src/Eccube/EventListener/TwoFactorAuthListener.php line 74

Open in your IDE?
  1. <?php
  2. /*
  3.  * This file is part of EC-CUBE
  4.  *
  5.  * Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
  6.  *
  7.  * http://www.ec-cube.co.jp/
  8.  *
  9.  * For the full copyright and license information, please view the LICENSE
  10.  * file that was distributed with this source code.
  11.  */
  12. namespace Eccube\EventListener;
  13. use Eccube\Common\EccubeConfig;
  14. use Eccube\Entity\Member;
  15. use Eccube\Request\Context;
  16. use Eccube\Service\TwoFactorAuthService;
  17. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  18. use Symfony\Component\HttpFoundation\RedirectResponse;
  19. use Symfony\Component\HttpKernel\Event\FilterControllerEvent;
  20. use Symfony\Component\HttpKernel\KernelEvents;
  21. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  22. class TwoFactorAuthListener implements EventSubscriberInterface
  23. {
  24.     /**
  25.      * @var array 2段階認証のチェックを除外するroute
  26.      */
  27.     const ROUTE_EXCLUDE = ['admin_two_factor_auth''admin_two_factor_auth_set'];
  28.     /**
  29.      * @var EccubeConfig
  30.      */
  31.     protected $eccubeConfig;
  32.     /**
  33.      * @var Context
  34.      */
  35.     protected $requestContext;
  36.     /**
  37.      * @var UrlGeneratorInterface
  38.      */
  39.     protected $router;
  40.     /**
  41.      * @var TwoFactorAuthService
  42.      */
  43.     protected $twoFactorAuthService;
  44.     /**
  45.      * @param EccubeConfig $eccubeConfig
  46.      * @param Context $context,
  47.      * @param UrlGeneratorInterface $router
  48.      * @param EncoderFactoryInterface $encoderFactory
  49.      */
  50.     public function __construct(
  51.         EccubeConfig $eccubeConfig,
  52.         Context $requestContext,
  53.         UrlGeneratorInterface $router,
  54.         TwoFactorAuthService $twoFactorAuthService
  55.     ) {
  56.         $this->eccubeConfig $eccubeConfig;
  57.         $this->requestContext $requestContext;
  58.         $this->router $router;
  59.         $this->twoFactorAuthService $twoFactorAuthService;
  60.     }
  61.     /**
  62.      * @param FilterControllerEvent $event
  63.      */
  64.     public function onKernelController(FilterControllerEvent $event)
  65.     {
  66.         if (!$event->isMasterRequest()) {
  67.             return;
  68.         }
  69.         if (!$this->requestContext->isAdmin()) {
  70.             return;
  71.         }
  72.         if (!$this->twoFactorAuthService->isEnabled()) {
  73.             return;
  74.         }
  75.         $route $event->getRequest()->attributes->get('_route');
  76.         if (in_array($routeself::ROUTE_EXCLUDE)) {
  77.             return;
  78.         }
  79.         if (
  80.             ($Member $this->requestContext->getCurrentUser())
  81.             && $Member instanceof Member
  82.             && $Member->isTwoFactorAuthEnabled()
  83.             && !$this->twoFactorAuthService->isAuth($Member)
  84.         ) {
  85.             // トークン入力
  86.             if ($Member->getTwoFactorAuthKey()) {
  87.                 $url $this->router->generate('admin_two_factor_auth', [], UrlGeneratorInterface::ABSOLUTE_PATH);
  88.             }
  89.             // 2段階認証設定
  90.             else {
  91.                 $url $this->router->generate('admin_two_factor_auth_set', [], UrlGeneratorInterface::ABSOLUTE_PATH);
  92.             }
  93.             $event->setController(function () use ($url) {
  94.                 return new RedirectResponse($url$status 302);
  95.             });
  96.         }
  97.     }
  98.     /**
  99.      * @return array
  100.      */
  101.     public static function getSubscribedEvents()
  102.     {
  103.         return [
  104.             KernelEvents::CONTROLLER_ARGUMENTS => ['onKernelController'7],
  105.         ];
  106.     }
  107. }