src/Controller/Frontend/SecurityController.php line 145

Open in your IDE?
  1. <?php
  3. namespace App\Controller\Frontend;
  5. use App\Entity\User\AccessToken;
  6. use App\Exception\RefreshTokenExpiredException;
  7. use App\Service\AccessTokenService;
  8. use App\ViewModel\Frontend\AccessTokenViewModel;
  9. use Doctrine\ORM\EntityManagerInterface;
  10. use Exception;
  11. use Nelmio\ApiDocBundle\Annotation\Model;
  12. use Nelmio\ApiDocBundle\Annotation\Security;
  13. use OpenApi\Annotations as OA;
  14. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  15. use Symfony\Component\Form\Extension\Core\Type\FormType;
  16. use Symfony\Component\Form\Extension\Core\Type\TextType;
  17. use Symfony\Component\Form\FormFactoryInterface;
  18. use Symfony\Component\HttpFoundation\JsonResponse;
  19. use Symfony\Component\HttpFoundation\Request;
  20. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  21. use Symfony\Component\Routing\Annotation\Route;
  22. use Symfony\Component\Validator\Constraints\NotNull;
  24. class SecurityController extends AbstractController {
  26.     /**
  27.      * @var AccessTokenService
  28.      */
  29.     private $accessTokenService;
  31.     /**
  32.      * @var EntityManagerInterface
  33.      */
  34.     private $entityManager;
  36.     /**
  37.      * @var FormFactoryInterface
  38.      */
  39.     private $formFactory;
  41.     /**
  42.      * SecurityController constructor.
  43.      *
  44.      * @param AccessTokenService $accessTokenService
  45.      * @param EntityManagerInterface $entityManager
  46.      * @param FormFactoryInterface $formFactory
  47.      */
  48.     public function __construct(
  49.         AccessTokenService $accessTokenService,
  50.         EntityManagerInterface $entityManager,
  51.         FormFactoryInterface $formFactory
  52.     ) {
  53.         $this->accessTokenService $accessTokenService;
  54.         $this->entityManager $entityManager;
  55.         $this->formFactory $formFactory;
  56.     }
  58.     /**
  59.      * Perform user login
  60.      *
  61.      * @Route(path="/login", methods={"POST"})
  62.      * @Security(name=null)
  63.      * @OA\RequestBody(
  64.      *     @OA\JsonContent(
  65.      *         type="object",
  66.      *         @OA\Property(property="username", type="string", nullable=false),
  67.      *         @OA\Property(property="password", type="string", nullable=false)
  68.      *     )
  69.      * )
  70.      * @OA\Response(
  71.      *     response=200,
  72.      *     description="The access token",
  73.      *     @Model(type=AccessTokenViewModel::class)
  74.      * )
  75.      * @OA\Response(
  76.      *     response=401,
  77.      *     description="Authentication failed",
  78.      *     @OA\JsonContent(
  79.      *         type="object",
  80.      *         @OA\Property(property="error", type="string")
  81.      *     )
  82.      * )
  83.      * @throws Exception
  84.      */
  85.     public function loginAction() {
  86.         $user $this->getUser();
  87.         $accessToken $this->accessTokenService->createAccessToken($user);
  88.         $accessTokenViewModel AccessTokenViewModel::create($accessToken);
  90.         return $this->json($accessTokenViewModel);
  91.     }
  93.     /**
  94.      * Refresh an expired accessToken with the refreshToken
  95.      *
  96.      * @Route(path="/token", methods={"POST"})
  97.      * @param Request $request
  98.      *
  99.      * @return JsonResponse
  100.      * @throws RefreshTokenExpiredException
  101.      * @throws Exception
  102.      *
  103.      * @OA\RequestBody(
  104.      *     @OA\JsonContent(
  105.      *          @OA\Property(property="refreshToken", type="string", nullable="false")
  106.      *     )
  107.      * )
  108.      * @OA\Response(
  109.      *     response="200",
  110.      *     description="Refreshed token",
  111.      *     @Model(type=AccessTokenViewModel::class)
  112.      * )
  113.      * @OA\Response(
  114.      *     response="400",
  115.      *     ref="#/components/schemas/BadRequestError"
  116.      * )
  117.      * @OA\Response(
  118.      *     response="404",
  119.      *     ref="#/components/schemas/NotFoundError"
  120.      * )
  121.      */
  122.     public function refreshTokenAction(Request $request) {
  123.         $form $this->formFactory
  124.             ->create(FormType::class)
  125.             ->add(
  126.                 'refreshToken',
  127.                 TextType::class,
  128.                 [
  129.                     'constraints' => [new NotNull()],
  130.                 ]
  131.             );
  133.         $form->submit(json_decode($request->getContent(), true));
  134.         if(!$form->isSubmitted() || !$form->isValid()) {
  135.             throw new BadRequestHttpException();
  136.         }
  138.         $refreshToken $form->get('refreshToken')->getData();
  140.         $accessToken $this->entityManager
  141.             ->getRepository(AccessToken::class)
  142.             ->findByRefreshToken($refreshToken);
  144.         if($accessToken === null) {
  145.             throw $this->createNotFoundException();
  146.         }
  148.         $accessToken $this->accessTokenService
  149.             ->refreshAccessToken($accessToken);
  151.         $accessTokenViewModel AccessTokenViewModel::create($accessToken);
  153.         return $this->json($accessTokenViewModel);
  154.     }
  155. }