Part-DB.Part-DB-server/src/Security/UserChecker.php

<?php
/**
 * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
 *
 * Copyright (C) 2019 - 2022 Jan Böhmer (https://github.com/jbtronics)
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published
 * by the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

declare(strict_types=1);

namespace App\Security;

use App\Entity\UserSystem\User;
use Symfony\Component\Security\Core\Exception\AccountStatusException;
use Symfony\Component\Security\Core\Exception\CustomUserMessageAccountStatusException;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Contracts\Translation\TranslatorInterface;

/**
 * @see \App\Tests\Security\UserCheckerTest
 */
final class UserChecker implements UserCheckerInterface
{
    public function __construct(private readonly TranslatorInterface $translator)
    {
    }

    /**
     * Checks the user account before authentication.
     *
     * @throws AccountStatusException
     */
    public function checkPreAuth(UserInterface $user): void
    {
        // TODO: Implement checkPreAuth() method.
    }

    /**
     * Checks the user account after authentication.
     *
     * @throws AccountStatusException
     */
    public function checkPostAuth(UserInterface $user): void
    {
        if (!$user instanceof User) {
            return;
        }

        //Check if user is disabled. Then don't allow login
        if ($user->isDisabled()) {
            //throw new DisabledException();
            throw new CustomUserMessageAccountStatusException($this->translator->trans('user.login_error.user_disabled', [], 'security'));
        }
    }
}
Allow to disable a user in admin settings. When a user is disabled, he can not login. 2019-10-26 23:22:27 +02:00			`<?php`
Changed license to AGPL3+ 2020-02-22 18:14:36 +01:00			`/**`
			`* This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).`
			`*`
Removed old GPLv2 copyright header 2022-11-29 22:28:53 +01:00			`* Copyright (C) 2019 - 2022 Jan Böhmer (https://github.com/jbtronics)`
Changed license to AGPL3+ 2020-02-22 18:14:36 +01:00			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as published`
			`* by the Free Software Foundation, either version 3 of the License, or`
			`* (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <https://www.gnu.org/licenses/>.`
			`*/`
Applied code style rules to src/ 2020-01-05 15:46:58 +01:00
			`declare(strict_types=1);`

Allow to disable a user in admin settings. When a user is disabled, he can not login. 2019-10-26 23:22:27 +02:00			`namespace App\Security;`

			`use App\Entity\UserSystem\User;`
			`use Symfony\Component\Security\Core\Exception\AccountStatusException;`
Show a more helpfull error message on login when a user is disabled. Before a generic invalid credentials message was shown, now a hint about the disabled status is shown. 2022-11-15 00:25:56 +01:00			`use Symfony\Component\Security\Core\Exception\CustomUserMessageAccountStatusException;`
Allow to disable a user in admin settings. When a user is disabled, he can not login. 2019-10-26 23:22:27 +02:00			`use Symfony\Component\Security\Core\User\UserCheckerInterface;`
			`use Symfony\Component\Security\Core\User\UserInterface;`
Show a more helpfull error message on login when a user is disabled. Before a generic invalid credentials message was shown, now a hint about the disabled status is shown. 2022-11-15 00:25:56 +01:00			`use Symfony\Contracts\Translation\TranslatorInterface;`
Allow to disable a user in admin settings. When a user is disabled, he can not login. 2019-10-26 23:22:27 +02:00
Improved code style of tests 2023-06-11 15:02:59 +02:00			`/**`
			`* @see \App\Tests\Security\UserCheckerTest`
			`*/`
Applied symplify rules to codebase. 2020-01-05 22:49:00 +01:00			`final class UserChecker implements UserCheckerInterface`
Allow to disable a user in admin settings. When a user is disabled, he can not login. 2019-10-26 23:22:27 +02:00			`{`
Applied rector with PHP8.1 migration rules 2023-06-11 14:15:46 +02:00			`public function __construct(private readonly TranslatorInterface $translator)`
Allow to disable a user in admin settings. When a user is disabled, he can not login. 2019-10-26 23:22:27 +02:00			`{`
			`}`

			`/**`
			`* Checks the user account before authentication.`
			`*`
			`* @throws AccountStatusException`
			`*/`
Applied code style rules to src/ 2020-01-05 15:46:58 +01:00			`public function checkPreAuth(UserInterface $user): void`
Allow to disable a user in admin settings. When a user is disabled, he can not login. 2019-10-26 23:22:27 +02:00			`{`
			`// TODO: Implement checkPreAuth() method.`
			`}`

			`/**`
			`* Checks the user account after authentication.`
			`*`
			`* @throws AccountStatusException`
			`*/`
Applied code style rules to src/ 2020-01-05 15:46:58 +01:00			`public function checkPostAuth(UserInterface $user): void`
Allow to disable a user in admin settings. When a user is disabled, he can not login. 2019-10-26 23:22:27 +02:00			`{`
Fixed code style. 2020-08-21 21:36:22 +02:00			`if (!$user instanceof User) {`
Allow to disable a user in admin settings. When a user is disabled, he can not login. 2019-10-26 23:22:27 +02:00			`return;`
			`}`

Fixed typos 2023-04-15 23:14:53 +02:00			`//Check if user is disabled. Then don't allow login`
Allow to disable a user in admin settings. When a user is disabled, he can not login. 2019-10-26 23:22:27 +02:00			`if ($user->isDisabled()) {`
Show a more helpfull error message on login when a user is disabled. Before a generic invalid credentials message was shown, now a hint about the disabled status is shown. 2022-11-15 00:25:56 +01:00			`//throw new DisabledException();`
Prevent login of local users via SSO with the same username 2023-02-21 22:36:43 +01:00			`throw new CustomUserMessageAccountStatusException($this->translator->trans('user.login_error.user_disabled', [], 'security'));`
Allow to disable a user in admin settings. When a user is disabled, he can not login. 2019-10-26 23:22:27 +02:00			`}`
			`}`
Added an PHP CS fixer config file and applied it to files. We now use the same the same style as the symfony project, and it allows us to simply fix the style by executing php_cs_fixer fix in the project root. 2019-11-09 00:47:20 +01:00			`}`