src/Security/BruteforceProtectionListener.php line 73

Open in your IDE?
  1. <?php
  3. namespace App\Security;
  5. use App\Security\BruteforceProtectedControllerInterface;
  6. use App\Security\BruteforceProtectionHandler;
  7. use Pimcore\Bundle\AdminBundle\Security\Exception\BruteforceProtectionException;
  8. use Pimcore\Bundle\CoreBundle\EventListener\Traits\PimcoreContextAwareTrait;
  9. use Pimcore\Http\Request\Resolver\PimcoreContextResolver;
  10. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  11. use Symfony\Component\HttpFoundation\Response;
  12. use Symfony\Component\HttpKernel\Event\ControllerEvent;
  13. use Symfony\Component\HttpKernel\Event\ExceptionEvent;
  14. use Symfony\Component\HttpKernel\KernelEvents;
  15. use Pimcore\Log\ApplicationLogger;
  16. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  18. /**
  19.  * @internal
  20.  */
  21. class BruteforceProtectionListener implements EventSubscriberInterface
  22. {
  23.     use PimcoreContextAwareTrait;
  25.     /**
  26.      * @var BruteforceProtectionHandler
  27.      */
  28.     protected $handler;
  30.     /**
  31.      * @var ApplicationLogger 
  32.      */
  33.     private $logger;
  35.     private $authenticationUtils;
  36.     /**
  37.      * @param BruteforceProtectionHandler $handler
  38.      */
  39.     public function __construct(BruteforceProtectionHandler $handlerApplicationLogger $logger,AuthenticationUtils $authenticationUtils)
  40.     {
  41.         $this->handler $handler;
  42.         $this->logger $logger;
  43.         $this->authenticationUtils $authenticationUtils;
  44.     }
  46.     /**
  47.      * {@inheritdoc}
  48.      */
  49.     public static function getSubscribedEvents()
  50.     {
  51.         return [
  52.             KernelEvents::CONTROLLER => 'onKernelController',
  53.             KernelEvents::EXCEPTION => 'onKernelException',
  54.         ];
  55.     }
  57.     public function onKernelController(ControllerEvent $event)
  58.     {
  59.         $request $event->getRequest();
  60.         if (!$this->matchesPimcoreContext($requestPimcoreContextResolver::CONTEXT_DEFAULT)) {
  61.             return;
  62.         }
  64.         $callable $event->getController();
  65.         if (is_array($callable)) {
  66.             $controller $callable[0];
  67.             if ($controller instanceof BruteforceProtectedControllerInterface) {
  68.                 $this->handler->checkProtection($this->authenticationUtils->getLastUsername(), $request);
  69.             }
  70.         }
  71.     }
  73.     public function onKernelException(ExceptionEvent $event)
  74.     {
  75.         // handle brute force exception and return a plaintext response
  76.         $e $event->getThrowable();
  77.         if ($e instanceof BruteforceProtectionException) {
  78.             $this->logger->error('Error al verificar el usuario ' $e->getMessage());
  79.             $event->setResponse(new Response($e->getMessage()));
  80.         }
  81.     }
  82. }