OrangeJungle/CdsConnector
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add authentication

Browse Source
This commit is contained in:
Marko
2023-11-02 14:39:37 +01:00
parent e8a531b407
commit ae7c9df246
4 changed files with 82 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
src/Security/ApiKeyAuthenticator.php Normal file
View File

@@ -0,0 +1,64 @@
<?php
namespace App\Security;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
class ApiKeyAuthenticator extends AbstractAuthenticator
{
/**
* Called on every request to decide if this authenticator should be
* used for the request. Returning `false` will cause this authenticator
* to be skipped.
*
* @param Request $request
* @return bool|null
*/
public function supports(Request $request): ?bool
{
return true;
//return $request->headers->has('X-AUTH-TOKEN');
}
public function authenticate(Request $request): Passport
{
$apiKey = $request->headers->get('X-AUTH-TOKEN');
if (null === $apiKey) {
// The token header was empty, authentication fails with HTTP Status
// Code 401 "Unauthorized"
throw new CustomUserMessageAuthenticationException('No API key found', [], Response::HTTP_UNAUTHORIZED);
}
return new SelfValidatingPassport(
new UserBadge($apiKey)
);
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
{
return null;
}
public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
{
# dump($exception);
$data = [
'message' => $exception->getMessage()
];
return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
}
}