Skip to content

Commit

Permalink
Merge pull request #34 from ConnectHolland/replace-new-user
Browse files Browse the repository at this point in the history
If a new user logs in the existing user is replaced in the remember_device cookie
  • Loading branch information
mrcotrmpr authored Sep 30, 2021
2 parents aae734c + 3235331 commit 5dbc3e5
Showing 1 changed file with 14 additions and 2 deletions.
16 changes: 14 additions & 2 deletions src/Security/Http/Authentication/AuthenticationSuccessHandler.php
Original file line number Diff line number Diff line change
Expand Up @@ -63,12 +63,12 @@ public function handleAuthenticationSuccess(UserInterface $user, $jwt = null): J
public function onAuthenticationSuccess(Request $request, TokenInterface $token): JsonResponse
{
$response = $this->handleAuthenticationSuccess($token->getUser());
$username = $request->request->get('username');

if ($this->rememberDeviceResolver->getRememberDeviceStatus()) {
if (is_null($request->cookies) || is_null($request->cookies->get('REMEMBER_DEVICE')) || $this->jwtEncoder->decode($request->cookies->get('REMEMBER_DEVICE'))['exp'] < time()) {
if ($this->checkForInvalidRememberDeviceCookie($request, $username)) {

$expiry_time = time() + $this->rememberDeviceResolver->getRememberDeviceExpiryDays() * 86400;
$username = $request->request->get('username');

$data = $this->jwtEncoder->encode([
'exp' => $expiry_time,
Expand All @@ -92,6 +92,18 @@ public function addResponsePayload(string $key, $value): void
$this->responsePayload[$key] = $value;
}

private function checkForInvalidRememberDeviceCookie($request, $username): bool
{
switch ($request) {
case is_null($request->cookies):
case is_null($request->cookies->get("REMEMBER_DEVICE")):
case $this->jwtEncoder->decode($request->cookies->get("REMEMBER_DEVICE"))['exp'] < time():
case $username != $this->jwtEncoder->decode($request->cookies->get("REMEMBER_DEVICE"))['user']:
return true;
}
return false;
}

private function addToValidTokens($token, $user): void
{
$entityManager = $this->doctrine->getManager();
Expand Down

0 comments on commit 5dbc3e5

Please sign in to comment.