mirrors/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2024-06-20 14:10:40 +00:00
Code Issues Projects Releases Wiki Activity

remove old implementation for login/register/recover

Browse source
This commit is contained in:
Nicolas Lœuillet 2015-10-02 14:51:41 +02:00 committed by Jeremy Benoist
parent 772d8c4b93
commit 1210dae105
40 changed files with 93 additions and 773 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
app/AppKernel.php
View file

@ -27,6 +27,7 @@ class AppKernel extends Kernel
new Bazinga\Bundle\HateoasBundle\BazingaHateoasBundle(),
new Lexik\Bundle\FormFilterBundle\LexikFormFilterBundle(),
new FOS\OAuthServerBundle\FOSOAuthServerBundle(),
new Wallabag\UserBundle\WallabagUserBundle(),
);
if (in_array($this->getEnvironment(), array('dev', 'test'))) {

2
app/config/config.yml
View file

@ -158,7 +158,7 @@ liip_theme:
fos_user:
db_driver: orm
firewall_name: main
user_class: Wallabag\CoreBundle\Entity\User
user_class: Wallabag\UserBundle\Entity\User
registration:
form:
type: wallabag_user_registration

23
app/config/routing.yml
View file

@ -1,3 +1,8 @@
wallabag_user:
resource: "@WallabagUserBundle/Controller/"
type: annotation
prefix: /
wallabag_api:
resource: "@WallabagApiBundle/Resources/config/routing.yml"
prefix: /
@ -10,15 +15,15 @@ doc-api:
resource: "@NelmioApiDocBundle/Resources/config/routing.yml"
prefix: /api/doc
login:
pattern: /login
defaults: { _controller: WallabagCoreBundle:Security:login }
login_check:
pattern: /login_check
logout:
path: /logout
#login:
# pattern: /login
# defaults: { _controller: WallabagCoreBundle:Security:login }
#
#login_check:
# pattern: /login_check
#
#logout:
# path: /logout
rest :
type : rest

4
app/config/security.yml
View file

@ -8,7 +8,7 @@ security:
providers:
administrators:
entity: { class: WallabagCoreBundle:User, property: username }
entity: { class: WallabagUserBundle:User, property: username }
fos_userbundle:
id: fos_user.user_provider.username
@ -49,6 +49,6 @@ security:
- { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/forgot-password, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /(unread|starred|archive).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_USER }

4
config/deploy.rb
View file

@ -4,8 +4,8 @@ lock '3.4.0'
set :application, 'wallabag'
set :repo_url, 'git@github.com:wallabag/wallabag.git'
set :ssh_user, 'ssh_user'
server 'server_ip', user: fetch(:ssh_user), roles: %w{web app db}
set :ssh_user, 'framasoft_bag'
server '78.46.248.87', user: fetch(:ssh_user), roles: %w{web app db}
set :scm, :git

2
config/deploy/staging.rb
View file

@ -1,2 +1,2 @@
set :branch, 'v2'
set :deploy_to, '/var/www/'
set :deploy_to, '/var/www/v2.wallabag.org/web/'

2
src/Wallabag/ApiBundle/Entity/AccessToken.php
View file

@ -25,7 +25,7 @@ class AccessToken extends BaseAccessToken
protected $client;
/**
* @ORM\ManyToOne(targetEntity="Wallabag\CoreBundle\Entity\User")
* @ORM\ManyToOne(targetEntity="Wallabag\UserBundle\Entity\User")
*/
protected $user;
}

2
src/Wallabag/ApiBundle/Entity/AuthCode.php
View file

@ -25,7 +25,7 @@ class AuthCode extends BaseAuthCode
protected $client;
/**
* @ORM\ManyToOne(targetEntity="Wallabag\CoreBundle\Entity\User")
* @ORM\ManyToOne(targetEntity="Wallabag\UserBundle\Entity\User")
*/
protected $user;
}

2
src/Wallabag/ApiBundle/Entity/RefreshToken.php
View file

@ -25,7 +25,7 @@ class RefreshToken extends BaseRefreshToken
protected $client;
/**
* @ORM\ManyToOne(targetEntity="Wallabag\CoreBundle\Entity\User")
* @ORM\ManyToOne(targetEntity="Wallabag\UserBundle\Entity\User")
*/
protected $user;
}

2
src/Wallabag/CoreBundle/Command/InstallCommand.php
View file

@ -8,7 +8,7 @@ use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Input\ArrayInput;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Output\NullOutput;
use Wallabag\CoreBundle\Entity\User;
use Wallabag\UserBundle\Entity\User;
use Wallabag\CoreBundle\Entity\Config;
class InstallCommand extends ContainerAwareCommand

2
src/Wallabag/CoreBundle/Controller/ConfigController.php
View file

@ -7,7 +7,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\JsonResponse;
use Wallabag\CoreBundle\Entity\Config;
use Wallabag\CoreBundle\Entity\User;
use Wallabag\UserBundle\Entity\User;
use Wallabag\CoreBundle\Form\Type\ChangePasswordType;
use Wallabag\CoreBundle\Form\Type\UserInformationType;
use Wallabag\CoreBundle\Form\Type\NewUserType;

