[github/wallabag/wallabag.git] / src / Wallabag / UserBundle / EventListener / AuthenticationFailureListener.php

<?php

namespace Wallabag\UserBundle\EventListener;

use Psr\Log\LoggerInterface;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\Security\Core\AuthenticationEvents;

class AuthenticationFailureListener implements EventSubscriberInterface
{
    private $requestStack;
    private $logger;

    public function __construct(RequestStack $requestStack, LoggerInterface $logger)
    {
        $this->requestStack = $requestStack;
        $this->logger = $logger;
    }

    /**
     * {@inheritdoc}
     */
    public static function getSubscribedEvents()
    {
        return [
            AuthenticationEvents::AUTHENTICATION_FAILURE => 'onAuthenticationFailure',
        ];
    }

    /**
     * On failure, add a custom error in log so server admin can configure fail2ban to block IP from people who try to login too much.
     */
    public function onAuthenticationFailure()
    {
        $request = $this->requestStack->getMasterRequest();

        $this->logger->error('Authentication failure for user "' . $request->request->get('_username') . '", from IP "' . $request->getClientIp() . '", with UA: "' . $request->server->get('HTTP_USER_AGENT') . '".');
    }
}
Commit	Line	Data
f81a34e3 JB	1	<?php
	2
	3	namespace Wallabag\UserBundle\EventListener;
	4
	5	use Psr\Log\LoggerInterface;
	6	use Symfony\Component\EventDispatcher\EventSubscriberInterface;
	7	use Symfony\Component\HttpFoundation\RequestStack;
	8	use Symfony\Component\Security\Core\AuthenticationEvents;
	9
	10	class AuthenticationFailureListener implements EventSubscriberInterface
	11	{
	12	private $requestStack;
	13	private $logger;
	14
	15	public function __construct(RequestStack $requestStack, LoggerInterface $logger)
	16	{
	17	$this->requestStack = $requestStack;
	18	$this->logger = $logger;
	19	}
	20
	21	/**
	22	* {@inheritdoc}
	23	*/
	24	public static function getSubscribedEvents()
	25	{
	26	return [
	27	AuthenticationEvents::AUTHENTICATION_FAILURE => 'onAuthenticationFailure',
	28	];
	29	}
	30
	31	/**
	32	* On failure, add a custom error in log so server admin can configure fail2ban to block IP from people who try to login too much.
	33	*/
	34	public function onAuthenticationFailure()
	35	{
	36	$request = $this->requestStack->getMasterRequest();
	37
f808b016	38	$this->logger->error('Authentication failure for user "' . $request->request->get('_username') . '", from IP "' . $request->getClientIp() . '", with UA: "' . $request->server->get('HTTP_USER_AGENT') . '".');
f81a34e3 JB	39	}
f81a34e3 JB	40	}