diff --git a/app/config/routing.yml b/app/config/routing.yml
index 8e04a0c81..426dcdcfe 100644
--- a/app/config/routing.yml
+++ b/app/config/routing.yml
@@ -10,6 +10,14 @@ doc-api:
resource: "@NelmioApiDocBundle/Resources/config/routing.yml"
prefix: /api/doc
+login:
+ pattern: /login
+ defaults: { _controller: WallabagCoreBundle:Security:login }
+login_check:
+ pattern: /login_check
+logout:
+ path: /logout
+
#wallabag_api:
# resource: "@WallabagApiBundle/Controller/"
# type: annotation
diff --git a/app/config/security.yml b/app/config/security.yml
index a28b1db99..f4fefe2e4 100644
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -1,52 +1,58 @@
-# you can read more about security in the related section of the documentation
-# http://symfony.com/doc/current/book/security.html
security:
- # http://symfony.com/doc/current/book/security.html#encoding-the-user-s-password
encoders:
- Symfony\Component\Security\Core\User\User: plaintext
+ Wallabag\CoreBundle\Entity\Users:
+ algorithm: sha1
+ encode_as_base64: false
+ iterations: 1
- # http://symfony.com/doc/current/book/security.html#hierarchical-roles
role_hierarchy:
ROLE_ADMIN: ROLE_USER
- ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
+ ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
- # http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
- in_memory:
- memory:
- users:
- user: { password: userpass, roles: [ 'ROLE_USER' ] }
- admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
+ administrators:
+ entity: { class: WallabagCoreBundle:Users, property: username }
# the main part of the security, where you can set up firewalls
# for specific sections of your app
firewalls:
- # disables authentication for assets and the profiler, adapt it according to your needs
- dev:
- pattern: ^/(_(profiler|wdt)|css|images|js)/
- security: false
- # the login page has to be accessible for everybody
- demo_login:
- pattern: ^/demo/secured/login$
- security: false
+ #wsse_secured:
+ # pattern: /api/.*
+ # wsse: true
+ login_firewall:
+ pattern: ^/login$
+ anonymous: ~
- # secures part of the application
- demo_secured_area:
- pattern: ^/demo/secured/
- # it's important to notice that in this case _demo_security_check and _demo_login
- # are route names and that they are specified in the AcmeDemoBundle
+ secured_area:
+ pattern: ^/
+ anonymous: ~
form_login:
- check_path: _demo_security_check
- login_path: _demo_login
- logout:
- path: _demo_logout
- target: _demo
- #anonymous: ~
- #http_basic:
- # realm: "Secured Demo Area"
+ login_path: /login
+
+ use_forward: false
+
+ check_path: /login_check
+
+ post_only: true
+
+ always_use_default_target_path: true
+ default_target_path: /
+ target_path_parameter: redirect_url
+ use_referer: true
+
+ failure_path: null
+ failure_forward: false
+
+ username_parameter: _username
+ password_parameter: _password
+
+ csrf_parameter: _csrf_token
+ intention: authenticate
+
+ logout:
+ path: /logout
+ target: /
- # with these settings you can restrict or allow access for different parts
- # of your application based on roles, ip, host or methods
- # http://symfony.com/doc/current/cookbook/security/access_control.html
access_control:
- #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
\ No newline at end of file
+ - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+ - { path: ^/, roles: ROLE_USER }
diff --git a/src/Wallabag/CoreBundle/Controller/SecurityController.php b/src/Wallabag/CoreBundle/Controller/SecurityController.php
new file mode 100644
index 000000000..51f9cc265
--- /dev/null
+++ b/src/Wallabag/CoreBundle/Controller/SecurityController.php
@@ -0,0 +1,27 @@
+getSession();
+ // get the login error if there is one
+ if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
+ $error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
+ } else {
+ $error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
+ $session->remove(SecurityContext::AUTHENTICATION_ERROR);
+ }
+ return $this->render('WallabagCoreBundle:Security:login.html.twig', array(
+ // last username entered by the user
+ 'last_username' => $session->get(SecurityContext::LAST_USERNAME),
+ 'error' => $error,
+ ));
+ }
+}
\ No newline at end of file
diff --git a/src/Wallabag/CoreBundle/Controller/WallabagRestController.php b/src/Wallabag/CoreBundle/Controller/WallabagRestController.php
index a6c0db37a..8e018e88b 100644
--- a/src/Wallabag/CoreBundle/Controller/WallabagRestController.php
+++ b/src/Wallabag/CoreBundle/Controller/WallabagRestController.php
