src/ApiV3Bundle/Security/Firewall/BasicAuthenticationListener.php line 11

Open in your IDE?
  1. <?php
  3. namespace ApiV3Bundle\Security\Firewall;
  5. use ApiV3Bundle\Exception\ErrorCode;
  6. use Symfony\Component\HttpFoundation\Request;
  7. use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
  9. class BasicAuthenticationListener extends BaseAuthenticationListener
  10. {
  11.     public function handle(Request $request)
  12.     {
  13.         if (null !== $this->getTokenStorage()->getToken()) {
  14.             return;
  15.         }
  17.         if (null === $username $request->headers->get('PHP_AUTH_USER')) {
  18.             return;
  19.         }
  21.         $user $this->validUser($username$request->headers->get('PHP_AUTH_PW'));
  22.         $token $this->createTokenFromRequest($request$user['id']);
  23.         $this->getTokenStorage()->setToken($token);
  24.     }
  26.     private function validUser($username$password)
  27.     {
  28.         $user $this->getUserService()->getUserByLoginField($username);
  29.         if (empty($user)) {
  30.             throw new UnauthorizedHttpException('Basic''用户帐号不存在'nullErrorCode::INVALID_CREDENTIAL);
  31.         }
  33.         if (!$this->getUserService()->verifyPassword($user['id'], $password)) {
  34.             throw new UnauthorizedHttpException('Basic''帐号密码不正确'nullErrorCode::INVALID_CREDENTIAL);
  35.         }
  37.         if ($user['locked']) {
  38.             throw new UnauthorizedHttpException('Basic''用户已锁定,请联系网校管理员'nullErrorCode::BANNED_CREDENTIAL);
  39.         }
  41.         return $user;
  42.     }
  43. }