From 3ab2ef5a9e0ddd8d6504e5ea4e7d298826ae5437 Mon Sep 17 00:00:00 2001 From: ASTIER Yann Date: Thu, 28 Nov 2024 15:00:06 +0100 Subject: [PATCH] login WIP astier --- composer.json | 1 - composer.lock | 48 +---------- config/bundles.php | 1 - src/Controller/EmployeeController.php | 5 ++ src/Controller/RegistrationController.php | 86 ------------------- src/Controller/SecurityController.php | 3 +- src/Form/EmployeeType.php | 21 ++++- src/Form/RegistrationFormType.php | 64 -------------- src/Repository/UserRepository.php | 60 ------------- src/Security/EmailVerifier.php | 52 ----------- .../registration/confirmation_email.html.twig | 11 --- templates/registration/register.html.twig | 32 ------- templates/security/login.html.twig | 1 - 13 files changed, 27 insertions(+), 358 deletions(-) delete mode 100644 src/Controller/RegistrationController.php delete mode 100644 src/Form/RegistrationFormType.php delete mode 100644 src/Repository/UserRepository.php delete mode 100644 src/Security/EmailVerifier.php delete mode 100644 templates/registration/confirmation_email.html.twig delete mode 100644 templates/registration/register.html.twig diff --git a/composer.json b/composer.json index c5a6576..b7dd080 100644 --- a/composer.json +++ b/composer.json @@ -42,7 +42,6 @@ "symfony/validator": "7.1.*", "symfony/web-link": "7.1.*", "symfony/yaml": "7.1.*", - "symfonycasts/verify-email-bundle": "^1.17", "twig/extra-bundle": "^2.12|^3.0", "twig/twig": "^2.12|^3.0" }, diff --git a/composer.lock b/composer.lock index fa59f9f..465f63c 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "fa6b415ac11ece0fbfc562be9a5d1df3", + "content-hash": "6a957fcd0a6de48ba22ea99ed82f113f", "packages": [ { "name": "composer/semver", @@ -7342,52 +7342,6 @@ ], "time": "2024-08-12T09:59:40+00:00" }, - { - "name": "symfonycasts/verify-email-bundle", - "version": "v1.17.0", - "source": { - "type": "git", - "url": "https://github.com/SymfonyCasts/verify-email-bundle.git", - "reference": "f72af149070b39ef82a7095074378d0a98b4d2ef" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/SymfonyCasts/verify-email-bundle/zipball/f72af149070b39ef82a7095074378d0a98b4d2ef", - "reference": "f72af149070b39ef82a7095074378d0a98b4d2ef", - "shasum": "" - }, - "require": { - "ext-json": "*", - "php": ">=8.1", - "symfony/config": "^5.4 | ^6.0 | ^7.0", - "symfony/dependency-injection": "^5.4 | ^6.0 | ^7.0", - "symfony/deprecation-contracts": "^2.2 | ^3.0", - "symfony/http-kernel": "^5.4 | ^6.0 | ^7.0", - "symfony/routing": "^5.4 | ^6.0 | ^7.0" - }, - "require-dev": { - "doctrine/orm": "^2.7", - "doctrine/persistence": "^2.0", - "symfony/framework-bundle": "^5.4 | ^6.0 | ^7.0", - "symfony/phpunit-bridge": "^5.4 | ^6.0 | ^7.0" - }, - "type": "symfony-bundle", - "autoload": { - "psr-4": { - "SymfonyCasts\\Bundle\\VerifyEmail\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "description": "Simple, stylish Email Verification for Symfony", - "support": { - "issues": "https://github.com/SymfonyCasts/verify-email-bundle/issues", - "source": "https://github.com/SymfonyCasts/verify-email-bundle/tree/v1.17.0" - }, - "time": "2024-03-17T02:29:53+00:00" - }, { "name": "twig/extra-bundle", "version": "v3.13.0", diff --git a/config/bundles.php b/config/bundles.php index cf72b69..4e3a560 100644 --- a/config/bundles.php +++ b/config/bundles.php @@ -13,5 +13,4 @@ return [ Symfony\Bundle\SecurityBundle\SecurityBundle::class => ['all' => true], Symfony\Bundle\MonologBundle\MonologBundle::class => ['all' => true], Symfony\Bundle\MakerBundle\MakerBundle::class => ['dev' => true], - SymfonyCasts\Bundle\VerifyEmail\SymfonyCastsVerifyEmailBundle::class => ['all' => true], ]; diff --git a/src/Controller/EmployeeController.php b/src/Controller/EmployeeController.php index 3eee805..1b17860 100644 --- a/src/Controller/EmployeeController.php +++ b/src/Controller/EmployeeController.php @@ -30,6 +30,11 @@ final class EmployeeController extends AbstractController $form->handleRequest($request); if ($form->isSubmitted() && $form->isValid()) { + + $employee->setPassword( + password_hash($form->get('plainPassword')->getData(), PASSWORD_BCRYPT) + ); + $entityManager->persist($employee); $entityManager->flush(); diff --git a/src/Controller/RegistrationController.php