php - Is there any sort of "pre login" event or similar?

Question

I need to run some code prior to checking if a user's credentials are correct. Currently I'm achieving this with a custom event listener that fires on the kernel.request event and checks if the requested URL matches security.yml's check_path setting. But this is inefficient since it runs on every request. I'm aware of the onSecurityInteractiveLogin event, but I believe that fires after a successful login attempt. Does anyone know if there's a pre login event, or where I could dispatch a custom event myself?

Answer 1

So, there's no 'official' pre-login event. But thankfully it's not hard to set one up since Symfony2 is so extendable. The trick is to use your own service to handle authentication.

Symfony uses this class when using a login form:

SymfonyComponentSecurityHttpFirewallUsernamePasswordFormAuthenticationListener

If you override the security.authentication.listener.form.class parameter (originally defined in SymfonyBundleSecurityBundleResourcesconfigsecurity_listeners.xml) you can use a custom listener that extends UsernamePasswordFormAuthenticationListener.

All that's left to do is override the attemptAuthentication() method to dispatch the custom event.

(Actually you also need to store the event dispatcher as a class property in __construct())

This method should work with other authentication methods - all you'd need to do is modify the appropriate listener (ie BasicAuthenticationListener, X509AuthenticationListener, etc.)