Skip to content
Snippets Groups Projects
index.php 2.04 KiB
Newer Older
  • Learn to ignore specific revisions
  • Maxime Veber's avatar
    Maxime Veber committed
    <?php
    
    require __DIR__ . '/vendor/autoload.php';
    
    use Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager;
    use Symfony\Component\Security\Core\Exception\AuthenticationException;
    use Symfony\Component\Security\Core\User\InMemoryUserProvider;
    
    use Symfony\Component\Security\Core\Authentication\Provider\DaoAuthenticationProvider;
    use Symfony\Component\Security\Core\User\UserChecker;
    
    use Symfony\Component\Security\Core\Encoder\EncoderFactory;
    use Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder;
    use Symfony\Component\Security\Core\User\User;
    
    $app = new Silex\Application();
    
    $app['debug'] = true;
    
    $userProvider = new InMemoryUserProvider(
        array(
            'admin' => array(
                // password is "foo"
                'password' => '5FZ2Z8QIkA7UTZ4BYkoC+GsReLf569mSKDsfods6LYQ8t+a8EW9oaircfMpmaLbPBh4FOBiiFyLfuZmTSUwzZg==',
                'roles'    => array('ROLE_ADMIN'),
            ),
        )
    );
    
    
    $app->get('/', function () use ($userProvider) {
    
    
        $providers = [new \BiiG\SecurityTest\CustomAuthenticationProvider()];
        $authenticationManager = new AuthenticationProviderManager($providers);
    
        // for some extra checks: is account enabled, locked, expired, etc.
        $userChecker = new \Symfony\Component\Security\Core\User\UserChecker();
    
        try {
            $authenticatedToken = $authenticationManager
                ->authenticate($unauthenticatedToken);
    
    
    // for some extra checks: is account enabled, locked, expired, etc.
            $userChecker = new UserChecker();
    
    // an array of password encoders (see below)
            $encoderFactory = new EncoderFactory([
                User::class => new MessageDigestPasswordEncoder('sha512', true, 5000),
            ]);
    
            $provider = new DaoAuthenticationProvider(
                $userProvider,
                $userChecker,
                'secured_area',
                $encoderFactory
            );
    
            $provider->authenticate($unauthenticatedToken);
    
        } catch (AuthenticationException $failed) {
            // authentication failed
        }
    
    
        return '<h1>Hello world</h1>';
    });
    
    
    $app->run();