From 56ea42d2e6019b7355bff56c62bf4e090cbefb3b Mon Sep 17 00:00:00 2001
From: Romain Neutron <imprec@gmail.com>
Date: Wed, 10 Jul 2013 18:38:10 +0200
Subject: [PATCH] Fix #1276 : persistent cookies does not authenticate

---
 lib/Alchemy/Phrasea/Application/Root.php      |  8 ----
 lib/Alchemy/Phrasea/Controller/Root/Login.php |  3 ++
 .../Subscriber/PersistentCookieSubscriber.php | 45 +++++++++++++++++++
 .../AuthenticationManagerServiceProvider.php  | 10 ++++-
 4 files changed, 57 insertions(+), 9 deletions(-)
 create mode 100644 lib/Alchemy/Phrasea/Core/Event/Subscriber/PersistentCookieSubscriber.php

diff --git a/lib/Alchemy/Phrasea/Application/Root.php b/lib/Alchemy/Phrasea/Application/Root.php
index c98be6552e..cf7b81f1e6 100644
--- a/lib/Alchemy/Phrasea/Application/Root.php
+++ b/lib/Alchemy/Phrasea/Application/Root.php
@@ -38,14 +38,6 @@ return call_user_func(function($environment = PhraseaApplication::ENV_PROD) {
         }
     });
 
-    $app->before(function(Request $request) use ($app) {
-        if ($request->cookies->has('persistent') && !$app['authentication']->isAuthenticated()) {
-            if (false !== $session = $app['authentication.persistent-manager']->getSession($request->cookies->get('persistent'))) {
-                $app['authentication']->refreshAccount($session);
-            }
-        }
-    });
-
     $app->bindRoutes();
 
     if (PhraseaApplication::ENV_DEV === $app->getEnvironment()) {
diff --git a/lib/Alchemy/Phrasea/Controller/Root/Login.php b/lib/Alchemy/Phrasea/Controller/Root/Login.php
index d235893e46..767a8d7d2c 100644
--- a/lib/Alchemy/Phrasea/Controller/Root/Login.php
+++ b/lib/Alchemy/Phrasea/Controller/Root/Login.php
@@ -1010,6 +1010,9 @@ class Login implements ControllerProviderInterface
                 ->setNonce($nonce);
             $cookie = new Cookie('persistent', $token);
             $response->headers->setCookie($cookie);
+
+            $app['EM']->persist($session);
+            $app['EM']->flush();
         }
 
         $event = new PostAuthenticate($request, $response, $user, $context);
diff --git a/lib/Alchemy/Phrasea/Core/Event/Subscriber/PersistentCookieSubscriber.php b/lib/Alchemy/Phrasea/Core/Event/Subscriber/PersistentCookieSubscriber.php
new file mode 100644
index 0000000000..3a4a31c575
--- /dev/null
+++ b/lib/Alchemy/Phrasea/Core/Event/Subscriber/PersistentCookieSubscriber.php
@@ -0,0 +1,45 @@
+<?php
+
+/*
+ * This file is part of Phraseanet
+ *
+ * (c) 2005-2013 Alchemy
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Alchemy\Phrasea\Core\Event\Subscriber;
+
+use Silex\Application;
+use Symfony\Component\HttpKernel\KernelEvents;
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+use Symfony\Component\HttpKernel\Event\GetResponseEvent;
+
+class PersistentCookieSubscriber implements EventSubscriberInterface
+{
+    private $app;
+
+    public function __construct(Application $app)
+    {
+        $this->app = $app;
+    }
+
+    public static function getSubscribedEvents()
+    {
+        return array(
+            KernelEvents::REQUEST => array('checkPersistentCookie', 128),
+        );
+    }
+
+    public function checkPersistentCookie(GetResponseEvent $event)
+    {
+        $request = $event->getRequest();
+
+        if ($request->cookies->has('persistent') && !$this->app['authentication']->isAuthenticated()) {
+            if (false !== $session = $this->app['authentication.persistent-manager']->getSession($request->cookies->get('persistent'))) {
+                $this->app['authentication']->refreshAccount($session);
+            }
+        }
+    }
+}
diff --git a/lib/Alchemy/Phrasea/Core/Provider/AuthenticationManagerServiceProvider.php b/lib/Alchemy/Phrasea/Core/Provider/AuthenticationManagerServiceProvider.php
index 9648ec7304..f51e581fe1 100644
--- a/lib/Alchemy/Phrasea/Core/Provider/AuthenticationManagerServiceProvider.php
+++ b/lib/Alchemy/Phrasea/Core/Provider/AuthenticationManagerServiceProvider.php
@@ -26,6 +26,7 @@ use Alchemy\Phrasea\Authentication\SuggestionFinder;
 use Alchemy\Phrasea\Authentication\Token\TokenValidator;
 use Silex\Application;
 use Silex\ServiceProviderInterface;
+use Alchemy\Phrasea\Core\Event\Subscriber\PersistentCookieSubscriber;
 
 class AuthenticationManagerServiceProvider implements ServiceProviderInterface
 {
@@ -67,7 +68,7 @@ class AuthenticationManagerServiceProvider implements ServiceProviderInterface
 
                 }
             }, $authConf['auto-create']['templates']));
-            
+
             $enabled = $app['phraseanet.registry']->get('GV_autoregister') && $app['registration.enabled'];
 
             return new AccountCreator($app['tokens'], $app['phraseanet.appbox'], $enabled, $templates);
@@ -126,5 +127,12 @@ class AuthenticationManagerServiceProvider implements ServiceProviderInterface
 
     public function boot(Application $app)
     {
+        $app['dispatcher'] = $app->share(
+            $app->extend('dispatcher', function($dispatcher, Application $app){
+                $dispatcher->addSubscriber(new PersistentCookieSubscriber($app));
+
+                return $dispatcher;
+            })
+        );
     }
 }