src/Listener/Jwt/JWTDecodedListener.php line 63

Open in your IDE?
  1. <?php
  3. namespace App\Listener\Jwt;
  5. use App\DataFixtures\Data\DataInit;
  6. use App\Doctrine\DBAL\DossierConnection;
  7. use App\Entity\Main\Dossier;
  8. use App\Entity\Main\DroitsAcces;
  9. use App\Entity\Main\Parametres;
  10. use App\Entity\Main\Session;
  11. use App\Entity\Main\Utilisateur;
  12. use Doctrine\ORM\EntityManagerInterface;
  13. use Doctrine\ORM\Query;
  14. use Doctrine\Persistence\ManagerRegistry;
  15. use Lexik\Bundle\JWTAuthenticationBundle\Event\JWTDecodedEvent;
  16. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  17. use Symfony\Component\HttpFoundation\RequestStack;
  19. class JWTDecodedListener
  20. {
  21.     /**
  22.      * @var RequestStack
  23.      */
  24.     private $requestStack;
  27.     /**
  28.      * @var EntityManagerInterface
  29.      */
  30.     private $em;
  33.     /**
  34.      * @var ManagerRegistry
  35.      */
  36.     private $managerRegistry;
  38.     /**
  39.      * @var EventDispatcherInterface
  40.      */
  41.     protected $dispatcher;
  43.     /**
  44.      * @param RequestStack $requestStack
  45.      * @param EntityManagerInterface $em
  46.      * @param ManagerRegistry $managerRegistry
  47.      * @param EventDispatcherInterface $dispatcher
  48.      */
  49.     public function __construct(RequestStack $requestStackEntityManagerInterface $emManagerRegistry $managerRegistryEventDispatcherInterface $dispatcher)
  50.     {
  51.         $this->requestStack $requestStack;
  52.         $this->em $em;
  53.         $this->managerRegistry $managerRegistry;
  54.         $this->dispatcher $dispatcher;
  56.     }
  58.     /**
  59.      * @param JWTDecodedEvent $event
  60.      *
  61.      * @return void
  62.      */
  63.     public function onJWTDecoded(JWTDecodedEvent $event)
  64.     {
  65.         // si mise en cours, couper la connexion
  66.         if($_ENV['AZIZ_MISEAJOURS_BLOQUER_CONNEXION'] == "1"){
  67.             $event->markAsInvalid();
  68.         }else {
  71.             $payload $event->getPayload();
  72.             $request $this->requestStack->getCurrentRequest();
  73.             $query $request->query->all();
  75.             //1- tester si la session == utilisateur.sessionActive
  76.             // 1.1 recupérer la session via le front
  77.             if (isset($payload['username']) && isset($query['uid'])) {
  78.                 $uidFront $query['uid'];
  79.                 if (!empty($uidFront)) {
  80.                     /** @var Session $session */
  81.                     $session $this->em->getRepository(Session::class)->findOneBy(["uid" => $uidFront]);
  82.                     /** @var Utilisateur $utilisateur */
  83.                     $utilisateur $this->em->getRepository(Utilisateur::class)->findOneBy(["username" => $payload['username']]);
  86.                     if ($session && $utilisateur) {
  87.                         //- 1 si la session stcoké dans le front ne correspond pas à la session active, alors decionnectrer l'utilisteur
  88.                         if ($session->getId() != $utilisateur->getSessionActive()) {
  89.                             $event->markAsInvalid();
  90.                         }
  93.                         //2- vérifier la fermeture de session
  94.                         $idClient $utilisateur->getAbonnement()->getClient()->getId();
  95.                         $updateDateTimeSession true;
  97.                         if ($idClient) {
  98.                             /** @var Parametres $parametres */
  99.                             $parametres $this->em->getRepository(Parametres::class)->findOneBy(["client" => $idClient]);
  100.                             $dateFinSession $session->getDateTimeFin();
  102.                             if ($parametres) {
  103.                                 $parms $parametres->getParametres();
  104.                                 if (sizeof($parms) > && isset($parms[0]['fermetureSession'])) {
  105.                                     $sessionTimeout $parms[0]['fermetureSession'];
  106.                                 } else {
  107.                                     $sessionTimeout 20// en minutes !
  108.                                 }
  109.                             } else {
  110.                                 $sessionTimeout 20// en minutes !
  111.                             }
  113.                             if ($dateFinSession) {
  116.                                 // calculer le temps session incative
  117.                                 $now = new \DateTime();
  119.                                 $interval $dateFinSession->diff($nowtrue);
  120.                                 $interval_minutes $interval->format('%i');
  121.                                 $interval_heure $interval->format('%h');
  122.                                 $interval_days $interval->format('%d');
  123.                                 $interval_month $interval->format('%m');
  125.                                 $dif = ($interval_minutes $interval_heure 60 $interval_days 24 60 $interval_month 30 24 60) - $sessionTimeout;
  127.                                 if ($dif 0) {
  128.                                     $event->markAsInvalid();
  129.                                     $updateDateTimeSession false;
  130.                                 }
  133.                             }
  135.                         }
  138.                         if (isset($request->attributes->all()["_route"])) {
  139.                             if ($request->attributes->all()["_route"] == "api_historiqueCollaborateur_getAll") {
  140.                                 $updateDateTimeSession false;
  141.                             }
  142.                         }
  144.                         if ($updateDateTimeSession) {
  145.                             //3- update session
  146.                             $session->setDateTimeFin(new \DateTime());
  147.                             $this->em->persist($session);
  148.                             $this->em->flush();
  149.                         }
  150.                     }
  151.                 }
  153.             }
  156. //        if(isset($payload['markAsInvalid'])){
  157. //            if($payload['markAsInvalid'] == "1"){
  158. //                $event->markAsInvalid();
  159. //                return;
  160. //            }
  161. //        }
  164.             //2- Tester droits d'accèes aux dossier demandé
  167.             if (isset($request->attributes->all()['db']) && isset($payload['username'])) {
  168.                 $nomBase $request->attributes->all()['db'];
  169.                 $username $payload['username'];
  170.                 $sql "
  171.                 SELECT
  172.                 droitsacces.id,
  173.                 dossier.utilisable       
  174.                 FROM " DroitsAcces::class . " as droitsacces
  175.                 LEFT JOIN " Utilisateur::class . " as utilisateur WITH droitsacces.utilisateur=utilisateur.id
  176.                 left join " Dossier::class . " as dossier WITH droitsacces.dossier=dossier.id 
  177.                 WHERE utilisateur.username='" $username "' AND dossier.nomBase='" $nomBase "'";
  180.                 /** @var Query $query */
  181.                 $query $this->em->createQuery($sql);
  182.                 $result $query->getResult();
  184.                 if (!$result || sizeof($result) == 0) {
  185.                     $event->markAsInvalid();
  186.                 } else {
  188.                     // changer connextion
  189.                     /** @var DossierConnection $connection */
  190.                     $connection $this->managerRegistry->getConnection('dossier');
  191.                     $connection->changeParams($nomBase);
  192.                     $connection->reconnect();
  195.                 }
  198.             }
  201.         }
  202.     }
  205. }