8
src/Wallabag/CoreBundle/Controller/RssController.php
View file

@ -5,7 +5,7 @@ namespace Wallabag\CoreBundle\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Wallabag\CoreBundle\Entity\User;
use Wallabag\UserBundle\Entity\User;
use Wallabag\CoreBundle\Entity\Entry;
use Pagerfanta\Adapter\DoctrineORMAdapter;
use Pagerfanta\Pagerfanta;
@ -16,7 +16,7 @@ class RssController extends Controller
* Shows unread entries for current user.
*
* @Route("/{username}/{token}/unread.xml", name="unread_rss", defaults={"_format"="xml"})
* @ParamConverter("user", class="WallabagCoreBundle:User", converter="username_rsstoken_converter")
* @ParamConverter("user", class="WallabagUserBundle:User", converter="username_rsstoken_converter")
*
* @return \Symfony\Component\HttpFoundation\Response
*/
@ -29,7 +29,7 @@ class RssController extends Controller
* Shows read entries for current user.
*
* @Route("/{username}/{token}/archive.xml", name="archive_rss")
* @ParamConverter("user", class="WallabagCoreBundle:User", converter="username_rsstoken_converter")
* @ParamConverter("user", class="WallabagUserBundle:User", converter="username_rsstoken_converter")
*
* @return \Symfony\Component\HttpFoundation\Response
*/
@ -42,7 +42,7 @@ class RssController extends Controller
* Shows starred entries for current user.
*
* @Route("/{username}/{token}/starred.xml", name="starred_rss")
* @ParamConverter("user", class="WallabagCoreBundle:User", converter="username_rsstoken_converter")
* @ParamConverter("user", class="WallabagUserBundle:User", converter="username_rsstoken_converter")
*
* @return \Symfony\Component\HttpFoundation\Response
*/

153
src/Wallabag/CoreBundle/Controller/SecurityController.php
View file

@ -1,153 +0,0 @@
<?php
namespace Wallabag\CoreBundle\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\SecurityContext;
use Wallabag\CoreBundle\Form\Type\ResetPasswordType;
class SecurityController extends Controller
{
public function loginAction(Request $request)
{
$session = $request->getSession();
// get the login error if there is one
if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
$error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
} else {
$error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
$session->remove(SecurityContext::AUTHENTICATION_ERROR);
}
return $this->render('WallabagCoreBundle:Security:login.html.twig', array(
// last username entered by the user
'last_username' => $session->get(SecurityContext::LAST_USERNAME),
'error' => $error,
));
}
/**
* Request forgot password: show form.
*
* @Route("/forgot-password", name="forgot_password")
*
* @Method({"GET", "POST"})
*/
public function forgotPasswordAction(Request $request)
{
$form = $this->createForm('forgot_password');
$form->handleRequest($request);
if ($form->isValid()) {
$user = $this->getDoctrine()->getRepository('WallabagCoreBundle:User')->findOneByEmail($form->get('email')->getData());
// generate "hard" token
$user->setConfirmationToken(rtrim(strtr(base64_encode(hash('sha256', uniqid(mt_rand(), true), true)), '+/', '-_'), '='));
$user->setPasswordRequestedAt(new \DateTime());
$em = $this->getDoctrine()->getManager();
$em->persist($user);
$em->flush();
$message = \Swift_Message::newInstance()
->setSubject('Reset Password')
->setFrom($this->container->getParameter('from_email'))
->setTo($user->getEmail())
->setBody($this->renderView('WallabagCoreBundle:Mail:forgotPassword.txt.twig', array(
'username' => $user->getUsername(),
'confirmationUrl' => $this->generateUrl('forgot_password_reset', array('token' => $user->getConfirmationToken()), true),
)))
;
$this->get('mailer')->send($message);
return $this->redirect($this->generateUrl('forgot_password_check_email',
array('email' => $this->getObfuscatedEmail($user->getEmail()))
));
}
return $this->render('WallabagCoreBundle:Security:forgotPassword.html.twig', array(
'form' => $form->createView(),
));
}
/**
* Tell the user to check his email provider.
*
* @Route("/forgot-password/check-email", name="forgot_password_check_email")
*
* @Method({"GET"})
*/
public function checkEmailAction(Request $request)
{
$email = $request->query->get('email');
if (empty($email)) {
// the user does not come from the forgotPassword action
return $this->redirect($this->generateUrl('forgot_password'));
}
return $this->render('WallabagCoreBundle:Security:checkEmail.html.twig', array(
'email' => $email,
));
}
/**
* Reset user password.
*
* @Route("/forgot-password/{token}", name="forgot_password_reset")
*
* @Method({"GET", "POST"})
*/
public function resetAction(Request $request, $token)
{
$user = $this->getDoctrine()->getRepository('WallabagCoreBundle:User')->findOneByConfirmationToken($token);
if (null === $user) {
throw $this->createNotFoundException(sprintf('No user found with token "%s"', $token));
}
$form = $this->createForm(new ResetPasswordType());
$form->handleRequest($request);
if ($form->isValid()) {
$user->setPassword($form->get('new_password')->getData());
$em = $this->getDoctrine()->getManager();
$em->persist($user);
$em->flush();
$this->get('session')->getFlashBag()->add(
'notice',
'The password has been reset successfully'
);
return $this->redirect($this->generateUrl('login'));
}
return $this->render('WallabagCoreBundle:Security:reset.html.twig', array(
'token' => $token,
'form' => $form->createView(),
));
}
/**
* Get the truncated email displayed when requesting the resetting.
*
* Keeping only the part following @ in the address.
*
* @param string $email
*
* @return string
*/
protected function getObfuscatedEmail($email)
{
if (false !== $pos = strpos($email, '@')) {
$email = '...'.substr($email, $pos);
}
return $email;
}
}

4
src/Wallabag/CoreBundle/DataFixtures/ORM/LoadUserData.php
View file

@ -1,11 +1,11 @@
<?php
namespace Wallabag\CoreBundle\DataFixtures\ORM;
namespace Wallabag\UserBundle\DataFixtures\ORM;
use Doctrine\Common\DataFixtures\AbstractFixture;
use Doctrine\Common\DataFixtures\OrderedFixtureInterface;
use Doctrine\Common\Persistence\ObjectManager;
use Wallabag\CoreBundle\Entity\User;
use Wallabag\UserBundle\Entity\User;
class LoadUserData extends AbstractFixture implements OrderedFixtureInterface
{

