src/EventSubscriber/LoginAttemptSubscriber.php line 37

Open in your IDE?
  1. <?php
  3. namespace App\EventSubscriber;
  5. use App\Entity\SsoUser;
  6. use Doctrine\ORM\EntityManagerInterface;
  7. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  8. use Symfony\Component\HttpFoundation\RequestStack;
  9. use Symfony\Component\Security\Core\Event\AuthenticationFailureEvent;
  10. use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
  11. use Symfony\Component\Workflow\Registry;
  13. class LoginAttemptSubscriber implements EventSubscriberInterface
  14. {
  15.     private $requestStack;
  16.     private $workflows;
  17.     private $em;
  18.     private const MAX_ATTEMPTS 3;
  20.     public function __construct(RequestStack $requestStackRegistry $workflowsEntityManagerInterface $em)
  21.     {
  22.         $this->requestStack $requestStack;
  23.         $this->workflows $workflows;
  24.         $this->em $em;
  25.     }
  27.     public static function getSubscribedEvents(): array
  28.     {
  29.         return [
  30.             // En el sistema Guard (legacy), este es el evento de fallo
  31.             'security.authentication.failure' => 'onAuthenticationFailure',
  32.             // Este es el evento de éxito
  33.             'security.interactive_login' => 'onLoginSuccess',
  34.         ];
  35.     }
  37.     public function onAuthenticationFailure(AuthenticationFailureEvent $event): void
  38.     {
  39.         $session $this->requestStack->getSession();
  40.         $attempts $session->get('login_attempts'0) + 1;
  41.         $session->set('login_attempts'$attempts);
  43.         if ($attempts >= self::MAX_ATTEMPTS) {
  44.             // Como el Token está vacío, le pedimos el dato a la Request actual
  45.             $request $this->requestStack->getCurrentRequest();
  46.             
  47.             // Obtenemos el campo 'username' que viene del formulario POST
  48.             $username $request->request->get('username');
  49.             if ($username) {
  50.                 $user $this->em->getRepository(SsoUser::class)->findOneBy([
  51.                     'username' => $username
  52.                 ]);
  54.                 if ($user instanceof SsoUser) {
  55.                     $workflow $this->workflows->get($user'usuario');
  56.                     
  57.                     if ($workflow->can($user'bloquear')) {
  58.                         $workflow->apply($user'bloquear');
  59.                         $this->em->flush();
  60.                     }
  61.                 }
  62.             }
  63.         }
  64.     }
  66.     public function onLoginSuccess(InteractiveLoginEvent $event): void
  67.     {
  68.         // Si el login es correcto, reseteamos el contador de la sesión
  69.         $this->requestStack->getSession()->remove('login_attempts');
  70.     }
  71. }