Hello everyone!

We have been investing plenty of personal time and energy for many years to share our knowledge with you all. However, we now need your help to keep this blog running. All you have to do is just click one of the adverts on the site, otherwise it will sadly be taken down due to hosting etc. costs. Thank you.

In example below, we're making a call to an end-point and log security, login, role and authentication related information about the current user with onKernelController event listener.


Security.yml.yml


security:
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

Listeners.yml


services:
application_backend.event_listener.kernel_controller:
class: Application\BackendBundle\EventListener\KernelControllerListener
arguments: [@security.context, %security.role_hierarchy.roles%, @logger]
tags:
- { name: kernel.event_listener, event: kernel.controller, method: onKernelController }

KernelControllerListener.php


namespace Application\BackendBundle\EventListener;

use Psr\Log\LoggerInterface;
use Symfony\Component\HttpKernel\Event\FilterControllerEvent;
use Symfony\Component\Security\Core\SecurityContextInterface;

class KernelSecurityControllerListener
{
private $securityContext;
private $roleHierarchyRoles;
private $logger;
private $log = [];

public function __construct(
SecurityContextInterface $securityContextInterface,
$roleHierarchyRoles,
LoggerInterface $logger
) {
$this->securityContext = $securityContextInterface;
$this->roleHierarchyRoles = $roleHierarchyRoles;
$this->logger = $logger;
}

public function onKernelController(FilterControllerEvent $event)
{
if ($event->isMasterRequest()) {
$this->log['Token'] = $this->securityContext->getToken();
$this->log['Attributes'] = $this->securityContext->getToken()->getAttributes();
$this->log['Credentials'] = $this->securityContext->getToken()->getCredentials();
$this->log['Roles'] = $this->securityContext->getToken()->getRoles();
$this->log['Have Correct Role Assigned'] = in_array(
$this->securityContext->getToken()->getRoles(), $this->roleHierarchyRoles
) ? 'Yes' : 'No';
$this->log['Username'] = $this->securityContext->getToken()->getUsername();
$this->log['Is User Authenticated'] = $this->securityContext->getToken()->isAuthenticated(
$this->securityContext->getToken()->getUsername()
);
$this->log['Is Logged in (Normal)'] = $this->securityContext->isGranted('IS_AUTHENTICATED_FULLY')
? 'Yes' : 'No';
$this->log['Is Logged in (Remember Me)'] = $this->securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED')
? 'Yes' : 'No';

$this->logger->info(json_encode($this->log));
}
}
}

Test


We're calling this end-point: http://football.local/app_dev.php/backend/user?page=1&limit=2


Content of dev.log file


[2015-07-05 12:27:14] app.INFO: {"Token":{},"Attributes":[],"Credentials":"","Roles":[],"Have Correct Role Assigned":"No","Username":"anon.","Is User Authenticated":true,"Is Logged in (Normal)":"No","Is Logged in (Remember Me)":"No"} [] []

Result


{
"Token": {

},
"Attributes": [

],
"Credentials": "",
"Roles": [

],
"Have Correct Role Assigned": "No",
"Username": "anon.",
"Is User Authenticated": true,
"Is Logged in (Normal)": "No",
"Is Logged in (Remember Me)": "No"
}