10
src/Wallabag/CoreBundle/Entity/Config.php
View file

@ -72,14 +72,14 @@ class Config
private $rssLimit;
/**
* @ORM\OneToOne(targetEntity="User", inversedBy="config")
* @ORM\OneToOne(targetEntity="Wallabag\UserBundle\Entity\User", inversedBy="config")
*/
private $user;
/*
* @param User $user
*/
public function __construct(User $user)
public function __construct(Wallabag\UserBundle\Entity\User $user)
{
$this->user = $user;
}
@ -169,11 +169,11 @@ class Config
/**
* Set user.
*
* @param \Wallabag\CoreBundle\Entity\User $user
* @param User $user
*
* @return Config
*/
public function setUser(\Wallabag\CoreBundle\Entity\User $user = null)
public function setUser(User $user = null)
{
$this->user = $user;
@ -183,7 +183,7 @@ class Config
/**
* Get user.
*
* @return \Wallabag\CoreBundle\Entity\User
* @return User
*/
public function getUser()
{

5
src/Wallabag/CoreBundle/Entity/Entry.php
View file

@ -7,6 +7,7 @@ use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Validator\Constraints as Assert;
use Hateoas\Configuration\Annotation as Hateoas;
use JMS\Serializer\Annotation\XmlRoot;
use Wallabag\UserBundle\Entity\User;
/**
* Entry.
@ -129,7 +130,7 @@ class Entry
private $isPublic;
/**
* @ORM\ManyToOne(targetEntity="User", inversedBy="entries")
* @ORM\ManyToOne(targetEntity="Wallabag\UserBundle\Entity\User", inversedBy="entries")
*/
private $user;
@ -142,7 +143,7 @@ class Entry
/*
* @param User $user
*/
public function __construct(User $user)
public function __construct(Wallabag\UserBundle\Entity\User $user)
{
$this->user = $user;
$this->tags = new ArrayCollection();

2
src/Wallabag/CoreBundle/Entity/Tag.php
View file

@ -42,7 +42,7 @@ class Tag
private $entries;
/**
* @ORM\ManyToOne(targetEntity="User", inversedBy="tags")
* @ORM\ManyToOne(targetEntity="Wallabag\UserBundle\Entity\User", inversedBy="tags")
*/
private $user;

2
src/Wallabag/CoreBundle/Filter/EntryFilterType.php
View file

@ -7,7 +7,7 @@ use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolver;
use Lexik\Bundle\FormFilterBundle\Filter\Query\QueryInterface;
use Doctrine\ORM\EntityRepository;
use Wallabag\CoreBundle\Entity\User;
use Wallabag\UserBundle\Entity\User;
class EntryFilterType extends AbstractType
{

2
src/Wallabag/CoreBundle/Form/Type/ForgotPasswordType.php
View file

@ -39,7 +39,7 @@ class ForgotPasswordType extends AbstractType
public function validateEmail($email, ExecutionContextInterface $context)
{
$user = $this->doctrine
->getRepository('WallabagCoreBundle:User')
->getRepository('WallabagUserBundle:User')
->findOneByEmail($email);
if (!$user) {

2
src/Wallabag/CoreBundle/Form/Type/NewUserType.php
View file

@ -31,7 +31,7 @@ class NewUserType extends AbstractType
public function configureOptions(OptionsResolver $resolver)
{
$resolver->setDefaults(array(
'data_class' => 'Wallabag\CoreBundle\Entity\User',
'data_class' => 'Wallabag\UserBundle\Entity\User',
));
}

2
src/Wallabag/CoreBundle/Form/Type/UserInformationType.php
View file

@ -27,7 +27,7 @@ class UserInformationType extends AbstractType
public function configureOptions(OptionsResolver $resolver)
{
$resolver->setDefaults(array(
'data_class' => 'Wallabag\CoreBundle\Entity\User',
'data_class' => 'Wallabag\UserBundle\Entity\User',
));
}

2
src/Wallabag/CoreBundle/Helper/DetectActiveTheme.php
View file

@ -4,7 +4,7 @@ namespace Wallabag\CoreBundle\Helper;
use Liip\ThemeBundle\Helper\DeviceDetectionInterface;
use Symfony\Component\Security\Core\SecurityContextInterface;
use Wallabag\CoreBundle\Entity\User;
use Wallabag\UserBundle\Entity\User;
/**
* This class intend to detect the active theme for the logged in user.

4
src/Wallabag/CoreBundle/ParamConverter/UsernameRssTokenConverter.php
View file

@ -7,7 +7,7 @@ use Doctrine\Common\Persistence\ManagerRegistry;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use Wallabag\CoreBundle\Entity\User;
use Wallabag\UserBundle\Entity\User;
/**
* ParamConverter used in the RSS controller to retrieve the right user according to
@ -49,7 +49,7 @@ class UsernameRssTokenConverter implements ParamConverterInterface
$em = $this->registry->getManagerForClass($configuration->getClass());
// Check, if class name is what we need
if ('Wallabag\CoreBundle\Entity\User' !== $em->getClassMetadata($configuration->getClass())->getName()) {
if ('Wallabag\UserBundle\Entity\User' !== $em->getClassMetadata($configuration->getClass())->getName()) {
return false;
}

2
src/Wallabag/CoreBundle/Resources/views/themes/baggy/layout.html.twig
View file

