93 lines
3.5 KiB
PHP
93 lines
3.5 KiB
PHP
<?php
|
|
|
|
namespace Trinity\Bundle\UserBundle\Controller;
|
|
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
use Symfony\Component\Security\Core\SecurityContext;
|
|
use FOS\UserBundle\Controller\SecurityController as BaseSecurityController;
|
|
|
|
class SecurityAdminController extends BaseSecurityController
|
|
{
|
|
public function loginAction(Request $request)
|
|
{
|
|
/** @var $session \Symfony\Component\HttpFoundation\Session\Session */
|
|
$session = $request->getSession();
|
|
|
|
// get the error if any (works with forward and redirect -- see below)
|
|
if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
|
|
$error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
|
|
} elseif (null !== $session && $session->has(SecurityContext::AUTHENTICATION_ERROR)) {
|
|
$error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
|
|
$session->remove(SecurityContext::AUTHENTICATION_ERROR);
|
|
} else {
|
|
$error = '';
|
|
}
|
|
|
|
if ($error) {
|
|
// TODO: this is a potential security risk (see http://trac.symfony-project.org/ticket/9523)
|
|
$error = $error->getMessage();
|
|
}
|
|
// last username entered by the user
|
|
$lastUsername = (null === $session) ? '' : $session->get(SecurityContext::LAST_USERNAME);
|
|
|
|
$csrfToken = $this->container->has('form.csrf_provider')
|
|
? $this->container->get('form.csrf_provider')->generateCsrfToken('authenticate')
|
|
: null;
|
|
|
|
if ($request->isXmlHttpRequest()) {
|
|
return $this->renderXhrLogin(array(
|
|
'last_username' => $lastUsername,
|
|
'error' => $error,
|
|
'csrf_token' => $csrfToken,
|
|
));
|
|
} else {
|
|
return $this->renderLogin(array(
|
|
'last_username' => $lastUsername,
|
|
'error' => $error,
|
|
'csrf_token' => $csrfToken,
|
|
'logo' => '/bundles/trinityadminmenu/img/logo_signin.png'
|
|
));
|
|
}
|
|
}
|
|
|
|
protected function renderLogin(array $data)
|
|
{
|
|
$template = sprintf('TrinityUserBundle:Security\Admin:login.html.%s', $this->container->getParameter('fos_user.template.engine'));
|
|
|
|
return $this->container->get('templating')->renderResponse($template, $data);
|
|
}
|
|
|
|
protected function renderXhrLogin(array $data)
|
|
{
|
|
$template = sprintf('TrinityUserBundle:Security\Admin:loginXHR.html.%s', $this->container->getParameter('fos_user.template.engine'));
|
|
|
|
return $this->container->get('templating')->renderResponse($template, $data);
|
|
}
|
|
|
|
public function checkAction()
|
|
{
|
|
throw new \RuntimeException('You must configure the check path to be handled by the firewall using form_login in your security firewall configuration.');
|
|
}
|
|
|
|
public function xhrcheckAction(Request $request)
|
|
{
|
|
if (false === $this->container->get('request')->isXmlHttpRequest()) {
|
|
throw new \RuntimeException('This action is allowed in XHR context only.');
|
|
}
|
|
|
|
$result = array('success' => true);
|
|
|
|
if (false === $this->container->get('security.context')->isGranted($this->container->getParameter('trinity_user.bo_auth_role'))) {
|
|
$result = array('success' => false);
|
|
}
|
|
|
|
$response = new Response(json_encode($result));
|
|
$response->headers->set('Content-Type', 'application/json');
|
|
|
|
return $response;
|
|
|
|
}
|
|
|
|
}
|