b/src/Controller/RegistrationController.php deleted file mode 100644 index 6548727..0000000 --- a/src/Controller/RegistrationController.php +++ /dev/null @@ -1,86 +0,0 @@ -createForm(RegistrationFormType::class, $employee); - $form->handleRequest($request); - - if ($form->isSubmitted() && $form->isValid()) { - - - - // encode the plain password - $employee->setPassword( - password_hash($form->get('plainPassword')->getData(), PASSWORD_BCRYPT) - ); - - $entityManager->persist($employee); - $entityManager->flush(); - - // generate a signed url and email it to the employee - $this->emailVerifier->sendEmailConfirmation('app_verify_email', $employee, - (new TemplatedEmail()) - ->from(new Address('no-reply@HegreLand.com', 'Hegre Land')) - ->to((string) $employee->getEmail()) - ->subject('Please Confirm your Email') - ->htmlTemplate('registration/confirmation_email.html.twig') - ); - - // do anything else you need here, like send an email - - return $security->login($employee, LoginFormAuthenticator::class, 'main'); - } - - return $this->render('registration/register.html.twig', [ - 'registrationForm' => $form, - ]); - } - - #[Route('/verify/email', name: 'app_verify_email')] - public function verifyUserEmail(Request $request, TranslatorInterface $translator): Response - { - $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY'); - - // validate email confirmation link, sets User::isVerified=true and persists - try { - /** @var Employee $employee */ - $employee = $this->getUser(); - $this->emailVerifier->handleEmailConfirmation($request, $employee); - } catch (VerifyEmailExceptionInterface $exception) { - $this->addFlash('verify_email_error', $translator->trans($exception->getReason(), [], 'VerifyEmailBundle')); - - return $this->redirectToRoute('DashboardController'); - } - - // @TODO Change the redirect on success and handle or remove the flash message in your templates - $this->addFlash('success', 'Your email address has been verified.'); - - return $this->redirectToRoute('app_register'); - } -} diff --git a/src/Controller/SecurityController.php b/src/Controller/SecurityController.php index 9453eae..664f476 100644 --- a/src/Controller/SecurityController.php +++ b/src/Controller/SecurityController.php @@ -7,9 +7,10 @@ use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Routing\Attribute\Route; use Symfony\Component\Security\Http\Authentication\AuthenticationUtils; +#[Route(path: '/login', name: 'security')] class SecurityController extends AbstractController { - #[Route(path: '/login', name: 'app_login')] + #[Route(path: '', name: '_login')] public function login(AuthenticationUtils $authenticationUtils): Response { // if ($this->getUser()) { diff --git a/src/Form/EmployeeType.php b/src/Form/EmployeeType.php index 9a0048f..a2c0c35 100644 --- a/src/Form/EmployeeType.php +++ b/src/Form/EmployeeType.php @@ -10,6 +10,8 @@ use Symfony\Component\Form\Extension\Core\Type\SubmitType; use Symfony\Component\Form\Extension\Core\Type\TextType; use Symfony\Component\Form\FormBuilderInterface; use Symfony\Component\OptionsResolver\OptionsResolver; +use Symfony\Component\Validator\Constraints\Length; +use Symfony\Component\Validator\Constraints\NotBlank; class EmployeeType extends AbstractType { @@ -19,7 +21,6 @@ class EmployeeType extends AbstractType ->add('email', EmailType::class, ['label' => 'Email Address']) ->add('firstName', TextType::class, ['label' => 'First Name']) ->add('lastName', TextType::class, ['label' => 'Last Name']) - ->add('password', PasswordType::class, ['label' => 'Password']) ->add('roles', ChoiceType::class, [ 'label' => 'Roles (comma-separated)', 'required' => false, @@ -30,7 +31,23 @@ class EmployeeType extends AbstractType 'multiple' => true, // Allow multiple selections 'expanded' => true, // Render as checkboxes ]) - ; + ->add('plainPassword', PasswordType::class, [ + // instead of being set onto the object directly, + // this is read and encoded in the controller + 'mapped' => false, + 'attr' => ['autocomplete' => 'new-password'], + 'constraints' => [ + new NotBlank([ + 'message' => 'Please enter a password', + ]), + new Length([ + 'min' => 6, + 'minMessage' => 'Your password should be at least {{ limit }} characters', + // max length allowed by Symfony for security reasons + 'max' => 4096, + ]), + ], + ]); } public function configureOptions(OptionsResolver $resolver): void diff --git a/src/Form/RegistrationFormType.php b/src/Form/RegistrationFormType.php deleted file mode 100644 index 352c917..0000000 --- a/src/Form/RegistrationFormType.php +++ /dev/null @@ -1,64 +0,0 @@ -add('email', EmailType::class, ['label' => 'Email Address']) - ->add('firstName', TextType::class, ['label' => 'First Name']) - ->add('lastName', TextType::class, ['label' => 'Last Name']) - ->add('roles', ChoiceType::class, [ - 'label' => 'Roles (comma-separated)', - 'required' => false, - 'choices' => [ - 'User' => 'ROLE_USER', - 'Admin' => 'ROLE_ADMIN', - ], - 'multiple' => true, // Allow multiple selections - 'expanded' => true, // Render as checkboxes - ]) - ->add('plainPassword', PasswordType::class, [ - // instead of being set onto the object directly, - // this is read and encoded in the controller - 'mapped' => false, - 'attr' => ['autocomplete' => 'new-password'], - 'constraints' => [ - new NotBlank([ - 'message' => 'Please enter a password', - ]), - new Length([ - 'min' => 6, - 'minMessage' => 'Your password should be at least {{ limit }} characters', - // max length allowed by Symfony for security reasons - 'max' => 4096, - ]), - ], - ]) - ->add('save', SubmitType::class, ['label' => 'Add Employee']) - ; - } - - public function configureOptions(OptionsResolver $resolver): void - { - $resolver->setDefaults([ - 'data_class' => Employee::class, - ]); - } -} diff --git a/src/Repository/UserRepository.php b/src/Repository/UserRepository.php deleted file mode 100644 index 4f2804e..0000000 --- a/src/Repository/UserRepository.php +++ /dev/null @@ -1,60 +0,0 @@ - - */ -class UserRepository extends ServiceEntityRepository implements PasswordUpgraderInterface -{ - public function __construct(ManagerRegistry $registry) - { - parent::__construct($registry, User::class); - } - - /** - * Used to upgrade (rehash) the user's password automatically over time. - */ - public function upgradePassword(PasswordAuthenticatedUserInterface $user, string $newHashedPassword): void - { - if (!$user instanceof User) { - throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', $user::class)); - } - - $user->setPassword($newHashedPassword); - $this->getEntityManager()->persist($user); - $this->getEntityManager()->flush(); - } - - // /** - // * @return User[] Returns an array of User objects - // */ - // public function findByExampleField($value): array - // { - // return $this->createQueryBuilder('u') - // ->andWhere('u.exampleField = :val') - // ->setParameter('val', $value) - // ->orderBy('u.id', 'ASC') - // ->setMaxResults(10) - // ->getQuery() - // ->getResult() - // ; - // } - - // public function findOneBySomeField($value): ?User - // { - // return $this->createQueryBuilder('u') - // ->andWhere('u.exampleField = :val') - // ->setParameter('val', $value) - // ->getQuery() - // ->getOneOrNullResult() - // ; - // } -} diff --git a/src/Security/EmailVerifier.php b/src/Security/EmailVerifier.php deleted file mode 100644 index 3c0cac9..0000000 --- a/src/Security/EmailVerifier.php +++ /dev/null @@ -1,52 +0,0 @@ -verifyEmailHelper->generateSignature( - $verifyEmailRouteName, - (string) $employee->getId(), - (string) $employee->getEmail() - ); - - $context = $email->getContext(); - $context['signedUrl'] = $signatureComponents->getSignedUrl(); - $context['expiresAtMessageKey'] = $signatureComponents->getExpirationMessageKey(); - $context['expiresAtMessageData'] = $signatureComponents->getExpirationMessageData(); - - $email->context($context); - - } - - /** - * @throws VerifyEmailExceptionInterface - */ - public function handleEmailConfirmation(Request $request, Employee $employee): void - { - $this->verifyEmailHelper->validateEmailConfirmationFromRequest($request, (string) $employee->getId(), (string) $employee->getEmail()); - - $employee->setVerified(true); - - $this->entityManager->persist($employee); - $this->entityManager->flush(); - } -} diff --git a/templates/registration/confirmation_email.html.twig b/templates/registration/confirmation_email.html.twig deleted file mode 100644 index 7c79d8a..0000000 --- a/templates/registration/confirmation_email.html.twig +++ /dev/null @@ -1,11 +0,0 @@ -