@ -52,7 +52,7 @@
</li>
<li><a href="{{ path('config') }}">{% trans %}config{% endtrans %}</a></li>
<li><a href="{{ path('about') }}">{% trans %}about{% endtrans %}</a></li>
<li><a class="icon icon-power" href="{{ path('logout') }}" title="{% trans %}logout{% endtrans %}">{% trans %}logout{% endtrans %}</a></li>
<li><a class="icon icon-power" href="{{ path('fos_user_security_logout') }}" title="{% trans %}logout{% endtrans %}">{% trans %}logout{% endtrans %}</a></li>
</ul>
{% endblock %}

2
src/Wallabag/CoreBundle/Resources/views/themes/material/Security/login.html.twig
View file

@ -54,7 +54,7 @@
</form>
</div>
<div class="center">
<a href="{{ path('forgot_password') }}">{% trans %}Forgot your password?{% endtrans %}</a>
<a href="{{ path('fos_user_resetting_request') }}">{% trans %}Forgot your password?{% endtrans %}</a>
</div>
</div>
</main>

3
src/Wallabag/CoreBundle/Resources/views/themes/material/layout.html.twig
View file

@ -46,8 +46,7 @@
<li class="bold border-bottom {% if currentRoute == 'tags' %}active{% endif %}"><a class="waves-effect" href="{{ path('tag') }}">{% trans %}tags{% endtrans %}</a></li>
<li class="bold {% if currentRoute == 'config' %}active{% endif %}"><a class="waves-effect" href="{{ path('config') }}">{% trans %}config{% endtrans %}</a></li>
<li class="bold {% if currentRoute == 'howto' %}active{% endif %}"><a class="waves-effect" href="{{ path('howto') }}">{% trans %}howto{% endtrans %}</a></li>
<li class="bold border-bottom {% if currentRoute == 'about' %}active{% endif %}"><a class="waves-effect" href="{{ path('about') }}">{% trans %}About{% endtrans %}</a></li>
<li class="bold"><a class="waves-effect" class="icon icon-power" href="{{ path('logout') }}" title="{% trans %}logout{% endtrans %}">{% trans %}logout{% endtrans %}</a></li>
<li class="bold"><a class="waves-effect" class="icon icon-power" href="{{ path('fos_user_security_logout') }}" title="{% trans %}logout{% endtrans %}">{% trans %}logout{% endtrans %}</a></li>
</ul>
<div class="nav-wrapper nav-panels">
<a href="#" data-activates="slide-out" class="nav-panel-menu button-collapse"><i class="mdi-navigation-menu"></i></a>

87
src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php
View file

@ -1,87 +0,0 @@
<?php
namespace Wallabag\CoreBundle\Security\Authentication\Encoder;
use Symfony\Component\Security\Core\Encoder\BasePasswordEncoder;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
/**
* This override just add en extra variable (username) to be able to salt the password
* the way Wallabag v1 does. It will avoid to break compatibility with Wallabag v1.
*/
class WallabagPasswordEncoder extends BasePasswordEncoder
{
private $algorithm;
private $encodeHashAsBase64;
private $iterations;
private $username = null;
/**
* Constructor.
*
* @param string $algorithm The digest algorithm to use
* @param bool $encodeHashAsBase64 Whether to base64 encode the password hash
* @param int $iterations The number of iterations to use to stretch the password hash
*/
public function __construct($algorithm = 'sha512', $encodeHashAsBase64 = true, $iterations = 5000)
{
$this->algorithm = $algorithm;
$this->encodeHashAsBase64 = $encodeHashAsBase64;
$this->iterations = $iterations;
}
public function setUsername($username)
{
$this->username = $username;
}
/**
* {@inheritdoc}
*/
public function encodePassword($raw, $salt)
{
if ($this->isPasswordTooLong($raw)) {
throw new BadCredentialsException('Invalid password.');
}
if (!in_array($this->algorithm, hash_algos(), true)) {
throw new \LogicException(sprintf('The algorithm "%s" is not supported.', $this->algorithm));
}
$salted = $this->mergePasswordAndSalt($raw, $salt);
$digest = hash($this->algorithm, $salted, true);
// "stretch" hash
for ($i = 1; $i < $this->iterations; ++$i) {
$digest = hash($this->algorithm, $digest.$salted, true);
}
return $this->encodeHashAsBase64 ? base64_encode($digest) : bin2hex($digest);
}
/**
* {@inheritdoc}
*
* We inject the username inside the salted password
*/
protected function mergePasswordAndSalt($password, $salt)
{
if (null === $this->username) {
throw new \LogicException('We can not check the password without a username.');
}
if (empty($salt)) {
return $password;
}
return $password.$this->username.$salt;
}
/**
* {@inheritdoc}
*/
public function isPasswordValid($encoded, $raw, $salt)
{
return !$this->isPasswordTooLong($raw) && $this->comparePasswords($encoded, $this->encodePassword($raw, $salt));
}
}

89
src/Wallabag/CoreBundle/Security/Authentication/Provider/WallabagAuthenticationProvider.php
View file

