src/EventListener/JWTDecodedListener.php line 18

Open in your IDE?
  1. <?php
  3. namespace App\EventListener;
  5. use App\Entity\Monolith\User;
  6. use App\Repository\UserRepository;
  7. use Lexik\Bundle\JWTAuthenticationBundle\Event\JWTDecodedEvent;
  9. class JWTDecodedListener
  10. {
  11.     private UserRepository $userRepository;
  13.     public function __construct(UserRepository $userRepository)
  14.     {
  15.         $this->userRepository $userRepository;
  16.     }
  18.     public function onJWTDecoded(JWTDecodedEvent $event): void
  19.     {
  20.         $payload $event->getPayload();
  21.         $user $this->userRepository->findOneBy(['email' => $payload['email']]);
  23.         if (!$this->isPayloadAndPasswordValid($payload$user)) {
  24.             $event->markAsInvalid();
  25.         }
  26.     }
  28.     private function isPayloadAndPasswordValid(array $payload, ?User $user): bool
  29.     {
  30.         $password $user?->getPassword();
  32.         if (!$password || !isset($payload['hash'])) {
  33.             return false;
  34.         }
  36.         return sha1($password) === $payload['hash'];
  37.     }
  38. }