src/Security/AuthTokenAuthenticator.php line 128

<?php
namespace App\Security;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
use Symfony\Component\Security\Http\HttpUtils;
class AuthTokenAuthenticator extends AbstractAuthenticator
{
/**
* Duree de validite du token en secondes, 12 heures
*/
private const TOKEN_VALIDITY_DURATION = 12 * 3600;
private HttpUtils $httpUtils;
private AuthTokenUserProvider $userProvider;
public function __construct(HttpUtils $httpUtils, AuthTokenUserProvider $userProvider)
{
$this->httpUtils = $httpUtils;
$this->userProvider = $userProvider;
}
public function supports(Request $request): bool
{
$targetUrl = '/auth-tokens';
$targetUrl1 = '/logo';
$targetUrl2 = '/suivitOuvertureMailling';
$targetUrl3 = '/cp';
$targetUrl4 = '/conge';
$targetUrl5 = '/pdf';
$targetUrl6 = '/update/pressroom';
$targetUrl7 = '/image/pressroom';
$targetUrl8 = '/maillings/information';
$targetUrl9 = '/demande/contact';
$targetUrl10 = '/communique/site';
$targetUrl11 = '/desabonner';
$targetUrl12 = '/api/article_sites';
$targetUrl13 = '/image/site';
$targetUrl14 = '/maillings/getNbEnvoyer';
$targetUrl15 = '/api/article_sites';
$targetUrl16 = '/api/mot_cle_sites';
$targetUrl17 = '/cp/client/intranet';
$targetUrl18 = '/api/statistique/clients/agence';
$targetUrl19 = '/mailing/contactsenvoireel';
if ($request->getMethod() === 'POST' && $this->httpUtils->checkRequestPath($request, $targetUrl)) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl1) === 0) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl3) === 0) {
return false;
}
if ($request->getMethod() === 'POST' && $this->httpUtils->checkRequestPath($request, $targetUrl2)) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl4) === 0) {
return false;
}
if ($request->getMethod() === 'POST' && stripos($request->getPathInfo(), $targetUrl5) === 0) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl6) === 0) {
return false;
}
if ($request->getMethod() === 'POST' && stripos($request->getPathInfo(), $targetUrl6) === 0) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl7) === 0) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl8) === 0) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl10) === 0) {
return false;
}
if ($request->getMethod() === 'POST' && stripos($request->getPathInfo(), $targetUrl9) === 0) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl11) === 0) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl12) === 0) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl13) === 0) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl14) === 0) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl15) === 0) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl16) === 0) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl17) === 0) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl18) === 0) {
return false;
}
if ($request->getMethod() === 'GET' && stripos($request->getPathInfo(), $targetUrl19) === 0) {
return false;
}
return true;
}
public function authenticate(Request $request): Passport
{
$authTokenHeader = $request->headers->get('X-Auth-Token');
if (!$authTokenHeader) {
throw new BadCredentialsException('X-Auth-Token header is required');
}
return new SelfValidatingPassport(
new UserBadge($authTokenHeader, function (string $credentials): UserInterface {
$authToken = $this->userProvider->getAuthToken($credentials);
if (!$authToken || !$this->isTokenValid($authToken)) {
throw new CustomUserMessageAuthenticationException('Invalid authentication token');
}
return $authToken->getAuthUser();
})
);
}
/**
* Verifie la validite du token
*/
public function isTokenValid($authToken): bool
{
return (time() - $authToken->getCreatedAt()->getTimestamp()) < self::TOKEN_VALIDITY_DURATION;
}
public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
{
throw $exception;
}
public function onAuthenticationSuccess(Request $request, $token, string $providerKey): ?Response {
return null;
}
public function start(Request $request, AuthenticationException $authException = null): Response
{
return new JsonResponse([
'message' => 'Authentication Required',
], Response::HTTP_UNAUTHORIZED);
}
}

Filepath:: /var/www/html/src/Security/AuthTokenAuthenticator.php
Last modified:: April 27, 2026 22:12
Size:: 7 KB / 168 lines

Open this file in your IDE?

Symfony Profiler

src/Security/AuthTokenAuthenticator.php line 128