<?php
namespace Elements\Bundle\DocumentHttpAuthBundle\EventSubscriber;
use Pimcore\Bundle\CoreBundle\EventListener\Traits\PimcoreContextAwareTrait;
use Pimcore\Http\Request\Resolver\DocumentResolver;
use Pimcore\Http\Request\Resolver\PimcoreContextResolver;
use Pimcore\Http\RequestHelper;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\HttpKernel\KernelEvents;
use Symfony\Component\Security\Http\EntryPoint\BasicAuthenticationEntryPoint;
class DocumentHttpAuth implements EventSubscriberInterface
{
use PimcoreContextAwareTrait;
/**
* @var DocumentResolver
*/
protected $documentResolver;
/**
* @var RequestHelper
*/
protected $requestHelper;
/**
* @param DocumentResolver $documentResolver
*/
public function __construct(DocumentResolver $documentResolver, RequestHelper $requestHelper)
{
$this->documentResolver = $documentResolver;
$this->requestHelper = $requestHelper;
}
/**
* @inheritDoc
*/
public static function getSubscribedEvents()
{
return [
KernelEvents::REQUEST => ['onKernelRequest', 17]
];
}
/**
* @param RequestEvent $event
*/
public function onKernelRequest(RequestEvent $event)
{
if($event->isMasterRequest() && $this->matchesPimcoreContext($event->getRequest(), PimcoreContextResolver::CONTEXT_DEFAULT)) {
$document = $this->documentResolver->getDocument($event->getRequest());
if ($document && !$this->requestHelper->isFrontendRequestByAdmin($event->getRequest())) {
$username = $document->getProperty('auth_username');
$password = $document->getProperty('auth_password');
if ($username && $password) {
$request = $event->getRequest();
if ($authUsername = $request->headers->get('PHP_AUTH_USER')) {
if ($authUsername === $username && $password === $request->headers->get('PHP_AUTH_PW')) {
return;
}
}
$entryPoint = new BasicAuthenticationEntryPoint('doc-auth');
$event->setResponse($entryPoint->start($request));
}
}
}
}
}