src/AppBundle/EventSubscriber/ResponseSubscriber.php line 56

Open in your IDE?
  1. <?php
  3. namespace AppBundle\EventSubscriber;
  5. use Exception;
  6. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  7. use Symfony\Component\HttpFoundation\BinaryFileResponse;
  8. use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
  9. use Symfony\Component\HttpKernel\Event\KernelEvent;
  10. use Symfony\Component\HttpKernel\KernelEvents;
  11. use Doctrine\ORM\EntityManagerInterface;
  12. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  13. use AppBundle\Security\Authentication\Token\JwtUserToken;
  14. use Lexik\Bundle\JWTAuthenticationBundle\Encoder\JWTEncoderInterface;
  15. use AppBundle\Entity\User\{UserSessionSessionLogUserSessionLog};
  16. use AppBundle\Utils\JWTTokenGenerator;
  17. use Psr\Log\LoggerInterface;
  19. /**
  20.  * Description of ResponseSubscriber
  21.  *
  22.  * look at https://symfony.com/doc/current/event_dispatcher.html#creating-an-event-subscriber
  23.  *
  24.  * @author SAWIT Mateusz Miklewski <biuro@sawit.pl>
  25.  */
  26. class ResponseSubscriber implements EventSubscriberInterface {
  27.     private $entityManager;
  28.     private $tokenStorage;
  29.     private $jwt_encoder;
  30.     private $generator;
  31.     private $logger;
  33.     static $HeadersSet false;
  35.     public function __construct(EntityManagerInterface $entityManagerTokenStorageInterface $tokenStorageJWTEncoderInterface $jwt_encoderJWTTokenGenerator $generatorLoggerInterface $logger)
  36.     {
  37.         $this->entityManager $entityManager;
  38.         $this->tokenStorage $tokenStorage;
  39.         $this->jwt_encoder $jwt_encoder;
  40.         $this->generator $generator;
  41.         $this->logger $logger;
  42.     }
  44.     public static function getSubscribedEvents(): array {
  45.         // return the subscribed events, their methods and priorities
  46.         return array(
  47.            KernelEvents::RESPONSE => array(
  48.                array('addOptionsHeader'10),
  49.                array('addTokenHeader'0),
  50.                array('doShrinkSource'0),
  51.                array('cacheAssets'0)
  52.            )
  53.         );
  54.     }
  56.     public function addOptionsHeader(KernelEvent $event) {
  57.         $request $event->getRequest();
  58.         $method  $request->getMethod();
  59.         $response $event->getResponse();
  60.         if(!self::$HeadersSet) {
  61.             $response->headers->set('Access-Control-Allow-Origin''*');
  62.             $response->headers->set('Access-Control-Allow-Methods''GET,POST,PUT,DELETE');
  63.             $response->headers->set('Access-Control-Allow-Headers''Accept, Authorization, Content-Type, Token');
  64.             $response->headers->set('Access-Control-Expose-Headers''Token');
  65.             self::$HeadersSet true;
  66.         }
  67.         $event->setResponse($response);
  68.         if ('OPTIONS' === $method) {
  69.             $event->stopPropagation();
  70.             return $response;
  71.         }
  72.         return null;
  73.     }
  75.     public function addTokenHeader(KernelEvent $event) {
  76.         $request $event->getRequest();
  77.         $method  $request->getRealMethod();
  78.         if(!$this->entityManager->isOpen()) {
  79.             return;
  80.         }
  81.         $this->entityManager->clear();
  82.         if ('OPTIONS' !== $method) {
  83.             $token $this->tokenStorage->getToken();
  84.             if($token instanceof JwtUserToken) {
  85.                 try {
  86.                     /* @var $session UserSession */
  87.                     $session $this->entityManager->getRepository(UserSession::class)->findOneBy(['token' => $token->nonce]);
  89.                     if($session && !$session->getDeleted()) {
  90.                         $generator $this->generator;
  91.                         $newToken $generator->refreshToken($token);
  93.                         $response $event->getResponse();
  94.                         $response->headers->set('Token'$newToken);
  95.                         $event->setResponse($response);
  97.                         $sessionLog = new UserSessionLog();
  98.                         $sessionLog->setRequest($event->getRequest()->getRequestUri());
  99.                         $sessionLog->setRequestType($event->getRequest()->getMethod());
  100.                         $sessionLog->setUserSession($session);
  101.                         $this->entityManager->persist($sessionLog);
  102.                         $this->entityManager->flush();
  103.                     }
  104.                 } catch (Exception $e) {
  105.                     $this->logger->error($e->getMessage(), $e->getTrace());
  106.                 }
  107.             }
  108.         }
  109.     }
  111.     public function doShrinkSource(FilterResponseEvent $e){
  112.         $response $e->getResponse();
  113.         $request $e->getRequest();
  114.         if(strpos($request->getRequestUri(), '/api') === false && strpos($request->getRequestUri(), '/_profiler') === false && !$response instanceof BinaryFileResponse) {
  115.             $content $response->getContent();
  117.             $html preg_replace('/(\>)\s*(\<)/m''$1$2'$content);
  118.             $html preg_replace('/\r/'''$html);
  119.             $html preg_replace('/\n/'' '$html);
  120.             $html preg_replace('/\t/'' '$html);
  121.             $html preg_replace('/\s{2,}/'' '$html);
  123.             $response->setContent($html);
  124.         }
  125.     }
  127.     public function cacheAssets(FilterResponseEvent $event) {
  128.         $request $event->getRequest();
  129.         if($request->getContentType() == 'text/css') {
  130.             $response $event->getResponse();
  131.             $response->setSharedMaxAge(6*30*24*60*60); // 6 mies
  132.         }
  133.     }
  134. }