/**
* {@inheritdoc}
*/
protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
{
if ($this->disablePassword) {
return true;
}
parent::checkAuthentication($user, $token);
}
protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
{
if (!$user instanceof EzUserInterface) {
return parent::checkAuthentication($user, $token);
}
// $currentUser can either be an instance of UserInterface or just the username (e.g. during form login).
/** @var EzUserInterface|string $currentUser */
$currentUser = $token->getUser();
if ($currentUser instanceof UserInterface) {
if ($currentUser->getAPIUser()->passwordHash !== $user->getAPIUser()->passwordHash) {
throw new BadCredentialsException('The credentials were changed from another session.');
}
$apiUser = $currentUser->getAPIUser();
} else {
try {
$apiUser = $this->repository->getUserService()->loadUserByCredentials($token->getUsername(), $token->getCredentials());
} catch (NotFoundException $e) {
throw new BadCredentialsException('Invalid credentials', 0, $e);
}
}
// Finally inject current user in the Repository
$this->repository->setCurrentUser($apiUser);
}
