version 1.0.1 - add security password encoder in Authentication

This commit is contained in:
a-sansara 2017-03-15 16:41:18 +01:00 committed by a-sansara
parent 0eb20a6ed1
commit 9b317826d5
6 changed files with 37 additions and 13 deletions

View File

@ -8,6 +8,7 @@ Core package for silex2 applications
* meta-tech/pws-auth
* meta-tech/silex-controller-service
* silex/silex (v2)
* symfony/security (~3.2)
* gecko-packages/gecko-silex-config-service

12
config/security.yml.dist Normal file
View File

@ -0,0 +1,12 @@
security.firewalls :
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/ws
anonymous: true
security.params :
sleep : 3

View File

@ -12,6 +12,7 @@ namespace MetaTech\Silex;
use Silex\Application as BaseApplication;
use Silex\Provider\SessionServiceProvider;
use Silex\Provider\ServiceControllerServiceProvider;
use Silex\Provider\SecurityServiceProvider;
use GeckoPackages\Silex\Services\Config\ConfigServiceProvider;
/*!
@ -52,6 +53,9 @@ class Application extends BaseApplication
]);
$this->register(new SessionServiceProvider());
$this->register(new ServiceControllerServiceProvider());
if (!empty($this['config']['security'])) {
$this->register(new SecurityServiceProvider(), $this['config']['security']);
}
}
/*!

View File

@ -105,6 +105,7 @@ class UserProvider implements UserProviderInterface
$user = $this->loadUser($username);
$u = new User($user->username, $user->password, explode(',', $user->roles), true, true, true, true);
$u->labelName = $user->name;
$u->key = $user->key;
return $u;
}

View File

@ -13,6 +13,7 @@ use Silex\Application;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface;
use MetaTech\PwsAuth\Authenticator;
use MetaTech\PwsAuth\Token;
@ -24,21 +25,25 @@ use MetaTech\PwsAuth\Token;
*/
class Authentication
{
/*! @protected @®ar Symfony\Component\HttpFoundation\Session\Session $session */
/*! @protected @var Symfony\Component\HttpFoundation\Session\Session $session */
protected $session;
/*! @protected @®ar MetaTech\PwsAuth\Authenticator $authenticator */
/*! @protected @var MetaTech\PwsAuth\Authenticator $authenticator */
protected $authenticator;
/*! @protected @var Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface $passEncoder */
protected $passEncoder;
/*!
* @constructor
* @public
* @param Symfony\Component\HttpFoundation\Session\Session $session
* @param MetaTech\PwsAuth\Authenticator $authenticator
* @param Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface $passEncoder
*/
public function __construct(Session $session, Authenticator $authenticator)
public function __construct(Session $session, Authenticator $authenticator, PasswordEncoderInterface $passEncoder = null)
{
$this->session = $session;
$this->authenticator = $authenticator;
$this->passEncoder = $passEncoder;
}
/*!
@ -73,9 +78,10 @@ class Authentication
* @param str $login
* @param str $password
* @param str $key
* @param Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface $passEncoder
* @return bool
*/
public function checkUser($login, $password, $key)
public function checkUser($login, $password, $key, PasswordEncoderInterface $passEncoder = null)
{
// implements on subclass
return false;
@ -97,7 +103,7 @@ class Authentication
$password = $request->get('password');
if ($this->authenticator->check($token, $login)) {
try {
if ($done = $this->checkUser($login, $password, $token->getIdent())) {
if ($done = $this->checkUser($login, $password, $token->getIdent(), $this->passEncoder)) {
$sid = $this->onSuccess($token, $login);
$msg = "authentication sucessful ! logged as $login";
$data = compact('sid');

View File

@ -38,7 +38,7 @@ class Controller extends Base
public function __construct(Application $app = null)
{
$this->session = $app['session'];
$this->handler = new Authentication($this->session, $app['ws.authenticator']);
$this->handler = new Authentication($this->session, $app['ws.authenticator'], $app['security.default_encoder']);
}
/*!