/** * {@inheritdoc} */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); if ($this->securityContext->getToken() !== null) { return; } if ($request->getRequestUri() == '/app_dev.php/api/login' || $request->getRequestUri() == '/api/login') { return; } //Try to reach token from HTTP headers if ($request->headers->has('X-Auth-Token')) { $tokenId = $request->headers->get('X-Auth-Token'); } else { $tokenId = $request->get('token'); } //by token if (isset($tokenId)) { $user = $this->userProvider->findUserByToken($tokenId); if (!$user) { throw new BadCredentialsException(); } try { $token = new ApiToken([], $this->providerId, $this->key); $token->setUser($user); $authenticatedToken = $this->authenticationManager->authenticate($token); $this->securityContext->setToken($authenticatedToken); } catch (AuthenticationException $e) { //log something } } }
/** * Attempts to authenticate a TokenInterface object. * * @param TokenInterface $token The TokenInterface instance to authenticate * * @return TokenInterface An authenticated TokenInterface instance, never null * * @throws AuthenticationException if the authentication fails */ public function authenticate(TokenInterface $token) { if (!$this->supports($token)) { return null; } $user = $token->getUser(); /** @var ApiToken $token */ if ($this->key !== $token->getKey()) { throw new BadCredentialsException('The presented key does not match.'); } $this->userChecker->checkPostAuth($user); $authenticatedToken = new ApiToken($user->getRoles(), $this->providerId, $this->key); $authenticatedToken->setUser($user); $authenticatedToken->setAttributes($token->getAttributes()); $authenticatedToken->setAuthenticated(true); return $authenticatedToken; }