From ae7c9df246807a6a3b4808e0dc201d9078f3b745 Mon Sep 17 00:00:00 2001
From: Marko <52066939+HeX87@users.noreply.github.com>
Date: Thu, 2 Nov 2023 14:39:37 +0100
Subject: [PATCH] add authentication
---
.idea/dataSources.xml | 4 +-
config/packages/monolog.yaml | 10 +++--
config/packages/security.yaml | 12 ++++--
src/Security/ApiKeyAuthenticator.php | 64 ++++++++++++++++++++++++++++
4 files changed, 82 insertions(+), 8 deletions(-)
create mode 100644 src/Security/ApiKeyAuthenticator.php
diff --git a/.idea/dataSources.xml b/.idea/dataSources.xml
index 7781fac..a831897 100644
--- a/.idea/dataSources.xml
+++ b/.idea/dataSources.xml
@@ -8,13 +8,13 @@
jdbc:mysql://127.0.0.1:3306
$ProjectFileDir$
-
+
mariadb
true
true
DDEV generated data source
org.mariadb.jdbc.Driver
- jdbc:mariadb://127.0.0.1:60799/db?user=db&password=db
+ jdbc:mariadb://127.0.0.1:55619/db?user=db&password=db
$ProjectFileDir$
diff --git a/config/packages/monolog.yaml b/config/packages/monolog.yaml
index 8c9efa9..8c1dc99 100644
--- a/config/packages/monolog.yaml
+++ b/config/packages/monolog.yaml
@@ -41,10 +41,14 @@ when@prod:
monolog:
handlers:
main:
- type: fingers_crossed
+ type: stream
+ path: "%kernel.logs_dir%/%kernel.environment%.log"
+ level: debug
+ channels: [ "!event" ]
+ #type: fingers_crossed
action_level: error
handler: nested
- excluded_http_codes: [404, 405]
+ #excluded_http_codes: [404, 405]
buffer_size: 50 # How many messages should be saved? Prevent memory leaks
nested:
type: stream
@@ -58,4 +62,4 @@ when@prod:
deprecation:
type: stream
channels: [deprecation]
- path: php://stderr
+ path: php://stderr
\ No newline at end of file
diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 367af25..bfe9203 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -4,14 +4,20 @@ security:
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
# https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
providers:
- users_in_memory: { memory: null }
+ users_in_memory: { memory: {
+ users: [
+ { identifier: "ahch0joh9ahthoh6xiew9Eer5aevieR1", roles: ["ROLE_USER"] }
+ ]
+ } }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
- lazy: true
+ #lazy: true
provider: users_in_memory
+ custom_authenticators:
+ - App\Security\ApiKeyAuthenticator
# activate different ways to authenticate
# https://symfony.com/doc/current/security.html#the-firewall
@@ -36,4 +42,4 @@ when@test:
algorithm: auto
cost: 4 # Lowest possible value for bcrypt
time_cost: 3 # Lowest possible value for argon
- memory_cost: 10 # Lowest possible value for argon
+ memory_cost: 10 # Lowest possible value for argon
\ No newline at end of file
diff --git a/src/Security/ApiKeyAuthenticator.php b/src/Security/ApiKeyAuthenticator.php
new file mode 100644
index 0000000..913d405
--- /dev/null
+++ b/src/Security/ApiKeyAuthenticator.php
@@ -0,0 +1,64 @@
+headers->has('X-AUTH-TOKEN');
+ }
+
+ public function authenticate(Request $request): Passport
+ {
+ $apiKey = $request->headers->get('X-AUTH-TOKEN');
+
+ if (null === $apiKey) {
+ // The token header was empty, authentication fails with HTTP Status
+ // Code 401 "Unauthorized"
+ throw new CustomUserMessageAuthenticationException('No API key found', [], Response::HTTP_UNAUTHORIZED);
+ }
+
+ return new SelfValidatingPassport(
+ new UserBadge($apiKey)
+ );
+ }
+
+ public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
+ {
+ return null;
+ }
+
+ public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
+ {
+ # dump($exception);
+
+ $data = [
+ 'message' => $exception->getMessage()
+ ];
+
+ return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
+ }
+
+}
\ No newline at end of file