src/Eccube/EventListener/TwoFactorAuthListener.php line 74

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of EC-CUBE
  5.  *
  6.  * Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
  7.  *
  8.  * http://www.ec-cube.co.jp/
  9.  *
  10.  * For the full copyright and license information, please view the LICENSE
  11.  * file that was distributed with this source code.
  12.  */
  14. namespace Eccube\EventListener;
  16. use Eccube\Common\EccubeConfig;
  17. use Eccube\Entity\Member;
  18. use Eccube\Request\Context;
  19. use Eccube\Service\TwoFactorAuthService;
  20. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  21. use Symfony\Component\HttpFoundation\RedirectResponse;
  22. use Symfony\Component\HttpKernel\Event\ControllerArgumentsEvent;
  23. use Symfony\Component\HttpKernel\KernelEvents;
  24. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  26. class TwoFactorAuthListener implements EventSubscriberInterface
  27. {
  28.     /**
  29.      * @var array 2段階認証のチェックを除外するroute
  30.      */
  31.     public const ROUTE_EXCLUDE = ['admin_two_factor_auth''admin_two_factor_auth_set'];
  33.     /**
  34.      * @var EccubeConfig
  35.      */
  36.     protected $eccubeConfig;
  38.     /**
  39.      * @var Context
  40.      */
  41.     protected $requestContext;
  43.     /**
  44.      * @var UrlGeneratorInterface
  45.      */
  46.     protected $router;
  48.     /**
  49.      * @var TwoFactorAuthService
  50.      */
  51.     protected $twoFactorAuthService;
  53.     /**
  54.      * @param EccubeConfig $eccubeConfig
  55.      * @param Context $context,
  56.      * @param UrlGeneratorInterface $router
  57.      * @param EncoderFactoryInterface $encoderFactory
  58.      */
  59.     public function __construct(
  60.         EccubeConfig $eccubeConfig,
  61.         Context $requestContext,
  62.         UrlGeneratorInterface $router,
  63.         TwoFactorAuthService $twoFactorAuthService
  64.     ) {
  65.         $this->eccubeConfig $eccubeConfig;
  66.         $this->requestContext $requestContext;
  67.         $this->router $router;
  68.         $this->twoFactorAuthService $twoFactorAuthService;
  69.     }
  71.     /**
  72.      * @param ControllerArgumentsEvent $event
  73.      */
  74.     public function onKernelController(ControllerArgumentsEvent $event)
  75.     {
  76.         if (!$event->isMainRequest()) {
  77.             return;
  78.         }
  80.         if (!$this->requestContext->isAdmin()) {
  81.             return;
  82.         }
  84.         if (!$this->twoFactorAuthService->isEnabled()) {
  85.             return;
  86.         }
  88.         $route $event->getRequest()->attributes->get('_route');
  89.         if (in_array($routeself::ROUTE_EXCLUDE)) {
  90.             return;
  91.         }
  93.         if (
  94.             ($Member $this->requestContext->getCurrentUser())
  95.             && $Member instanceof Member
  96.             && $Member->isTwoFactorAuthEnabled()
  97.             && !$this->twoFactorAuthService->isAuth($Member)
  98.         ) {
  99.             // トークン入力
  100.             if ($Member->getTwoFactorAuthKey()) {
  101.                 $url $this->router->generate('admin_two_factor_auth', [], UrlGeneratorInterface::ABSOLUTE_PATH);
  102.             }
  104.             // 2段階認証設定
  105.             else {
  106.                 $url $this->router->generate('admin_two_factor_auth_set', [], UrlGeneratorInterface::ABSOLUTE_PATH);
  107.             }
  108.             $event->setController(function () use ($url) {
  109.                 return new RedirectResponse($url$status 302);
  110.             });
  111.         }
  112.     }
  114.     /**
  115.      * @return array
  116.      */
  117.     public static function getSubscribedEvents()
  118.     {
  119.         return [
  120.             KernelEvents::CONTROLLER_ARGUMENTS => ['onKernelController'7],
  121.         ];
  122.     }
  123. }