src/TSMS/TsmsBundle/Security/Listener/SessionListener.php line 91

Open in your IDE?
  1. <?php
  2. /**
  3. * Copyright (C) SUEZ Smart Solutions - All Rights Reserved
  4. * On’Connect Gateway Management, 2018
  5. * Unauthorized copying of this file, via any medium is strictly prohibited
  6. * Proprietary and confidential
  7. * For the full copyright and license information, please report to the LICENSE CONTRACT.
  8. */
  10. /**
  11.  * Created by PhpStorm.
  12.  * User: dhaoui.walid<dhaoui.walid@gmail.com>
  13.  * Date: 10/03/2015
  14.  * Time: 15:51.
  15.  */
  17. namespace TSMS\TsmsBundle\Security\Listener;
  19. use Doctrine\ORM\EntityManager;
  20. use Symfony\Component\HttpFoundation\RedirectResponse;
  21. use Symfony\Component\HttpFoundation\Response;
  22. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  23. use Symfony\Component\HttpKernel\Event\GetResponseEvent;
  24. use Symfony\Component\HttpKernel\HttpKernelInterface;
  25. use Symfony\Component\Routing\RouterInterface;
  26. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  27. use TSMS\AdminBundle\Entity\MaintenanceMessage;
  28. use TSMS\CoreBundle\Entity\User;
  30. class SessionListener
  31. {
  32.     /**
  33.      * @var SessionInterface
  34.      */
  35.     protected $session;
  37.     /**
  38.      * @var RouterInterface
  39.      */
  40.     protected $router;
  42.     /**
  43.      * @var int
  44.      */
  45.     protected $maxIdleTime;
  47.     /**
  48.      * @var bool
  49.      */
  50.     protected $modeMaintenance;
  52.     /**
  53.      * @var TokenStorageInterface
  54.      */
  55.     protected $securityToken;
  57.     /**
  58.      * @var bool
  59.      */
  60.     private $authorizedAccount;
  62.     /**
  63.      * @var bool
  64.      */
  65.     private $entityManager;
  67.     /**
  68.      * @param SessionInterface $session
  69.      * @param RouterInterface $router
  70.      * @param int $maxIdleTime
  71.      * @param bool $modeMaintenance
  72.      */
  73.     public function __construct(
  74.         SessionInterface $session,
  75.         RouterInterface $router,
  76.         TokenStorageInterface $securityToken,
  77.         $maxIdleTime 0,
  78.         $modeMaintenance false,
  79.         $authorizedAccount = [],
  80.         EntityManager $entityManager
  81.     ) {
  82.         $this->session     $session;
  83.         $this->router      $router;
  84.         $this->securityToken      $securityToken;
  85.         $this->maxIdleTime $maxIdleTime;
  86.         $this->modeMaintenance $modeMaintenance;
  87.         $this->authorizedAccount $authorizedAccount;
  88.         $this->entityManager $entityManager;
  89.     }
  91.     public function onKernelRequest(GetResponseEvent $event)
  92.     {
  93.         $maintenanceMessageRepository $this->entityManager->getRepository(MaintenanceMessage::class);
  95.         $maintenanceMessage $maintenanceMessageRepository->findFirst();
  96.         /** si mode maintenance est activĂ© rediriger l'utilisateur vers la page "site en maintenance" */
  98.         $isEnabledMaintenance = ($this->modeMaintenance || $maintenanceMessage instanceof MaintenanceMessage);
  99.         $token $this->securityToken->getToken();
  100.         $user null;
  101.         if ($token) {
  102.             $user $token->getUser();
  103.         }
  104.         if($isEnabledMaintenance
  105.             && ($user InstanceOf User && !in_array($user->getEmail(), $this->authorizedAccount)
  106.             &&  !in_array($event->getRequest()->get('_route') ,['login','site_under_maintenance']))){
  107.             $event->setResponse(new RedirectResponse($this->router->generate('site_under_maintenance')));
  108.           return;
  109.         }
  111.         if(!$isEnabledMaintenance   &&  $event->getRequest()->get('_route') == 'site_under_maintenance'){
  112.             $event->setResponse(new RedirectResponse($this->router->generate('login')));
  113.           return;
  114.         }
  116.         if ($this->maxIdleTime <= 0) {
  117.             return;
  118.         }
  120.         if (HttpKernelInterface::MASTER_REQUEST !== $event->getRequestType()) {
  121.             return;
  122.         }
  124.         if ($this->checkIfShouldContinueSession($event)) {
  125.             return;
  126.         }
  128.         // Beyond this points, session is killed.
  129.         $this->session->invalidate();
  131.         $response $this->getResponse($event);
  132.         $event->setResponse($response);
  134.         return;
  135.     }
  137.     /**
  138.      * Checks if session is fresh enough against max allowed idle time and sends signal to destroy it or not.
  139.      *
  140.      * @param GetResponseEvent $event
  141.      *
  142.      * @return bool should stop and destroy session
  143.      */
  144.     protected function checkIfShouldContinueSession(GetResponseEvent $event)
  145.     {
  146.         $this->session->start();
  148.         if (false !== ($lastUsed $this->defineLastUsed($event))) {
  149.             $this->session->set('last_used'$lastUsed);
  150.         }
  152.         $refreshLastUsed $this->session->get('last_used');
  154.         if ((time() - $refreshLastUsed) <= $this->maxIdleTime) {
  155.             return true;
  156.         }
  158.         return;
  159.     }
  161.     /**
  162.      * Determines whether the session's last used should be refresh or not.
  163.      *
  164.      * @param GetResponseEvent $event
  165.      *
  166.      * @return int|bool whether to refresh or not
  167.      */
  168.     protected function defineLastUsed(GetResponseEvent $event)
  169.     {
  170.         // If route is checking session, there fore it musn't be refresh prior to having its idle time looked at.
  171.         if ('check_session' !== $event->getRequest()->get('_route')) {
  172.             return time();
  173.         }
  175.         // If last used is absent from Session data, refresh it using metadata bag's lastUsed.
  176.         if (!$this->session->get('last_used')) {
  177.             return $this->session->getMetadataBag()->getLastUsed();
  178.         }
  180.         // If reaching this point, then nothing to do.
  181.         return false;
  182.     }
  184.     protected function getResponse(GetResponseEvent $event)
  185.     {
  186.         if ($event->getRequest()->isXmlHttpRequest()) {
  187.             $response = new Response('Session expired');
  188.             $response->setStatusCode(Response::HTTP_FORBIDDEN);
  190.             return $response;
  191.         }
  193.         $redirectParameters = [];
  194.         if (!in_array($event->getRequest()->get('_route'), array('login''logout''check_session''login_check'))) {
  195.             $redirectParameters['_target_path'] = $event->getRequest()->getRequestUri();
  196.         }
  198.         if ('check_session' === $event->getRequest()->getRequestUri()) {
  199.             $redirectParameters['_inactivity'] = true;
  200.         }
  202.         return new RedirectResponse($this->router->generate('logout'$redirectParameters));
  203.     }
  204. }