src/Security/Voter/Resource/TokenRefreshVoter.php line 12

  1. <?php
  2. namespace App\Security\Voter\Resource;
  4. use Symfony\Component\Security\Core\Authorization\Voter\Voter,
  5.     Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  7. use Lexik\Bundle\JWTAuthenticationBundle\Services\JWTTokenManagerInterface;
  9. use App\DTO\TokenRefreshDTO,
  10.     App\Lib\Actions;
  12. final class TokenRefreshVoter extends Voter
  13. {
  14.     const ACTIVITY_CHECK '10 mins';
  15.     const MESSAGE 'Expired. No activity in the last ' self::ACTIVITY_CHECK;
  17.     private JWTTokenManagerInterface $jwtManager;
  19.     public function __construct(JWTTokenManagerInterface $jwtManager)
  20.     {
  21.         $this->jwtManager $jwtManager;
  22.     }
  24.     protected function supports($attribute$subject): bool
  25.     {
  26.         if (! $subject instanceof TokenRefreshDTO || Actions::VIEW !== $attribute) {
  27.             return false;
  28.         }
  30.         return true;
  31.     }
  33.     protected function voteOnAttribute($attribute$subjectTokenInterface $token): bool
  34.     {
  35.         $currentToken $this->jwtManager->decode($token);
  37.         $issuedAt = new \DateTime("@{$currentToken['iat']}");
  38.         $issuedAt->setTimezone(new \DateTimeZone(date_default_timezone_get()));
  40.         $checkFrom = new \DateTimeImmutable('-' self::ACTIVITY_CHECK);
  42.         if ($checkFrom $issuedAt) {
  43.             $checkFrom $issuedAt;
  44.         }
  46.         /** @var Admin */
  47.         $admin $token->getUser();
  49.         if ($admin->getLastActivityAt() >= $checkFrom) {
  50.             return true;
  51.         }
  53.         return false;
  54.     }
  55. }