@ -1,89 +0,0 @@
<?php
namespace Wallabag\CoreBundle\Security\Authentication\Provider;
use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\Exception\AuthenticationServiceException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Core\Authentication\Provider\UserAuthenticationProvider;
class WallabagAuthenticationProvider extends UserAuthenticationProvider
{
private $encoderFactory;
private $userProvider;
/**
* Constructor.
*
* @param UserProviderInterface $userProvider An UserProviderInterface instance
* @param UserCheckerInterface $userChecker An UserCheckerInterface instance
* @param string $providerKey The provider key
* @param EncoderFactoryInterface $encoderFactory An EncoderFactoryInterface instance
* @param bool $hideUserNotFoundExceptions Whether to hide user not found exception or not
*/
public function __construct(UserProviderInterface $userProvider, UserCheckerInterface $userChecker, $providerKey, EncoderFactoryInterface $encoderFactory, $hideUserNotFoundExceptions = true)
{
parent::__construct($userChecker, $providerKey, $hideUserNotFoundExceptions);
$this->encoderFactory = $encoderFactory;
$this->userProvider = $userProvider;
}
/**
* {@inheritdoc}
*/
protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
{
$currentUser = $token->getUser();
if ($currentUser instanceof UserInterface) {
if ($currentUser->getPassword() !== $user->getPassword()) {
throw new BadCredentialsException('The credentials were changed from another session.');
}
} else {
if ('' === ($presentedPassword = $token->getCredentials())) {
throw new BadCredentialsException('The presented password cannot be empty.');
}
// give username, it's used to hash the password
$encoder = $this->encoderFactory->getEncoder($user);
$encoder->setUsername($user->getUsername());
if (!$encoder->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) {
throw new BadCredentialsException('The presented password is invalid.');
}
}
}
/**
* {@inheritdoc}
*/
protected function retrieveUser($username, UsernamePasswordToken $token)
{
$user = $token->getUser();
if ($user instanceof UserInterface) {
return $user;
}
try {
$user = $this->userProvider->loadUserByUsername($username);
if (!$user instanceof UserInterface) {
throw new AuthenticationServiceException('The user provider must return a UserInterface object.');
}
return $user;
} catch (UsernameNotFoundException $notFound) {
$notFound->setUsername($username);
throw $notFound;
} catch (\Exception $repositoryProblem) {
$ex = new AuthenticationServiceException($repositoryProblem->getMessage(), 0, $repositoryProblem);
$ex->setToken($token);
throw $ex;
}
}
}

51
src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php
View file

@ -1,51 +0,0 @@
<?php
namespace Wallabag\CoreBundle\Security\Validator;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
use Symfony\Component\Validator\Constraint;
use Symfony\Component\Validator\ConstraintValidator;
use Symfony\Component\Validator\Exception\ConstraintDefinitionException;
use Symfony\Component\Validator\Exception\UnexpectedTypeException;
use Symfony\Component\Security\Core\Validator\Constraints\UserPassword;
/**
* @see Symfony\Component\Security\Core\Validator\Constraints\UserPasswordValidator
*/
class WallabagUserPasswordValidator extends ConstraintValidator
{
private $securityContext;
private $encoderFactory;
public function __construct(TokenStorageInterface $tokenStorage, EncoderFactoryInterface $encoderFactory)
{
$this->tokenStorage = $tokenStorage;
$this->encoderFactory = $encoderFactory;
}
/**
* {@inheritdoc}
*/
public function validate($password, Constraint $constraint)
{
if (!$constraint instanceof UserPassword) {
throw new UnexpectedTypeException($constraint, __NAMESPACE__.'\UserPassword');
}
$user = $this->tokenStorage->getToken()->getUser();
if (!$user instanceof UserInterface) {
throw new ConstraintDefinitionException('The User object must implement the UserInterface interface.');
}
// give username, it's used to hash the password
$encoder = $this->encoderFactory->getEncoder($user);
$encoder->setUsername($user->getUsername());
if (!$encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) {
$this->context->addViolation($constraint->message);
}
}
}

4
src/Wallabag/CoreBundle/Tests/Controller/ConfigControllerTest.php
View file

@ -354,7 +354,7 @@ class ConfigControllerTest extends WallabagCoreTestCase
$em = $client->getContainer()->get('doctrine.orm.entity_manager');
$user = $em
->getRepository('WallabagCoreBundle:User')
->getRepository('WallabagUserBundle:User')
->findOneByUsername('wallace');
$this->assertTrue(false !== $user);
@ -369,7 +369,7 @@ class ConfigControllerTest extends WallabagCoreTestCase
// reset the token
$em = $client->getContainer()->get('doctrine.orm.entity_manager');
$user = $em
->getRepository('WallabagCoreBundle:User')
->getRepository('WallabagUserBundle:User')
->findOneByUsername('admin');
if (!$user) {

6
src/Wallabag/CoreBundle/Tests/Controller/RssControllerTest.php
View file

@ -64,7 +64,7 @@ class RssControllerTest extends WallabagCoreTestCase
$client = $this->getClient();
$em = $client->getContainer()->get('doctrine.orm.entity_manager');
$user = $em
->getRepository('WallabagCoreBundle:User')
->getRepository('WallabagUserBundle:User')
->findOneByUsername('admin');
$config = $user->getConfig();
@ -85,7 +85,7 @@ class RssControllerTest extends WallabagCoreTestCase
$client = $this->getClient();
$em = $client->getContainer()->get('doctrine.orm.entity_manager');
$user = $em
->getRepository('WallabagCoreBundle:User')
->getRepository('WallabagUserBundle:User')
->findOneByUsername('admin');
$config = $user->getConfig();
@ -107,7 +107,7 @@ class RssControllerTest extends WallabagCoreTestCase
$client = $this->getClient();
$em = $client->getContainer()->get('doctrine.orm.entity_manager');
$user = $em
->getRepository('WallabagCoreBundle:User')
->getRepository('WallabagUserBundle:User')
->findOneByUsername('admin');
$config = $user->getConfig();

319
src/Wallabag/CoreBundle/Tests/Controller/SecurityControllerTest.php
View file

