3 namespace Wallabag\UserBundle\EventListener
;
5 use Psr\Log\LoggerInterface
;
6 use Symfony\Component\EventDispatcher\EventSubscriberInterface
;
7 use Symfony\Component\HttpFoundation\RequestStack
;
8 use Symfony\Component\Security\Core\AuthenticationEvents
;
10 class AuthenticationFailureListener
implements EventSubscriberInterface
12 private $requestStack;
15 public function __construct(RequestStack
$requestStack, LoggerInterface
$logger)
17 $this->requestStack
= $requestStack;
18 $this->logger
= $logger;
24 public static function getSubscribedEvents()
27 AuthenticationEvents
::AUTHENTICATION_FAILURE
=> 'onAuthenticationFailure',
32 * On failure, add a custom error in log so server admin can configure fail2ban to block IP from people who try to login too much.
34 public function onAuthenticationFailure()
36 $request = $this->requestStack
->getMasterRequest();
38 $this->logger
->error('Authentication failure for user "'.$request->request
->get('_username').'", from IP "'.$request->getClientIp().'", with UA: "'.$request->server
->get('HTTP_USER_AGENT').'".');