tos/EventListener/TosListener.php

<?php
namespace vierbergenlars\AuthserverTosBundle\EventListener;

use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Registration\RegistrationEvents;
use Registration\Event\RegistrationFormEvent;
use Registration\Event\RegistrationHandleEvent;
use Symfony\Component\Form\Extension\Core\Type\CheckboxType;
use Symfony\Component\Validator\Constraints\IsTrue;
use vierbergenlars\AuthserverTosBundle\Entity\UserTos;
use Doctrine\ORM\EntityManagerInterface;
use App\Entity\User;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpKernel\KernelEvents;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use vierbergenlars\AuthserverTosBundle\Form\AcceptTosType;

class TosListener implements EventSubscriberInterface
{

    private $tosUrl;

    private $tosVersion;

    /**
     *
     * @var EntityManagerInterface
     */
    private $em;

    /**
     *
     * @var TokenStorageInterface
     */
    private $tokenStorage;

    /**
     *
     * @var UrlGeneratorInterface
     */
    private $urlGenerator;

    public static function getSubscribedEvents()
    {
        return [
            RegistrationEvents::BUILD_FORM => [
                'onBuildForm',
                -200
            ],
            RegistrationEvents::HANDLE_FORM => [
                'onHandleForm',
                -20 // After persisting user
            ],
            KernelEvents::REQUEST => 'onKernelRequest'
        ];
    }

    public function __construct($tosUrl, $tosVersion, EntityManagerInterface $em, TokenStorageInterface $tokenStorage, UrlGeneratorInterface $urlGenerator)
    {
        $this->tosUrl = $tosUrl;
        $this->tosVersion = $tosVersion;
        $this->em = $em;
        $this->tokenStorage = $tokenStorage;
        $this->urlGenerator = $urlGenerator;
    }

    public function onBuildForm(RegistrationFormEvent $event)
    {
        $event->getFormBuilder()->add('vl_tos', AcceptTosType::class, [
            'url' => $this->tosUrl,
            'mapped' => false
        ]);
    }

    public function onHandleForm(RegistrationHandleEvent $event)
    {
        if ($event->getForm()
            ->get('vl_tos')
            ->getData()['accept']) {
            $user = $event->getForm()->getData();
            /* @var $user \App\Entity\User */
            $tosUser = new UserTos($user);
            $tosUser->setAcceptedVersion($this->tosVersion);
            $this->em->persist($tosUser);
        }
    }

    public function onKernelRequest(GetResponseEvent $event)
    {
        if (!$event->isMasterRequest())
            return;
        if (!($token = $this->tokenStorage->getToken()))
            return;
        if (!($user = $token->getUser()))
            return;
        if (!($user instanceof User))
            return;
        if ($token->hasAttribute('vl_tos_accept_ok'))
            return;
        $userTos = $this->em->find(UserTos::class, $user);

        if ($userTos && $userTos->getAcceptedVersion() >= $this->tosVersion) {
            $token->setAttribute('vl_tos_accept_ok', true);
            return;
        }

        if ($event->getRequest()->getRequestFormat() !== 'html') {
            throw new AccessDeniedHttpException('You need to accept the latest version of the terms of service.');
        }

        switch ($event->getRequest()->attributes->get('_route')) {
            case 'vl_tos_accept':
                break;
            default:
                $response = RedirectResponse::create($this->urlGenerator->generate('vl_tos_accept'));
                $event->setResponse($response);
        }
    }
}