@ -1,319 +0,0 @@
<?php
namespace Wallabag\CoreBundle\Tests\Controller;
use Symfony\Component\Filesystem\Filesystem;
use Symfony\Component\Finder\Finder;
use Wallabag\CoreBundle\Tests\WallabagCoreTestCase;
class SecurityControllerTest extends WallabagCoreTestCase
{
public function testRegister()
{
$client = $this->getClient();
$crawler = $client->request('GET', '/register/');
$this->assertEquals(200, $client->getResponse()->getStatusCode());
$this->assertContains('Register', $client->getResponse()->getContent());
}
public function dataForCreateAccountFailed()
{
return array(
array(
array(
'fos_user_registration_form[email]' => '',
'fos_user_registration_form[username]' => 'newuser',
'fos_user_registration_form[plainPassword][first]' => 'mypassword',
'fos_user_registration_form[plainPassword][second]' => 'mypassword',
),
'Please enter an email',
),
array(
array(
'fos_user_registration_form[email]' => 'newuser@wallabag.org',
'fos_user_registration_form[username]' => 'admin',
'fos_user_registration_form[plainPassword][first]' => 'mypassword',
'fos_user_registration_form[plainPassword][second]' => 'mypassword',
),
'The username is already used',
),
array(
array(
'fos_user_registration_form[email]' => 'newuser@wallabag.org',
'fos_user_registration_form[username]' => 'newuser',
'fos_user_registration_form[plainPassword][first]' => 'mypassword1',
'fos_user_registration_form[plainPassword][second]' => 'mypassword2',
),
'The entered passwords don&#039;t match',
),
);
}
/**
* @dataProvider dataForCreateAccountFailed
*/
public function testCreateAccountFailed($data, $expectedMessage)
{
$client = $this->getClient();
$crawler = $client->request('GET', '/register/');
$form = $crawler->filter('input[type=submit]')->form();
$client->submit($form, $data);
$this->assertEquals(200, $client->getResponse()->getStatusCode());
$this->assertContains($expectedMessage, $client->getResponse()->getContent());
}
public function dataForCreateAccountSuccess()
{
return array(
array(
array(
'fos_user_registration_form[email]' => 'newuser@wallabag.org',
'fos_user_registration_form[username]' => 'newuser',
'fos_user_registration_form[plainPassword][first]' => 'mypassword',
'fos_user_registration_form[plainPassword][second]' => 'mypassword',
),
),
);
}
/**
* @dataProvider dataForCreateAccountSuccess
*/
public function testCreateAccountSuccess($data)
{
$client = $this->getClient();
$crawler = $client->request('GET', '/register/');
$form = $crawler->filter('input[type=submit]')->form();
$client->submit($form, $data);
$this->assertEquals(302, $client->getResponse()->getStatusCode());
$crawler = $client->followRedirect();
$this->assertContains('The user has been created successfully', $client->getResponse()->getContent());
}
public function testRegistrationConfirmation()
{
$client = $this->getClient();
$client->followRedirects();
$user = $client->getContainer()
->get('doctrine.orm.entity_manager')
->getRepository('WallabagCoreBundle:User')
->findOneByUsername('newuser');
$this->assertNull($user->getConfig());
$client->request('GET', '/register/confirm/b4dT0k3n');
$this->assertEquals(404, $client->getResponse()->getStatusCode());
$crawler = $client->request('GET', '/register/confirm/'.$user->getConfirmationToken());
$this->assertEquals(200, $client->getResponse()->getStatusCode());
$user = $client->getContainer()
->get('doctrine.orm.entity_manager')
->getRepository('WallabagCoreBundle:User')
->findOneByUsername('newuser');
$this->assertNotNull($user->getConfig());
}
public function testLogin()
{
$client = $this->getClient();
$crawler = $client->request('GET', '/new');
$this->assertEquals(302, $client->getResponse()->getStatusCode());
$this->assertContains('login', $client->getResponse()->headers->get('location'));
}
public function testLoginFail()
{
$client = $this->getClient();
$crawler = $client->request('GET', '/login');
$form = $crawler->filter('button[type=submit]')->form();
$data = array(
'_username' => 'admin',
'_password' => 'admin',
);
$client->submit($form, $data);
$this->assertEquals(302, $client->getResponse()->getStatusCode());
$this->assertContains('login', $client->getResponse()->headers->get('location'));
$crawler = $client->followRedirect();
$this->assertContains('Bad credentials', $client->getResponse()->getContent());
}
public function testRedirectionAfterLogin()
{
$client = $this->getClient();
$client->followRedirects();
$crawler = $client->request('GET', '/config');
$form = $crawler->filter('button[type=submit]')->form();
$data = array(
'_username' => 'admin',
'_password' => 'mypassword',
);
$client->submit($form, $data);
$this->assertContains('RSS', $client->getResponse()->getContent());
}
public function testForgotPassword()
{
$client = $this->getClient();
$crawler = $client->request('GET', '/forgot-password');
$this->assertEquals(200, $client->getResponse()->getStatusCode());
$this->assertContains('Forgot password', $client->getResponse()->getContent());
$form = $crawler->filter('button[type=submit]');
$this->assertCount(1, $form);
return array(
'form' => $form->form(),
'client' => $client,
);
}
/**
* @depends testForgotPassword
*/
public function testSubmitForgotPasswordFail($parameters)
{
$form = $parameters['form'];
$client = $parameters['client'];
$data = array(
'forgot_password[email]' => 'material',
);
$client->submit($form, $data);
$this->assertEquals(200, $client->getResponse()->getStatusCode());
$this->assertContains('No user found with this email', $client->getResponse()->getContent());
}
/**
* @depends testForgotPassword
*
* Instead of using collector which slow down the test suite
* http://symfony.com/doc/current/cookbook/email/testing.html
*
* Use a different way where Swift store email as file
*/
public function testSubmitForgotPassword($parameters)
{
$form = $parameters['form'];
$client = $parameters['client'];
$spoolDir = $client->getKernel()->getContainer()->getParameter('swiftmailer.spool.default.file.path');
// cleanup pool dir
$filesystem = new Filesystem();
$filesystem->remove($spoolDir);
// to use `getCollector` since `collect: false` in config_test.yml
$client->enableProfiler();
$data = array(
'forgot_password[email]' => 'bobby@wallabag.org',
);
$client->submit($form, $data);
$this->assertEquals(302, $client->getResponse()->getStatusCode());
$crawler = $client->followRedirect();
$this->assertContains('An email has been sent to', $client->getResponse()->getContent());
// find every files (ie: emails) inside the spool dir except hidden files
$finder = new Finder();
$finder
->in($spoolDir)
->ignoreDotFiles(true)
->files();
$this->assertCount(1, $finder, 'Only one email has been sent');
foreach ($finder as $file) {
$message = unserialize(file_get_contents($file));
$this->assertInstanceOf('Swift_Message', $message);
$this->assertEquals('Reset Password', $message->getSubject());
$this->assertEquals('no-reply@wallabag.org', key($message->getFrom()));
$this->assertEquals('bobby@wallabag.org', key($message->getTo()));
$this->assertContains(
'To reset your password - please visit',
$message->getBody()
);
}
}
public function testReset()
{
$client = $this->getClient();
$user = $client->getContainer()
->get('doctrine.orm.entity_manager')
->getRepository('WallabagCoreBundle:User')
->findOneByEmail('bobby@wallabag.org');
$crawler = $client->request('GET', '/forgot-password/'.$user->getConfirmationToken());
$this->assertEquals(200, $client->getResponse()->getStatusCode());
$this->assertCount(2, $crawler->filter('input[type=password]'));
$this->assertCount(1, $form = $crawler->filter('button[type=submit]'));
$this->assertCount(1, $form);
$data = array(
'change_passwd[new_password][first]' => 'mypassword',
'change_passwd[new_password][second]' => 'mypassword',
);
$client->submit($form->form(), $data);
$this->assertEquals(302, $client->getResponse()->getStatusCode());
$this->assertContains('login', $client->getResponse()->headers->get('location'));
}
public function testResetBadToken()
{
$client = $this->getClient();
$client->request('GET', '/forgot-password/UIZOAU29UE902IEPZO');
$this->assertEquals(404, $client->getResponse()->getStatusCode());
}
public function testCheckEmailWithoutEmail()
{
$client = $this->getClient();
$client->request('GET', '/forgot-password/check-email');
$this->assertEquals(302, $client->getResponse()->getStatusCode());
$this->assertContains('forgot-password', $client->getResponse()->headers->get('location'));
}
}

