From 2b1e5b5f28927d5a7f1c78a8a803c42caf7779cf Mon Sep 17 00:00:00 2001 From: Javier Eguiluz Date: Mon, 8 Oct 2018 10:35:33 +0200 Subject: [PATCH] Fixed the logic of the custom password authenticator --- security/custom_password_authenticator.rst | 34 +++++++++------------- 1 file changed, 14 insertions(+), 20 deletions(-) diff --git a/security/custom_password_authenticator.rst b/security/custom_password_authenticator.rst index 301c1858ce2..898363523e5 100644 --- a/security/custom_password_authenticator.rst +++ b/security/custom_password_authenticator.rst @@ -68,29 +68,23 @@ the user:: } } - if ($isPasswordValid) { - $currentHour = date('G'); - if ($currentHour < 14 || $currentHour > 16) { - // CAUTION: this message will be returned to the client - // (so don't put any un-trusted messages / error strings here) - throw new CustomUserMessageAuthenticationException( - 'You can only log in between 2 and 4!', - array(), // Message Data - 412 // HTTP 412 Precondition Failed - ); - } - - return new UsernamePasswordToken( - $user, - $user->getPassword(), - $providerKey, - $user->getRoles() + $currentHour = date('G'); + if ($currentHour < 14 || $currentHour > 16) { + // CAUTION: this message will be returned to the client + // (so don't put any un-trusted messages / error strings here) + throw new CustomUserMessageAuthenticationException( + 'You can only log in between 2 and 4!', + array(), // Message Data + 412 // HTTP 412 Precondition Failed ); } - // CAUTION: this message will be returned to the client - // (so don't put any un-trusted messages / error strings here) - throw new CustomUserMessageAuthenticationException('Invalid username or password'); + return new UsernamePasswordToken( + $user, + $user->getPassword(), + $providerKey, + $user->getRoles() + ); } public function supportsToken(TokenInterface $token, $providerKey)