src/EventListener/UserResolveListener.php line 48

Open in your IDE?
  1. <?php
  2. /**
  3.  * Created by PhpStorm.
  4.  * User: grego
  5.  * Date: 02/06/2022
  6.  * Time: 11:02
  7.  */
  9. namespace App\EventListener;
  11. use App\Entity\BruteForceLogs;
  12. use Doctrine\ORM\EntityManagerInterface;
  13. use Symfony\Component\DependencyInjection\ContainerInterface;
  14. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  15. use Symfony\Component\Security\Core\User\UserProviderInterface;
  16. use Trikoder\Bundle\OAuth2Bundle\Event\UserResolveEvent;
  18. final class UserResolveListener
  19. {
  20.     /**
  21.      * @var UserProviderInterface
  22.      */
  23.     private $userProvider;
  25.     /**
  26.      * @var UserPasswordEncoderInterface
  27.      */
  28.     private $userPasswordEncoder;
  30.     private $container;
  31.     private $em;
  33.     /**
  34.      * @param UserProviderInterface $userProvider
  35.      * @param UserPasswordEncoderInterface $userPasswordEncoder
  36.      */
  37.     public function __construct(UserProviderInterface $userProviderUserPasswordEncoderInterface $userPasswordEncoderContainerInterface $containerEntityManagerInterface $em)
  38.     {
  39.         $this->userProvider $userProvider;
  40.         $this->userPasswordEncoder $userPasswordEncoder;
  41.         $this->container $container;
  42.         $this->em $em;
  43.     }
  45.     /**
  46.      * @param UserResolveEvent $event
  47.      */
  48.     public function onUserResolve(UserResolveEvent $event): void
  49.     {
  50.         $user $this->userProvider->loadUserByUsername($event->getUsername());
  52.         $ip $this->container->get('request_stack')->getCurrentRequest()->getClientIp();
  53.         $brutForceLogs $this->em->getRepository(BruteForceLogs::class)->findBy(array('ipAddress' => $ip), array('id' => 'DESC'));
  54.         if($brutForceLogs){
  55.             $brutForceLog $brutForceLogs[0];
  56.         } else {
  57.             $brutForceLog = new BruteForceLogs();
  58.             $brutForceLog->setIpAddress($ip);
  59.             $brutForceLog->setAttempts(0);
  60.         }
  62.         $loginAttempts $brutForceLog->getAttempts() + 1;
  63.         $brutForceLog->setAttempts($loginAttempts);
  64.         if ($loginAttempts == 3) {
  65.             $unlockDate = new \DateTime();
  66.             $unlockDate->modify('+3 minutes');
  67.             $brutForceLog->setUnlockDate($unlockDate);
  68.         } elseif ($loginAttempts == 6) {
  69.             $unlockDate = new \DateTime();
  70.             $unlockDate->modify('+10 minutes');
  71.             $brutForceLog->setUnlockDate($unlockDate);
  72.         } elseif ($loginAttempts == 9) {
  73.             $unlockDate = new \DateTime();
  74.             $unlockDate->modify('+60 minutes');
  75.             $brutForceLog->setUnlockDate($unlockDate);
  76.         } elseif($loginAttempts 9){
  77.             $brutForceLog->setUnlockDate(null);
  78.             $brutForceLog->setAttempts(1);
  79.         }
  80.         $this->em->persist($brutForceLog);
  81.         $this->em->flush();
  83.         if (null === $user) {
  84.             return;
  85.         }
  87.         if (!$this->userPasswordEncoder->isPasswordValid($user$event->getPassword())) {
  88.             return;
  89.         }
  91.         $now = new \DateTime();
  92.         if ($brutForceLog->getUnlockDate() >= $now) {
  93.             return;
  94.         }
  96.         $brutForceLog->setAttempts(0);
  97.         $this->em->persist($brutForceLog);
  98.         $this->em->flush();
  99.         $event->setUser($user);
  100.     }
  101. }