start hook develop
This commit is contained in:
parent
a2df340d79
commit
dd42972e38
|
|
@ -25,6 +25,7 @@ security:
|
|||
|
||||
custom_authenticators:
|
||||
- App\Security\ApiKeyAuthenticator
|
||||
- App\Security\ParttyAuthenticator
|
||||
# activate different ways to authenticate
|
||||
# https://symfony.com/doc/current/security.html#the-firewall
|
||||
|
||||
|
|
@ -50,6 +51,7 @@ security:
|
|||
access_control:
|
||||
# - { path: ^/admin, roles: ROLE_ADMIN }
|
||||
- { path: ^/api/acc/*, roles: ROLE_USER }
|
||||
- { path: ^/hooks/*, roles: ROLE_USER }
|
||||
- { path: ^/api/app/*, roles: ROLE_USER }
|
||||
- { path: ^/api/admin/*, roles: ROLE_ADMIN }
|
||||
- { path: ^/app/*, roles: ROLE_ADMIN }
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
namespace App\Controller;
|
||||
|
||||
use App\Entity\APIToken;
|
||||
use App\Entity\BankAccount;
|
||||
use App\Entity\Commodity;
|
||||
use App\Entity\HesabdariDoc;
|
||||
|
|
@ -12,6 +13,7 @@ use App\Entity\Person;
|
|||
use App\Entity\Plugin;
|
||||
use App\Entity\User;
|
||||
use App\Entity\Business;
|
||||
use App\Entity\Hook;
|
||||
use App\Entity\Year;
|
||||
use App\Service\Access;
|
||||
use App\Service\Jdate;
|
||||
|
|
@ -544,11 +546,40 @@ class BusinessController extends AbstractController
|
|||
return $this->json($response);
|
||||
}
|
||||
|
||||
#[Route('v2/api/settings/chack-api', name: 'api_business_check_api')]
|
||||
public function api_business_check_api(Access $access,Log $log,Request $request,EntityManagerInterface $entityManager): Response
|
||||
#[Route('hooks/setting/SetChangeHook', name: 'api_business_SetChangeHook')]
|
||||
public function api_business_SetChangeHook(Access $access,Log $log,Request $request,EntityManagerInterface $entityManager): JsonResponse
|
||||
{
|
||||
|
||||
$api = $entityManager->getRepository(APIToken::class)->findOneBy([
|
||||
'token' => $request->headers->get('api-key'),
|
||||
]);
|
||||
|
||||
$params = [];
|
||||
if ($content = $request->getContent()) {
|
||||
$params = json_decode($content, true);
|
||||
}
|
||||
$hook = $entityManager->getRepository(Hook::class)->findOneBy([
|
||||
'url'=> $params['url'],
|
||||
'password'=> $params['hookPassword'],
|
||||
'bid' => $api->getBid(),
|
||||
'submitter'=>$this->getUser()
|
||||
]);
|
||||
if(!$hook){
|
||||
$hook = new Hook();
|
||||
$hook->setBid($api->getBid());
|
||||
$hook->setSubmitter($this->getUser());
|
||||
$hook->setPassword($params['hookPassword']);
|
||||
$hook->setUrl($params['url']);
|
||||
$entityManager->persist($hook);
|
||||
$entityManager->flush();
|
||||
}
|
||||
|
||||
$year = $entityManager->getRepository(Year::class)->findOneBy(['bid'=>$api->getBid(),'head'=>true])->getId();
|
||||
return $this->json([
|
||||
'Success'=>true
|
||||
'Success'=>true,
|
||||
'bid' => $api->getBid()->getId(),
|
||||
'year' => $year,
|
||||
'money' => $api->getBid()->getMoney()->getId()
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -45,4 +45,19 @@ class APITokenRepository extends ServiceEntityRepository
|
|||
// ->getOneOrNullResult()
|
||||
// ;
|
||||
// }
|
||||
|
||||
/**
|
||||
* @throws NonUniqueResultException
|
||||
*/
|
||||
public function findByApiToken($value): APIToken | null
|
||||
{
|
||||
return $this->createQueryBuilder('u')
|
||||
->andWhere('u.token = :val')
|
||||
->setParameter('val', $value)
|
||||
->orderBy('u.id', 'ASC')
|
||||
->setMaxResults(10)
|
||||
->getQuery()
|
||||
->getOneOrNullResult()
|
||||
;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -67,8 +67,6 @@ class ApiKeyAuthenticator extends AbstractAuthenticator
|
|||
|
||||
public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
|
||||
{
|
||||
echo 55;
|
||||
die();
|
||||
$data = [
|
||||
// you may want to customize or obfuscate the message first
|
||||
'message' => strtr($exception->getMessageKey(), $exception->getMessageData())
|
||||
|
|
|
|||
80
hesabixCore/src/Security/ParttyAuthenticator.php
Normal file
80
hesabixCore/src/Security/ParttyAuthenticator.php
Normal file
|
|
@ -0,0 +1,80 @@
|
|||
<?php
|
||||
|
||||
// src/Security/ParttyAuthenticator.php
|
||||
namespace App\Security;
|
||||
|
||||
use Symfony\Component\HttpFoundation\JsonResponse;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Exception\AuthenticationException;
|
||||
use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
|
||||
use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
|
||||
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
|
||||
use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
|
||||
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
|
||||
use Symfony\Component\Security\Core\Exception\UserNotFoundException;
|
||||
|
||||
use App\Repository\APITokenRepository;
|
||||
|
||||
class ParttyAuthenticator extends AbstractAuthenticator
|
||||
{
|
||||
|
||||
/**
|
||||
* @var APITokenRepository
|
||||
*/
|
||||
private APITokenRepository $APITokenRepository;
|
||||
|
||||
public function __construct(APITokenRepository $APITokenRepository)
|
||||
{
|
||||
$this->APITokenRepository = $APITokenRepository;
|
||||
}
|
||||
/**
|
||||
* Called on every request to decide if this authenticator should be
|
||||
* used for the request. Returning `false` will cause this authenticator
|
||||
* to be skipped.
|
||||
*/
|
||||
public function supports(Request $request): ?bool
|
||||
{
|
||||
return $request->headers->has('api-key');
|
||||
}
|
||||
|
||||
public function authenticate(Request $request): Passport
|
||||
{
|
||||
$apiToken = $request->headers->get('api-key');
|
||||
if (null === $apiToken) {
|
||||
// The token header was empty, authentication fails with HTTP Status
|
||||
// Code 401 "Unauthorized"
|
||||
throw new CustomUserMessageAuthenticationException('No API token provided');
|
||||
}
|
||||
|
||||
return new SelfValidatingPassport(
|
||||
new UserBadge($apiToken, function($apiToken) {
|
||||
$tk = $this->APITokenRepository->findByApiToken($apiToken);
|
||||
if (! $tk) {
|
||||
throw new UserNotFoundException();
|
||||
}
|
||||
return $tk->getSubmitter();
|
||||
})
|
||||
);
|
||||
}
|
||||
|
||||
public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
|
||||
{
|
||||
// on success, let the request continue
|
||||
return null;
|
||||
}
|
||||
|
||||
public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
|
||||
{
|
||||
$data = [
|
||||
// you may want to customize or obfuscate the message first
|
||||
'message' => strtr($exception->getMessageKey(), $exception->getMessageData())
|
||||
|
||||
// or to translate this message
|
||||
// $this->translator->trans($exception->getMessageKey(), $exception->getMessageData())
|
||||
];
|
||||
|
||||
return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
|
||||
}
|
||||
}
|
||||
Loading…
Reference in a new issue