OrangeJungle/CdsConnector
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add authentication

Browse Source
This commit is contained in:
Marko 2023-11-02 14:39:37 +01:00
parent e8a531b407
commit ae7c9df246
No known key found for this signature in database
4 changed files with 82 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.idea/dataSources.xml
View File

@ -8,13 +8,13 @@
<jdbc-url>jdbc:mysql://127.0.0.1:3306</jdbc-url> <jdbc-url>jdbc:mysql://127.0.0.1:3306</jdbc-url>
<working-dir>$ProjectFileDir$</working-dir> <working-dir>$ProjectFileDir$</working-dir>
</data-source> </data-source>
<data-source source="LOCAL" name="DDEV" uuid="ac04e527-2f9a-49a3-9321-8e4d0cb5d115"> <data-source source="LOCAL" name="DDEV" uuid="5ac23057-b782-421b-8d88-fecc4d3386ee">
<driver-ref>mariadb</driver-ref> <driver-ref>mariadb</driver-ref>
<synchronize>true</synchronize> <synchronize>true</synchronize>
<configured-by-url>true</configured-by-url> <configured-by-url>true</configured-by-url>
<remarks>DDEV generated data source</remarks> <remarks>DDEV generated data source</remarks>
<jdbc-driver>org.mariadb.jdbc.Driver</jdbc-driver> <jdbc-driver>org.mariadb.jdbc.Driver</jdbc-driver>
<jdbc-url>jdbc:mariadb://127.0.0.1:60799/db?user=db&amp;password=db</jdbc-url> <jdbc-url>jdbc:mariadb://127.0.0.1:55619/db?user=db&amp;password=db</jdbc-url>
<working-dir>$ProjectFileDir$</working-dir> <working-dir>$ProjectFileDir$</working-dir>
</data-source> </data-source>
</component> </component>

10
config/packages/monolog.yaml
View File

@ -41,10 +41,14 @@ when@prod:
monolog: monolog:
handlers: handlers:
main: main:
type: fingers_crossed type: stream
path: "%kernel.logs_dir%/%kernel.environment%.log"
level: debug
channels: [ "!event" ]
#type: fingers_crossed
action_level: error action_level: error
handler: nested handler: nested
excluded_http_codes: [404, 405] #excluded_http_codes: [404, 405]
buffer_size: 50 # How many messages should be saved? Prevent memory leaks buffer_size: 50 # How many messages should be saved? Prevent memory leaks
nested: nested:
type: stream type: stream
@ -58,4 +62,4 @@ when@prod:
deprecation: deprecation:
type: stream type: stream
channels: [deprecation] channels: [deprecation]
path: php://stderr path: php://stderr

12
config/packages/security.yaml
View File

@ -4,14 +4,20 @@ security:
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto' Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
# https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
providers: providers:
users_in_memory: { memory: null } users_in_memory: { memory: {
users: [
{ identifier: "ahch0joh9ahthoh6xiew9Eer5aevieR1", roles: ["ROLE_USER"] }
]
} }
firewalls: firewalls:
dev: dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/ pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false security: false
main: main:
lazy: true #lazy: true
provider: users_in_memory provider: users_in_memory
custom_authenticators:
- App\Security\ApiKeyAuthenticator
# activate different ways to authenticate # activate different ways to authenticate
# https://symfony.com/doc/current/security.html#the-firewall # https://symfony.com/doc/current/security.html#the-firewall
@ -36,4 +42,4 @@ when@test:
algorithm: auto algorithm: auto
cost: 4 # Lowest possible value for bcrypt cost: 4 # Lowest possible value for bcrypt
time_cost: 3 # Lowest possible value for argon time_cost: 3 # Lowest possible value for argon
memory_cost: 10 # Lowest possible value for argon memory_cost: 10 # Lowest possible value for argon

64
src/Security/ApiKeyAuthenticator.php Normal file
View File

@ -0,0 +1,64 @@
<?php
namespace App\Security;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
class ApiKeyAuthenticator extends AbstractAuthenticator
{
/**
* Called on every request to decide if this authenticator should be
* used for the request. Returning `false` will cause this authenticator
* to be skipped.
*
* @param Request $request
* @return bool|null
*/
public function supports(Request $request): ?bool
{
return true;
//return $request->headers->has('X-AUTH-TOKEN');
}
public function authenticate(Request $request): Passport
{
$apiKey = $request->headers->get('X-AUTH-TOKEN');
if (null === $apiKey) {
// The token header was empty, authentication fails with HTTP Status
// Code 401 "Unauthorized"
throw new CustomUserMessageAuthenticationException('No API key found', [], Response::HTTP_UNAUTHORIZED);
}
return new SelfValidatingPassport(
new UserBadge($apiKey)
);
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
{
return null;
}
public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
{
# dump($exception);
$data = [
'message' => $exception->getMessage()
];
return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
}
}