src/EventSubscriber/TotpTokenCreator.php line 59

Open in your IDE?
  1. <?php
  3. namespace App\EventSubscriber;
  5. use Doctrine\ORM\EntityManagerInterface;
  6. use Scheb\TwoFactorBundle\Security\TwoFactor\Provider\Totp\TotpAuthenticatorInterface;
  7. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  8. use Symfony\Component\HttpFoundation\RedirectResponse;
  9. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  10. use Symfony\Component\HttpKernel\Event\ControllerEvent;
  11. use Symfony\Component\HttpKernel\Event\RequestEvent;
  12. use Symfony\Component\HttpKernel\Event\ResponseEvent;
  14. use Symfony\Component\Routing\RouterInterface;
  15. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  16. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  17. use Symfony\Component\Security\Core\Event\AuthenticationSuccessEvent;
  18. use Symfony\Component\Security\Http\Event\AuthenticationTokenCreatedEvent;
  19. use Symfony\Component\Security\Http\Event\CheckPassportEvent;
  20. use Symfony\Component\Security\Http\Event\LoginSuccessEvent;
  22. class TotpTokenCreator implements EventSubscriberInterface
  23. {
  24.     /**
  25.      * @var TotpAuthenticatorInterface
  26.      */
  27.     private $totpAuthenticator;
  28.     /**
  29.      * @var EntityManagerInterface
  30.      */
  31.     private $entityManager;
  32.     /**
  33.      * @var TokenStorageInterface
  34.      */
  35.     private $tokenStorage;
  36.     /**
  37.      * @var RouterInterface
  38.      */
  39.     private $router;
  41.     private $exclude_routes = [
  42.         'app_2fa_showcode',
  43.         'app_2fa_png'
  44.     ];
  45.     /**
  46.      * @var SessionInterface
  47.      */
  48.     private $session;
  50.     public function __construct(TotpAuthenticatorInterface $totpAuthenticatorEntityManagerInterface $entityManagerTokenStorageInterface $tokenStorageRouterInterface $routerSessionInterface $session)
  51.     {
  52.         $this->totpAuthenticator $totpAuthenticator;
  53.         $this->entityManager $entityManager;
  54.         $this->tokenStorage $tokenStorage;
  55.         $this->router $router;
  56.         $this->session $session;
  57.     }
  59.     public function onLoginSuccess(LoginSuccessEvent $event)
  60.     {
  61.         $passport $event->getPassport();
  62.         $user $passport->getUser();
  64.         if (!$user->isTotpAuthenticationEnabled()) {
  65.             $user->setTotpSecret($this->totpAuthenticator->generateSecret());
  66.             $this->entityManager->flush();
  67.             $this->session->set('newTotp'true);
  68.         }
  69.     }
  71.     public function onKernelRequest(RequestEvent $event)
  72.     {
  73.         $token $this->tokenStorage->getToken();
  74.         if (!$token) {
  75.             return ;
  76.         }
  78.         $user $token->getUser();
  79.         if (!$user) {
  80.             return ;
  81.         }
  83.         $session_flag $this->session->has('newTotp');
  84.         if ($session_flag === true && null !== $event->getRequest()->attributes->get('_route') && !in_array($event->getRequest()->attributes->get('_route'), $this->exclude_routes)) {
  85.             $event->setResponse(new RedirectResponse(
  86.                 $this->router->generate('app_2fa_showcode')
  87.             ));
  88.         }
  89.     }
  91.     public static function getSubscribedEvents()
  92.     {
  93.         return [
  94.             LoginSuccessEvent::class => 'onLoginSuccess',
  95.             RequestEvent::class => 'onKernelRequest'
  96.         ];
  97.     }
  98. }