Implement ApiTokenAuthenticator

marek-pietrzak-tg · Nov 11, 2015 · 5d2e4bc · 5d2e4bc
1 parent 64b9cd1
commit 5d2e4bc
Showing 1 changed file with 17 additions and 7 deletions.
diff --git a/src/AppBundle/Security/ApiTokenAuthenticator.php b/src/AppBundle/Security/ApiTokenAuthenticator.php
@@ -3,8 +3,10 @@
 namespace AppBundle\Security;
 
 use AppBundle\Repository\ApiUserRepositoryInterface;
+use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
@@ -30,54 +32,62 @@ public function __construct(ApiUserRepositoryInterface $apiUserRepository)
      */
     public function start(Request $request, AuthenticationException $authException = null)
     {
-        // TODO: Implement start() method.
+        return new JsonResponse(['message' => 'Authentication required!'], 401);
     }
 
     /**
      * {@inheritdoc}
      */
     public function getCredentials(Request $request)
     {
-        // TODO: Implement getCredentials() method.
+        return $request->headers->get('X-TOKEN');
     }
 
     /**
      * {@inheritdoc}
      */
     public function getUser($credentials, UserProviderInterface $userProvider)
     {
-        // TODO: Implement getUser() method.
+        $apiUser = $this->apiUserRepository->findOneByApiToken($credentials);
+
+        if (!$apiUser) {
+            throw new AuthenticationCredentialsNotFoundException();
+        }
+
+        return $apiUser;
     }
 
     /**
      * {@inheritdoc}
      */
     public function checkCredentials($credentials, UserInterface $user)
     {
-        // TODO: Implement checkCredentials() method.
+        // valid token === credentials are correct
+        return true;
     }
 
     /**
      * {@inheritdoc}
      */
     public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
     {
-        // TODO: Implement onAuthenticationFailure() method.
+        return new JsonResponse(['message' => $exception->getMessageKey()], 403);
     }
 
     /**
      * {@inheritdoc}
      */
     public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
     {
-        // TODO: Implement onAuthenticationSuccess() method.
+        // do nothing
+        return;
     }
 
     /**
      * {@inheritdoc}
      */
     public function supportsRememberMe()
     {
-        // TODO: Implement supportsRememberMe() method.
+        return false;
     }
 }