src/Security/ApiKeyAuthenticator.php line 45

Open in your IDE?
  1. <?php
  3. namespace App\Security;
  5. use App\Entity\ApiToken;
  6. use Doctrine\ORM\EntityManagerInterface;
  7. use Symfony\Component\HttpFoundation\JsonResponse;
  8. use Symfony\Component\HttpFoundation\Request;
  9. use Symfony\Component\HttpFoundation\Response;
  10. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  11. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  12. use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
  13. use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
  14. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  15. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  16. use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
  18. class ApiKeyAuthenticator extends AbstractAuthenticator
  19. {
  21.     protected $_em;
  23.     public function __construct(EntityManagerInterface $em)
  24.     {
  25.         $this->_em $em;
  26.     }
  28.     public function supports(Request $request): ?bool
  29.     {
  30.         return $request->headers->has('Authorization') && str_starts_with($request->headers->get('Authorization'), 'Bearer');
  31.     }
  33.     public function authenticate(Request $request): Passport
  34.     {
  35.         $authorizationHeader $request->headers->get('Authorization');
  37.         if (null === $authorizationHeader) {
  38.             // The token header was empty, authentication fails with HTTP Status
  39.             // Code 401 "Unauthorized"
  40.             throw new CustomUserMessageAuthenticationException('No API token provided');
  41.         }
  43.         $apiToken substr($authorizationHeader7);
  45.         return new SelfValidatingPassport(new UserBadge($apiToken, function ($userIdentifier) {
  46.             $token $this->_em->getRepository(ApiToken::class)->findOneBy([
  47.                 'token' => $userIdentifier,
  48.             ]);
  50.             if (!$token) {
  51.                 throw new CustomUserMessageAuthenticationException(
  52.                     'Invalid API Token'
  53.                 );
  54.             }
  56.             if ($token->isExpired()) {
  57.                 throw new CustomUserMessageAuthenticationException(
  58.                     'Token expired'
  59.                 );
  60.             }
  62.             return $token->getUser();
  63.         }));
  64.     }
  66.     public function onAuthenticationSuccess(Request $requestTokenInterface $token$providerKey): ?Response
  67.     {
  68.         return null;
  69.     }
  71.     public function onAuthenticationFailure(Request $requestAuthenticationException $exception): ?Response
  72.     {
  73.         $data = [
  74.             // you may want to customize or obfuscate the message first
  75.             'message' => strtr($exception->getMessageKey(), $exception->getMessageData())
  77.             // or to translate this message
  78.             // $this->translator->trans($exception->getMessageKey(), $exception->getMessageData())
  79.         ];
  81.         return new JsonResponse($dataResponse::HTTP_UNAUTHORIZED);
  82.     }
  84. }