[CORE][SECURITY] Move to the new authentication format, for Symfony 5.3

This commit is contained in:
Hugo Sales 2021-11-16 14:48:18 +00:00
parent 05758c999f
commit d9544c6edb
Signed by untrusted user: someonewithpc
GPG Key ID: 7D0C7EAFC9D835A0
3 changed files with 21 additions and 8 deletions

View File

@ -3,8 +3,8 @@ security:
password_hashers: password_hashers:
App\Entity\LocalUser: App\Entity\LocalUser:
algorithm: auto algorithm: auto
providers:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
local_user: local_user:
chain: chain:
providers: [local_user_by_nickname, local_user_by_email] providers: [local_user_by_nickname, local_user_by_email]

View File

@ -82,9 +82,9 @@ class Authenticator extends AbstractFormLoginAuthenticator implements Authentica
public function getCredentials(Request $request): array public function getCredentials(Request $request): array
{ {
return [ return [
'nickname_or_email' => $request->request->get('nickname_or_email'), 'nickname_or_email' => $request->request->get('_username'),
'password' => $request->request->get('password'), 'password' => $request->request->get('_password'),
'csrf_token' => $request->request->get('_csrf_token'), 'csrf_token' => $request->request->get('_csrf_token'),
]; ];
} }
@ -161,7 +161,21 @@ class Authenticator extends AbstractFormLoginAuthenticator implements Authentica
return new RedirectResponse(Router::url('main_all')); return new RedirectResponse(Router::url('main_all'));
} }
protected function getLoginUrl(): string public function authenticate(Request $request): PassportInterface
{
$nickname = $request->request->get('nickname', '');
$request->getSession()->set(Security::LAST_USERNAME, $nickname);
return new Passport(
new UserBadge($nickname),
new PasswordCredentials($request->request->get('password', '')),
[
new CsrfTokenBadge('authenticate', $request->request->get('_csrf_token')),
],
);
}
protected function getLoginUrl()
{ {
return Router::url(self::LOGIN_ROUTE); return Router::url(self::LOGIN_ROUTE);
} }

View File

@ -39,13 +39,12 @@
<div class="mb-3"> <div class="mb-3">
<label class="section-form-label" for="inputNicknameOrEmail">{{ "Nickname or Email" | trans }}</label> <label class="section-form-label" for="inputNicknameOrEmail">{{ "Nickname or Email" | trans }}</label>
<input type="text" value="{{ last_login_id }}" name="nickname_or_email" id="inputNicknameOrEmail" <input type="text" value="{{ last_login_id }}" name="_username" id="inputNicknameOrEmail" class="form-control" required autofocus>
class="form-control" required autofocus>
<p class="help-text">{{ "Your nickname or email address." | trans }}</p> <p class="help-text">{{ "Your nickname or email address." | trans }}</p>
</div> </div>
<div class="mb-3"> <div class="mb-3">
<label class="section-form-label" for="inputPassword">{{ "Password" | trans }}</label> <label class="section-form-label" for="inputPassword">{{ "Password" | trans }}</label>
<input type="password" name="password" id="inputPassword" class="form-control" required> <input type="password" name="_password" id="inputPassword" class="form-control" required>
<p class="help-text">{{ "Your account's password." | trans }}</p> <p class="help-text">{{ "Your account's password." | trans }}</p>
</div> </div>