vendor/symfony/security/Http/Firewall/RememberMeListener.php line 35

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the Symfony package.
  5.  *
  6.  * (c) Fabien Potencier <fabien@symfony.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace Symfony\Component\Security\Http\Firewall;
  14. use Psr\Log\LoggerInterface;
  15. use Symfony\Component\EventDispatcher\LegacyEventDispatcherProxy;
  16. use Symfony\Component\HttpFoundation\Request;
  17. use Symfony\Component\HttpKernel\Event\RequestEvent;
  18. use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
  19. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  20. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  21. use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
  22. use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
  23. use Symfony\Component\Security\Http\SecurityEvents;
  24. use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategy;
  25. use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface;
  26. use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
  28. /**
  29.  * RememberMeListener implements authentication capabilities via a cookie.
  30.  *
  31.  * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  32.  *
  33.  * @final since Symfony 4.3
  34.  */
  35. class RememberMeListener extends AbstractListener implements ListenerInterface
  36. {
  37.     use LegacyListenerTrait;
  39.     private $tokenStorage;
  40.     private $rememberMeServices;
  41.     private $authenticationManager;
  42.     private $logger;
  43.     private $dispatcher;
  44.     private $catchExceptions true;
  45.     private $sessionStrategy;
  47.     public function __construct(TokenStorageInterface $tokenStorageRememberMeServicesInterface $rememberMeServicesAuthenticationManagerInterface $authenticationManagerLoggerInterface $logger nullEventDispatcherInterface $dispatcher nullbool $catchExceptions trueSessionAuthenticationStrategyInterface $sessionStrategy null)
  48.     {
  49.         $this->tokenStorage $tokenStorage;
  50.         $this->rememberMeServices $rememberMeServices;
  51.         $this->authenticationManager $authenticationManager;
  52.         $this->logger $logger;
  54.         if (null !== $dispatcher && class_exists(LegacyEventDispatcherProxy::class)) {
  55.             $this->dispatcher LegacyEventDispatcherProxy::decorate($dispatcher);
  56.         } else {
  57.             $this->dispatcher $dispatcher;
  58.         }
  60.         $this->catchExceptions $catchExceptions;
  61.         $this->sessionStrategy $sessionStrategy ?? new SessionAuthenticationStrategy(SessionAuthenticationStrategy::MIGRATE);
  62.     }
  64.     /**
  65.      * {@inheritdoc}
  66.      */
  67.     public function supports(Request $request): ?bool
  68.     {
  69.         return null// always run authenticate() lazily with lazy firewalls
  70.     }
  72.     /**
  73.      * Handles remember-me cookie based authentication.
  74.      */
  75.     public function authenticate(RequestEvent $event)
  76.     {
  77.         if (null !== $this->tokenStorage->getToken()) {
  78.             return;
  79.         }
  81.         $request $event->getRequest();
  82.         try {
  83.             if (null === $token $this->rememberMeServices->autoLogin($request)) {
  84.                 return;
  85.             }
  86.         } catch (AuthenticationException $e) {
  87.             if (null !== $this->logger) {
  88.                 $this->logger->warning(
  89.                     'The token storage was not populated with remember-me token as the'
  90.                    .' RememberMeServices was not able to create a token from the remember'
  91.                    .' me information.', ['exception' => $e]
  92.                 );
  93.             }
  95.             $this->rememberMeServices->loginFail($request);
  97.             if (!$this->catchExceptions) {
  98.                 throw $e;
  99.             }
  101.             return;
  102.         }
  104.         try {
  105.             $token $this->authenticationManager->authenticate($token);
  106.             if ($request->hasSession() && $request->getSession()->isStarted()) {
  107.                 $this->sessionStrategy->onAuthentication($request$token);
  108.             }
  109.             $this->tokenStorage->setToken($token);
  111.             if (null !== $this->dispatcher) {
  112.                 $loginEvent = new InteractiveLoginEvent($request$token);
  113.                 $this->dispatcher->dispatch($loginEventSecurityEvents::INTERACTIVE_LOGIN);
  114.             }
  116.             if (null !== $this->logger) {
  117.                 $this->logger->debug('Populated the token storage with a remember-me token.');
  118.             }
  119.         } catch (AuthenticationException $e) {
  120.             if (null !== $this->logger) {
  121.                 $this->logger->warning(
  122.                     'The token storage was not populated with remember-me token as the'
  123.                    .' AuthenticationManager rejected the AuthenticationToken returned'
  124.                    .' by the RememberMeServices.', ['exception' => $e]
  125.                 );
  126.             }
  128.             $this->rememberMeServices->loginFail($request$e);
  130.             if (!$this->catchExceptions) {
  131.                 throw $e;
  132.             }
  133.         }
  134.     }
  135. }