Manual authentificate an user in Symfony

We had this situation, a client asked to be able to connect easily using a kind of super password to a Symfony web app we developped.

The idea : use the email of an existing user, use a special password, and it will work.

So we used the failure_handler event of the classic security Symfony system.

For this, first you need to say Symfony to use the handler we will create. In your security.yaml config file :

        anonymous: ~
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false
        anonymous: ~
        provider: in_db
            use_referer: false
            login_path: login
            check_path: login
            failure_handler: App\Handler\LoginFailureHandler

Everytime a login will fail, we are gonna reach our new file LoginFailureHandler. The content of this new file :

class LoginFailureHandler extends DefaultAuthenticationFailureHandler implements AuthenticationFailureHandlerInterface
    private $container;
    private $userRepository;

     * LoginHandler constructor.
     * @param ParameterBagInterface|null $parameterBag
     * @param HttpUtils $httpUtils
     * @param EntityManagerInterface $entityManager
     * @param ContainerInterface $container
     * @param HttpKernelInterface $httpKernel
    public function __construct(HttpUtils $httpUtils, EntityManagerInterface $entityManager, UserRepository $userRepository, 
                                  ContainerInterface $container, HttpKernelInterface $httpKernel)
        parent::__construct($httpKernel, $httpUtils);
        $this->container = $container;
        $this->userRepository = $userRepository;

     * @param Request $request
     * @param AuthenticationException $exception
     * @return RedirectResponse
    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
        // get email posted in the login form
        $email = $exception->getToken()->getUser();

        if ($email && $request->get('_password') === 'MY_SUPER_PASSWORD') {
            $userManual = $this->UserRepositoy->findOneBy(['email' => $email]);

            if ($userManual) {
                // manually authenticate user in controller
                $token = new UsernamePasswordToken($userManual, null, 'main', $userManual->getRoles());
                $this->container->get('session')->set('_security_main', serialize($token));

                $defaultAuthenticationSuccessHandler = new DefaultAuthenticationSuccessHandler($this->httpUtils);
                return $defaultAuthenticationSuccessHandler->onAuthenticationSuccess($request, $token);

        return parent::onAuthenticationFailure($request, $exception);

Laissez un commentaire