src/Security/JWTTokenAuthenticator.php line 46

Open in your IDE?
  1. <?php
  2. namespace App\Security;
  3. use Symfony\Component\HttpFoundation\Request;
  4. use Symfony\Component\HttpFoundation\Response;
  5. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  6. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  7. use Symfony\Component\Security\Core\User\UserProviderInterface;
  8. use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
  9. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  10. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  11. use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
  12. use Lexik\Bundle\JWTAuthenticationBundle\Services\JWTTokenManagerInterface;
  13. class JWTTokenAuthenticator extends AbstractAuthenticator
  14. {
  15. private $jwtManager;
  16. private $userProvider;
  17. public function __construct(JWTTokenManagerInterface $jwtManager,
  18. UserProviderInterface $userProvider
  19. ) {
  20. $this->jwtManager = $jwtManager;
  21. $this->userProvider = $userProvider;
  22. }
  23. public function supports(Request $request): ?bool
  24. {
  25. return $request->headers->has('Authorization');
  26. }
  27. public function authenticate(Request $request): Passport
  28. {
  29. $authHeader = $request->headers->get('Authorization');
  30. if (!$authHeader || 0 !== strpos($authHeader, 'Bearer ')) {
  31. throw new AuthenticationException('No JWT token found');
  32. }
  33. $token = substr($authHeader, 7);
  34. $data = $this->jwtManager->parse($token);
  35. return new SelfValidatingPassport(
  36. new UserBadge($data['email'], function ($userIdentifier) {
  37. return $this->userProvider->loadUserByUsername($userIdentifier);
  38. })
  39. );
  40. }
  41. public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
  42. {
  43. return null; // continue the request
  44. }
  45. public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
  46. {
  47. return new Response("Authentication Failed", Response::HTTP_UNAUTHORIZED);
  48. }
  49. }