Hi! Please confirm your email!

- -

- Please confirm your email address by clicking the following link:

- Confirm my Email. - This link will expire in {{ expiresAtMessageKey|trans(expiresAtMessageData, 'VerifyEmailBundle') }}. -

- -

- Cheers! -

diff --git a/templates/registration/register.html.twig b/templates/registration/register.html.twig deleted file mode 100644 index 2bf8f16..0000000 --- a/templates/registration/register.html.twig +++ /dev/null @@ -1,32 +0,0 @@ -{% extends 'base.html.twig' %} - -{% block title %}HegreLand{% endblock %} - -{% block body %} - {% for flash_error in app.flashes('verify_email_error') %} - - {% endfor %} - -

M'inscrire

- - {{ form_errors(registrationForm) }} - - {{ form_start(registrationForm) }} -
- {{ form_row(registrationForm.email) }} - {{ form_row(registrationForm.firstName) }} - {{ form_row(registrationForm.lastName) }} - {{ form_row(registrationForm.roles) }} -
-
- {{ form_row(registrationForm.plainPassword, { - label: 'Password' - }) }} - -
- - -

Déjà inscrit(e) ? Me connecter

- - {{ form_end(registrationForm) }} -{% endblock %} diff --git a/templates/security/login.html.twig b/templates/security/login.html.twig index 70ddce5..89379d3 100644 --- a/templates/security/login.html.twig +++ b/templates/security/login.html.twig @@ -21,6 +21,5 @@ Se connecter

Mot de passe oublié

-

Pas encore inscrit(e) ? M'inscrire

{% endblock %}