2
src/Wallabag/CoreBundle/Tests/Helper/ContentProxyTest.php
View file

@ -4,7 +4,7 @@ namespace Wallabag\CoreBundle\Tests\Helper;
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
use Wallabag\CoreBundle\Entity\Entry;
use Wallabag\CoreBundle\Entity\User;
use Wallabag\UserBundle\Entity\User;
use Wallabag\CoreBundle\Helper\ContentProxy;
class ContentProxyTest extends KernelTestCase

26
src/Wallabag/CoreBundle/Tests/ParamConverter/UsernameRssTokenConverterTest.php
View file

@ -6,7 +6,7 @@ use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
use Wallabag\CoreBundle\ParamConverter\UsernameRssTokenConverter;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
use Symfony\Component\HttpFoundation\Request;
use Wallabag\CoreBundle\Entity\User;
use Wallabag\UserBundle\Entity\User;
class UsernameRssTokenConverterTest extends KernelTestCase
{
@ -96,7 +96,7 @@ class UsernameRssTokenConverterTest extends KernelTestCase
$meta->expects($this->once())
->method('getName')
->will($this->returnValue('Wallabag\CoreBundle\Entity\User'));
->will($this->returnValue('Wallabag\UserBundle\Entity\User'));
$em = $this->getMockBuilder('Doctrine\Common\Persistence\ObjectManager')
->disableOriginalConstructor()
@ -104,7 +104,7 @@ class UsernameRssTokenConverterTest extends KernelTestCase
$em->expects($this->once())
->method('getClassMetadata')
->with('WallabagCoreBundle:User')
->with('WallabagUserBundle:User')
->will($this->returnValue($meta));
$registry = $this->getMockBuilder('Doctrine\Common\Persistence\ManagerRegistry')
@ -117,10 +117,10 @@ class UsernameRssTokenConverterTest extends KernelTestCase
$registry->expects($this->once())
->method('getManagerForClass')
->with('WallabagCoreBundle:User')
->with('WallabagUserBundle:User')
->will($this->returnValue($em));
$params = new ParamConverter(array('class' => 'WallabagCoreBundle:User'));
$params = new ParamConverter(array('class' => 'WallabagUserBundle:User'));
$converter = new UsernameRssTokenConverter($registry);
$this->assertTrue($converter->supports($params));
@ -144,7 +144,7 @@ class UsernameRssTokenConverterTest extends KernelTestCase
*/
public function testApplyUserNotFound()
{
$repo = $this->getMockBuilder('Wallabag\CoreBundle\Repository\UserRepository')
$repo = $this->getMockBuilder('Wallabag\UserBundle\Repository\UserRepository')
->disableOriginalConstructor()
->getMock();
@ -159,7 +159,7 @@ class UsernameRssTokenConverterTest extends KernelTestCase
$em->expects($this->once())
->method('getRepository')
->with('WallabagCoreBundle:User')
->with('WallabagUserBundle:User')
->will($this->returnValue($repo));
$registry = $this->getMockBuilder('Doctrine\Common\Persistence\ManagerRegistry')
@ -168,10 +168,10 @@ class UsernameRssTokenConverterTest extends KernelTestCase
$registry->expects($this->once())
->method('getManagerForClass')
->with('WallabagCoreBundle:User')
->with('WallabagUserBundle:User')
->will($this->returnValue($em));
$params = new ParamConverter(array('class' => 'WallabagCoreBundle:User'));
$params = new ParamConverter(array('class' => 'WallabagUserBundle:User'));
$converter = new UsernameRssTokenConverter($registry);
$request = new Request(array(), array(), array('username' => 'test', 'token' => 'test'));
@ -182,7 +182,7 @@ class UsernameRssTokenConverterTest extends KernelTestCase
{
$user = new User();
$repo = $this->getMockBuilder('Wallabag\CoreBundle\Repository\UserRepository')
$repo = $this->getMockBuilder('Wallabag\UserBundle\Repository\UserRepository')
->disableOriginalConstructor()
->getMock();
@ -197,7 +197,7 @@ class UsernameRssTokenConverterTest extends KernelTestCase
$em->expects($this->once())
->method('getRepository')
->with('WallabagCoreBundle:User')
->with('WallabagUserBundle:User')
->will($this->returnValue($repo));
$registry = $this->getMockBuilder('Doctrine\Common\Persistence\ManagerRegistry')
@ -206,10 +206,10 @@ class UsernameRssTokenConverterTest extends KernelTestCase
$registry->expects($this->once())
->method('getManagerForClass')
->with('WallabagCoreBundle:User')
->with('WallabagUserBundle:User')
->will($this->returnValue($em));
$params = new ParamConverter(array('class' => 'WallabagCoreBundle:User', 'name' => 'user'));
$params = new ParamConverter(array('class' => 'WallabagUserBundle:User', 'name' => 'user'));
$converter = new UsernameRssTokenConverter($registry);
$request = new Request(array(), array(), array('username' => 'test', 'token' => 'test'));

