start hook develop

This commit is contained in:
Hesabix 2024-01-12 18:05:28 +00:00
parent a2df340d79
commit dd42972e38
5 changed files with 131 additions and 5 deletions

View file

@ -25,6 +25,7 @@ security:
custom_authenticators: custom_authenticators:
- App\Security\ApiKeyAuthenticator - App\Security\ApiKeyAuthenticator
- App\Security\ParttyAuthenticator
# activate different ways to authenticate # activate different ways to authenticate
# https://symfony.com/doc/current/security.html#the-firewall # https://symfony.com/doc/current/security.html#the-firewall
@ -50,6 +51,7 @@ security:
access_control: access_control:
# - { path: ^/admin, roles: ROLE_ADMIN } # - { path: ^/admin, roles: ROLE_ADMIN }
- { path: ^/api/acc/*, roles: ROLE_USER } - { path: ^/api/acc/*, roles: ROLE_USER }
- { path: ^/hooks/*, roles: ROLE_USER }
- { path: ^/api/app/*, roles: ROLE_USER } - { path: ^/api/app/*, roles: ROLE_USER }
- { path: ^/api/admin/*, roles: ROLE_ADMIN } - { path: ^/api/admin/*, roles: ROLE_ADMIN }
- { path: ^/app/*, roles: ROLE_ADMIN } - { path: ^/app/*, roles: ROLE_ADMIN }

View file

@ -2,6 +2,7 @@
namespace App\Controller; namespace App\Controller;
use App\Entity\APIToken;
use App\Entity\BankAccount; use App\Entity\BankAccount;
use App\Entity\Commodity; use App\Entity\Commodity;
use App\Entity\HesabdariDoc; use App\Entity\HesabdariDoc;
@ -12,6 +13,7 @@ use App\Entity\Person;
use App\Entity\Plugin; use App\Entity\Plugin;
use App\Entity\User; use App\Entity\User;
use App\Entity\Business; use App\Entity\Business;
use App\Entity\Hook;
use App\Entity\Year; use App\Entity\Year;
use App\Service\Access; use App\Service\Access;
use App\Service\Jdate; use App\Service\Jdate;
@ -544,11 +546,40 @@ class BusinessController extends AbstractController
return $this->json($response); return $this->json($response);
} }
#[Route('v2/api/settings/chack-api', name: 'api_business_check_api')] #[Route('hooks/setting/SetChangeHook', name: 'api_business_SetChangeHook')]
public function api_business_check_api(Access $access,Log $log,Request $request,EntityManagerInterface $entityManager): Response public function api_business_SetChangeHook(Access $access,Log $log,Request $request,EntityManagerInterface $entityManager): JsonResponse
{ {
$api = $entityManager->getRepository(APIToken::class)->findOneBy([
'token' => $request->headers->get('api-key'),
]);
$params = [];
if ($content = $request->getContent()) {
$params = json_decode($content, true);
}
$hook = $entityManager->getRepository(Hook::class)->findOneBy([
'url'=> $params['url'],
'password'=> $params['hookPassword'],
'bid' => $api->getBid(),
'submitter'=>$this->getUser()
]);
if(!$hook){
$hook = new Hook();
$hook->setBid($api->getBid());
$hook->setSubmitter($this->getUser());
$hook->setPassword($params['hookPassword']);
$hook->setUrl($params['url']);
$entityManager->persist($hook);
$entityManager->flush();
}
$year = $entityManager->getRepository(Year::class)->findOneBy(['bid'=>$api->getBid(),'head'=>true])->getId();
return $this->json([ return $this->json([
'Success'=>true 'Success'=>true,
'bid' => $api->getBid()->getId(),
'year' => $year,
'money' => $api->getBid()->getMoney()->getId()
]); ]);
} }
} }

View file

@ -45,4 +45,19 @@ class APITokenRepository extends ServiceEntityRepository
// ->getOneOrNullResult() // ->getOneOrNullResult()
// ; // ;
// } // }
/**
* @throws NonUniqueResultException
*/
public function findByApiToken($value): APIToken | null
{
return $this->createQueryBuilder('u')
->andWhere('u.token = :val')
->setParameter('val', $value)
->orderBy('u.id', 'ASC')
->setMaxResults(10)
->getQuery()
->getOneOrNullResult()
;
}
} }

View file

@ -67,8 +67,6 @@ class ApiKeyAuthenticator extends AbstractAuthenticator
public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
{ {
echo 55;
die();
$data = [ $data = [
// you may want to customize or obfuscate the message first // you may want to customize or obfuscate the message first
'message' => strtr($exception->getMessageKey(), $exception->getMessageData()) 'message' => strtr($exception->getMessageKey(), $exception->getMessageData())

View file

@ -0,0 +1,80 @@
<?php
// src/Security/ParttyAuthenticator.php
namespace App\Security;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
use Symfony\Component\Security\Core\Exception\UserNotFoundException;
use App\Repository\APITokenRepository;
class ParttyAuthenticator extends AbstractAuthenticator
{
/**
* @var APITokenRepository
*/
private APITokenRepository $APITokenRepository;
public function __construct(APITokenRepository $APITokenRepository)
{
$this->APITokenRepository = $APITokenRepository;
}
/**
* Called on every request to decide if this authenticator should be
* used for the request. Returning `false` will cause this authenticator
* to be skipped.
*/
public function supports(Request $request): ?bool
{
return $request->headers->has('api-key');
}
public function authenticate(Request $request): Passport
{
$apiToken = $request->headers->get('api-key');
if (null === $apiToken) {
// The token header was empty, authentication fails with HTTP Status
// Code 401 "Unauthorized"
throw new CustomUserMessageAuthenticationException('No API token provided');
}
return new SelfValidatingPassport(
new UserBadge($apiToken, function($apiToken) {
$tk = $this->APITokenRepository->findByApiToken($apiToken);
if (! $tk) {
throw new UserNotFoundException();
}
return $tk->getSubmitter();
})
);
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
{
// on success, let the request continue
return null;
}
public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
{
$data = [
// you may want to customize or obfuscate the message first
'message' => strtr($exception->getMessageKey(), $exception->getMessageData())
// or to translate this message
// $this->translator->trans($exception->getMessageKey(), $exception->getMessageData())
];
return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
}
}