How do you log a login failure in Symfony 4?

Zero

New Member
#1
My Question
What sort of Response should I return that won't change the default response? Or is there a better way to tack on a logger to a Login Failure/badcredentialsexception?

Details
I found this post here which states that you can (in Symfony 2.4) customize authentication failures or successes like so:
Mã:
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;

class CustomTimeAuthenticator extends TimeAuthenticator implements AuthenticationFailureHandlerInterface, AuthenticationSuccessHandlerInterface
{
    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
    {
        error_log('You are out!');
    }

    public function onAuthenticationSuccess(Request $request, TokenInterface $token)
    {
        error_log(sprintf('Yep, you are in "%s"!', $token->getUsername()));
    }
}
It also states that
...you can also bypass the default behavior altogether by returning a Response instance:
Mã:
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
{
    if ($exception->getCode()) {
        return new Response('Not the right time to log in, come back later.');
    }
}
Unfortunately it seems in Symfony 4 you have to return a Response (unlike the above 2.4 code) and so my code is:
Mã:
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Psr\Log\LoggerInterface;

class LoginFailureLogger implements AuthenticationFailureHandlerInterface
{
    private $logger;
    private $security;

    public function __construct(TokenStorageInterface $security, LoggerInterface $logger)
    {
        $this->logger = $logger;
        $this->security = $security;
    }

    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
    {
        $user = $exception->getToken()->getUser();

        $this->logger->notice('Failed to login user: "'. $user. '"".  Reason: '. $exception->getMessage());
    }
}
But when the page runs I get:
Mã:
Authentication Failure Handler did not return a Response.
 

Admin

Administrator
Thành viên BQT
#2
You should just redirect to login page since this is the default behaviour. Please modify upon your specific requirements if any.
Mã:
use Symfony\Component\HttpFoundation\RedirectResponse;
...
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
{
    $user = $exception->getToken()->getUser();

    $this->logger->notice('Failed to login user: "'. $user. '"".  Reason: '. $exception->getMessage());

    return new RedirectResponse('/login');
}
 

Từ khóa phổ biến

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Chủ Đề Xem Nhiều

Top