2
src/Wallabag/CoreBundle/Tests/WallabagCoreTestCase.php
View file

@ -21,7 +21,7 @@ abstract class WallabagCoreTestCase extends WebTestCase
public function logInAs($username)
{
$crawler = $this->client->request('GET', '/login');
$form = $crawler->filter('button[type=submit]')->form();
$form = $crawler->filter('input[type=submit]')->form();
$data = array(
'_username' => $username,
'_password' => 'mypassword',

19
src/Wallabag/CoreBundle/Entity/User.php → src/Wallabag/UserBundle/Entity/User.php
View file

@ -1,6 +1,6 @@
<?php
namespace Wallabag\CoreBundle\Entity;
namespace Wallabag\UserBundle\Entity;
use Doctrine\Common\Collections\ArrayCollection;
use Doctrine\ORM\Mapping as ORM;
@ -9,11 +9,14 @@ use Symfony\Component\Security\Core\User\UserInterface;
use JMS\Serializer\Annotation\ExclusionPolicy;
use JMS\Serializer\Annotation\Expose;
use FOS\UserBundle\Model\User as BaseUser;
use Wallabag\CoreBundle\Entity\Config;
use Wallabag\CoreBundle\Entity\Entry;
use Wallabag\CoreBundle\Entity\Tag;
/**
* User.
*
* @ORM\Entity(repositoryClass="Wallabag\CoreBundle\Repository\UserRepository")
* @ORM\Entity(repositoryClass="Wallabag\UserBundle\Repository\UserRepository")
* @ORM\Table
* @ORM\HasLifecycleCallbacks()
* @ExclusionPolicy("all")
@ -55,17 +58,17 @@ class User extends BaseUser
protected $updatedAt;
/**
* @ORM\OneToMany(targetEntity="Entry", mappedBy="user", cascade={"remove"})
* @ORM\OneToMany(targetEntity="Wallabag\CoreBundle\Entity\Entry", mappedBy="user", cascade={"remove"})
*/
protected $entries;
/**
* @ORM\OneToOne(targetEntity="Config", mappedBy="user")
* @ORM\OneToOne(targetEntity="Wallabag\CoreBundle\Entity\Config", mappedBy="user")
*/
protected $config;
/**
* @ORM\OneToMany(targetEntity="Tag", mappedBy="user", cascade={"remove"})
* @ORM\OneToMany(targetEntity="Wallabag\CoreBundle\Entity\Tag", mappedBy="user", cascade={"remove"})
*/
protected $tags;
@ -178,11 +181,11 @@ class User extends BaseUser
/**
* Set config.
*
* @param \Wallabag\CoreBundle\Entity\Config $config
* @param Config $config
*
* @return User
*/
public function setConfig(\Wallabag\CoreBundle\Entity\Config $config = null)
public function setConfig(Config $config = null)
{
$this->config = $config;
@ -192,7 +195,7 @@ class User extends BaseUser
/**
* Get config.
*
* @return \Wallabag\CoreBundle\Entity\Config
* @return Config
*/
public function getConfig()
{

2
src/Wallabag/CoreBundle/Repository/UserRepository.php → src/Wallabag/UserBundle/Repository/UserRepository.php
View file

@ -1,6 +1,6 @@
<?php
namespace Wallabag\CoreBundle\Repository;
namespace Wallabag\UserBundle\Repository;
use Doctrine\ORM\EntityRepository;

0
src/Wallabag/UserBundle/Resources/config/services.yml Normal file
View file

1
src/Wallabag/UserBundle/Resources/views/Default/index.html.twig Normal file
View file

@ -0,0 +1 @@
Hello {{ name }}!

9
src/Wallabag/UserBundle/WallabagUserBundle.php Normal file
View file

@ -0,0 +1,9 @@
<?php
namespace Wallabag\UserBundle;
use Symfony\Component\HttpKernel\Bundle\Bundle;
class WallabagUserBundle extends Bundle
{
}