<?phpnamespace App\AdminBundle\EventListener;use App\AdminBundle\Service\UserManager;use Lexik\Bundle\JWTAuthenticationBundle\Event\AuthenticationFailureEvent;use Symfony\Component\HttpFoundation\RequestStack;class AuthenticationFailureListener{ //private $requestStack; //private $userManager; //private $templating; public function __construct(/*RequestStack $requestStack, UserManager $userManager, $templating*/) { //$this->requestStack = $requestStack; //$this->userManager = $userManager; //$this->templating = $templating; } /** * @param AuthenticationFailureEvent $event */ public function onAuthenticationFailureResponse(AuthenticationFailureEvent $event) { // Check failed login attemps //$username = $this->requestStack->getCurrentRequest()->get("_username"); //if ($username !== '') { // $user = $this->userManager->findUserByEmail($username); // if ($user) { // $failedAttemps = $user->getFailedLoginAttemps() + 1; // $user->setFailedLoginAttemps($failedAttemps); // $this->userManager->updateUser($user); // if ($failedAttemps == 3) { // $parameters = array( // 'firstName' => $user->getFirstName(), // 'email' => $user->getEmail() // ); // $html = $this->templating->render( // 'Emails/failed_login_attemps.html.twig', $parameters // ); // // DEV NOTE: if re-enabling replace with AWS SES call // $message = new Swift_Message(); // $message // ->setFrom('info@iwplatform.com', 'Integrated Wealth Platform') // ->addTo($user->getEmail(), $user->getFirstName()) // ->setSubject('Incorrect Login Attempts') // ->setReplyTo('support@iwplatform.com') // ->setBccAddress('info@iwplatform.com') // ->setBody($html, 'text/html') // ; // // // Send the email // ... // } // } //} // Delay the response as to make it take 1 second // This is to even the response time no matter which route it took (user not found, wrong password, etc.), so it can't be used to pick information about username existance $soFarExecutionTime = microtime(true) - $_SERVER["REQUEST_TIME_FLOAT"]; usleep(abs(1 - $soFarExecutionTime) * 1000000); }}