php – Check username and password agains database or hourly password provider symfony-ThrowExceptions

Exception or error:

I have an API to secure using Symfony 5. If the username and password are valid, I return a JWT token using “LexikJWTAuthenticationBundle”.

If I send a “login_check” request, the Symfony app must check if the user exists on the database and if the password is Ok (already done), or if the username and password sent match with a custom user provider where the password is generated through a custom method hourly.

I have configured a chain_provider in security.yaml and configure the firewall:

    providers:
        chain_provider:
            chain:
                providers: [hourly_password, api_user_provider]
        # user from database
        api_user_provider:
            id: App\Security\Core\User\UserProvider
        # user is always the same but password changes hourly
        hourly_password:
            id: App\Security\Core\User\DiaryPasswordUserProvider
    firewalls:
        login:
            pattern: ^/api/v1/login
            stateless: true
            anonymous: true
            provider: chain_provider
            form_login:
                check_path: /api/v1/login_check
                username_parameter: username
                password_parameter: password
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure
                require_previous_session: false

I has created an additional user class “ServiceUser” and a user provider:

class ServiceUser implements UserInterface
{

    /**
     * @var string Username.
     */
    private $username;

    /**
     * @var array
     */
    private $roles = [];

    /**
     * @var string Hourly password (plain text).
     */
    private $password;

    /**
     * A visual identifier that represents this user.
     *
     * @see UserInterface
     */
    public function getUsername(): string
    {
        return (string) $this->username;
    }

    public function setUsername(string $username): self
    {
        $this->username = $username;

        return $this;
    }

    /**
     * @see UserInterface
     */
    public function getRoles(): array
    {
        $roles = $this->roles;
        // guarantee every user at least has ROLE_USER
        $roles[] = 'ROLE_USER';
        $roles[] = 'ROLE_SUPER_USER';

        return array_unique($roles);
    }

    /**
     * @see UserInterface
     */
    public function getPassword(): string
    {
        return (string) $this->password;
    }

    public function setPassword(string $password): self
    {
        $this->password = $password;

        return $this;
    }

    /**
     * @inheritDoc
     */
    public function getSalt()
    {
        // TODO: Implement getSalt() method.
    }

    /**
     * @inheritDoc
     */
    public function eraseCredentials()
    {
        // TODO: Implement eraseCredentials() method.
    }
}

I do not know what to do to authenticate the user and return the token as I do on my api_user_provider user provider checking if the user exists on the database.

Please, could you help me to check if username is equal to one configured on .env file (SERVICE_USERNAME) and how to check the password sent by the user with my custom password generator method?

Thank you for your help.

How to solve:

Leave a Reply

Your email address will not be published. Required fields are marked *