, $exception); }
/** * onAuthenticationFailure * * @author Joe Sexton <*****@*****.**> * @param Request $request * @param AuthenticationException $exception * @return Response */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { $this->logger->warning(sprintf('%s.[%s].%s.[%s] => %s', 'AuthenticationFailure', 'This user fail to connect', $request->getClientIp(), $exception->getCode(), $exception->getMessage())); if ($request->isXmlHttpRequest()) { $array = array('success' => false, 'message' => $exception->getMessage()); $response = new Response(json_encode($array)); $response->headers->set('Content-Type', 'application/json'); return $response; } else { if ($request->headers->get('Referer')) { $request->getSession()->set(SecurityContextInterface::AUTHENTICATION_ERROR, $exception); return new RedirectResponse($request->headers->get('Referer')); } else { throw new AuthenticationException("No route used before"); } } }
/** * {@inheritDoc} */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { if ($request->isXmlHttpRequest()) { $response = new JsonResponse(array('code' => 400, 'message' => $exception->getMessage())); } else { $response = parent::onAuthenticationFailure($request, $exception); } return $response; }
public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { if (null !== $this->logger) { $this->logger->info(sprintf('Authentication request failed: %s', $exception->getMessage())); } $this->securityContext->setToken(null); $request->getSession()->set(SecurityContextInterface::AUTHENTICATION_ERROR, $exception); throw $exception; }
public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { if ($request->isXmlHttpRequest()) { $result = array('success' => false, 'message' => $exception->getMessage()); $response = new Response(json_encode($result)); $response->headers->set('Content-Type', 'application/json'); return $response; } }
public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { $message = $exception->getMessage(); $error['error'] = $message; $data = json_encode($error, JSON_FORCE_OBJECT); $response = new Response(null, Response::HTTP_UNAUTHORIZED); $response->setContent($data); $response->headers->set('Content-Type', 'application/json'); return $response; }
/** * {@inheritdoc} */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { if ($exception instanceof BadCredentialsException) { if (null !== $this->logger) { $username = $request->request->get('_username'); $this->logger->error($exception->getMessage(), ['username' => $username]); } } return parent::onAuthenticationFailure($request, $exception); }
/** * onAuthenticationFailure * * @author Joe Sexton <*****@*****.**> * @param Request $request * @param AuthenticationException $exception * @return Response */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { // if AJAX login if ($request->isXmlHttpRequest()) { $array = array('success' => false, 'message' => $exception->getMessage()); // data to return via JSON if (strstr($exception->getMessage(), 'timed out')) { $array['csrf_token'] = $this->service_container->get('security.csrf.token_manager')->getToken('authenticate')->getValue(); } $response = new Response(json_encode($array)); $response->headers->set('Content-Type', 'application/json'); return $response; // if form login } else { // set authentication exception to session $request->getSession()->set(SecurityContextInterface::AUTHENTICATION_ERROR, $exception); return new RedirectResponse($this->router->generate('fos_user_security_login')); } }
/** * {@inheritDoc} */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { // We keep the relevant infos of the exception $alert = array('message' => $exception->getMessage(), 'level' => 'error'); // And return the encoded alert in response $response = new Response(json_encode($alert), 403); // OK, this might not be the most appropriate HTTP status code, but apparently nobody agrees on this one $response->headers->set('Content-Type', 'application/json'); return $response; }
/** * This is called when an interactive authentication attempt fails. This is * called by authentication listeners inheriting from * AbstractAuthenticationListener. * * @param Request $request * @param AuthenticationException $exception * @return Response the response to return */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { if ($request->isXmlHttpRequest()) { $result = array('success' => false, 'message' => $exception->getMessage()); $response = new Response(json_encode($result)); $response->headers->set('Content-Type', 'application/json'); return $response; } $this->container->get('session')->set('error', 'Bad credentials.'); return new RedirectResponse($this->container->get('router')->generate('login')); }
/** * This is called when an interactive authentication attempt fails. * * @param Request $request * @param AuthenticationException $exception * * @return Response */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { if ($request->isXmlHttpRequest()) { $result = array('success' => false); return new Response(json_encode($result)); } else { // Handle non XmlHttp request. $parameters = array('status_text' => $exception->getMessage(), 'status_code' => $exception->getCode()); return $this->templating->renderResponse('TwigBundle:Exception:error.html.twig', $parameters); } }
public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { $session = $request->getSession(); if (!$session->has('redirect')) { $session->set('redirect', $request->headers->get('referer')); } $url = $this->router->generate('login'); $response = new RedirectResponse($url); $request->getSession()->setFlash('error', $exception->getMessage()); return $response; }
public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { if ($request->isXmlHttpRequest()) { if ($this->env != 'dev') { $msg = $this->translator->trans($exception->getMessageKey(), $exception->getMessageData(), 'security'); } else { $msg = $exception->getMessage(); } return new JsonResponse($msg, Response::HTTP_UNAUTHORIZED); } return parent::onAuthenticationFailure($request, $exception); }
public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { $message = $this->translator->trans($exception->getMessage()); if ($request->isXmlHttpRequest()) { $content = array('success' => false, 'message' => $message); return new JsonResponse($content, 400); } $request->getSession()->set('_target_path', $request->request->get('_target_path')); $username = $request->request->get('_username'); $this->getLogService()->info('user', 'login_fail', "用户名:{$username},登录失败:{$message}"); return parent::onAuthenticationFailure($request, $exception); }
/** * Authentication Failure * * @param Request $request * @param AuthenticationException $exception * @return \Symfony\Component\HttpFoundation\JsonResponse */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { $post = $request->request->all(); $result = array('status' => 'error', 'message' => null, 'code' => 401); // Validates the login parameters if (!$post['username']) { $result['message'] = 'Invalid User.'; } else { if (!$post['password']) { $result['message'] = 'Invalid password.'; } else { if ($exception->getMessage() == 'Bad credentials.') { $result['message'] = 'Unauthorized access.'; return $this->app->json($result); } else { $result['message'] = $exception->getMessage(); } } } return $this->app->json($result, 401); }
private function handleAuthenticationError(GetResponseEvent $event, BridgeRequest $request, AuthenticationException $failed) { $token = $this->tokenStorage->getToken(); if ($token instanceof OAuth2Token) { $this->tokenStorage->setToken(null); } $this->logger->info(sprintf('Authentication request failed : %s', $failed->getMessage())); if ($this->ignoreFailure) { return; } $event->setResponse($this->authenticationEntryPoint->start($request, $failed)); }
public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { $url = $this->router->generate('admin_home'); $response = new RedirectResponse($url); $request->getSession()->setFlash('error', $exception->getMessage()); return $response; }