@@ -82,17 +82,18 @@ class WallabagRestController extends Controller
*/
public function postEntriesAction(Request $request)
{
- //TODO la récup ne marche
+ //TODO la récup ne marche pas
//TODO gérer si on passe le titre
//TODO gérer si on passe les tags
//TODO ne pas avoir du code comme ça qui doit se trouver dans le Repository
+ $url = $request->request->get('url');
+
+ $content = Extractor::extract($url);
$entry = new Entries();
$entry->setUserId(1);
- $content = Extractor::extract($request->request->get('url'));
-
+ $entry->setUrl($url);
$entry->setTitle($content->getTitle());
$entry->setContent($content->getBody());
-
$em = $this->getDoctrine()->getManager();
$em->persist($entry);
$em->flush();
diff --git a/src/Wallabag/CoreBundle/DependencyInjection/Security/Factory/WsseFactory.php b/src/Wallabag/CoreBundle/DependencyInjection/Security/Factory/WsseFactory.php
new file mode 100644
index 000000000..9807fe9af
--- /dev/null
+++ b/src/Wallabag/CoreBundle/DependencyInjection/Security/Factory/WsseFactory.php
@@ -0,0 +1,40 @@
+setDefinition($providerId, new DefinitionDecorator('wsse.security.authentication.provider'))
+ ->replaceArgument(0, new Reference($userProvider))
+ ;
+
+ $listenerId = 'security.authentication.listener.wsse.'.$id;
+ $listener = $container->setDefinition($listenerId, new DefinitionDecorator('wsse.security.authentication.listener'));
+
+ return array($providerId, $listenerId, $defaultEntryPoint);
+ }
+
+ public function getPosition()
+ {
+ return 'pre_auth';
+ }
+
+ public function getKey()
+ {
+ return 'wsse';
+ }
+
+ public function addConfiguration(NodeDefinition $node)
+ {
+ }
+}
\ No newline at end of file
diff --git a/src/Wallabag/CoreBundle/Entity/Entries.php b/src/Wallabag/CoreBundle/Entity/Entries.php
index 712ff1262..3c061a37b 100644
--- a/src/Wallabag/CoreBundle/Entity/Entries.php
+++ b/src/Wallabag/CoreBundle/Entity/Entries.php
@@ -10,6 +10,7 @@ use Symfony\Component\Validator\Constraints as Assert;
*
* @ORM\Entity(repositoryClass="Wallabag\CoreBundle\Repository\EntriesRepository")
* @ORM\Table(name="entries")
+ *
*/
class Entries
{
diff --git a/src/Wallabag/CoreBundle/Entity/Users.php b/src/Wallabag/CoreBundle/Entity/Users.php
index 3db4a3fd9..96867bd61 100644
--- a/src/Wallabag/CoreBundle/Entity/Users.php
+++ b/src/Wallabag/CoreBundle/Entity/Users.php
@@ -3,6 +3,9 @@
namespace Wallabag\CoreBundle\Entity;
use Doctrine\ORM\Mapping as ORM;
+use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Security\Core\User\EquatableInterface;
+use Symfony\Component\Security\Core\User\AdvancedUserInterface;
/**
* Users
@@ -10,7 +13,7 @@ use Doctrine\ORM\Mapping as ORM;
* @ORM\Table(name="users")
* @ORM\Entity
*/
-class Users
+class Users implements AdvancedUserInterface, \Serializable
{
/**
* @var integer
@@ -28,6 +31,11 @@ class Users
*/
private $username;
+ /**
+ * @ORM\Column(type="string", length=32)
+ */
+ private $salt;
+
/**
* @var string
*
@@ -49,7 +57,16 @@ class Users
*/
private $email;
+ /**
+ * @ORM\Column(name="is_active", type="boolean")
+ */
+ private $isActive;
+ public function __construct()
+ {
+ $this->isActive = true;
+ $this->salt = md5(uniqid(null, true));
+ }
/**
* Get id
@@ -84,6 +101,22 @@ class Users
return $this->username;
}
+ /**
+ * @inheritDoc
+ */
+ public function getSalt()
+ {
+ return $this->salt;
+ }
+
+ /**
+ * @inheritDoc
+ */
+ public function getRoles()
+ {
+ return array('ROLE_USER');
+ }
+
/**
* Set password
*
@@ -152,4 +185,56 @@ class Users
{
return $this->email;
}
+
+ /**
+ * @inheritDoc
+ */
+ public function eraseCredentials()
+ {
+ }
+
+ /**
+ * @see \Serializable::serialize()
+ */
+ public function serialize()
+ {
+ return serialize(array(
+ $this->id,
+ ));
+ }
+
+ /**
+ * @see \Serializable::unserialize()
+ */
+ public function unserialize($serialized)
+ {
+ list (
+ $this->id,
+ ) = unserialize($serialized);
+ }
+
+ public function isEqualTo(UserInterface $user)
+ {
+ return $this->username === $user->getUsername();
+ }
+
+ public function isAccountNonExpired()
+ {
+ return true;
+ }
+
+ public function isAccountNonLocked()
+ {
+ return true;
+ }
+
+ public function isCredentialsNonExpired()
+ {
+ return true;
+ }
+
+ public function isEnabled()
+ {
+ return $this->isActive;
+ }
}
diff --git a/src/Wallabag/CoreBundle/Helper/Entries.php b/src/Wallabag/CoreBundle/Helper/Entries.php
new file mode 100644
index 000000000..a54c3a74d
--- /dev/null
+++ b/src/Wallabag/CoreBundle/Helper/Entries.php
@@ -0,0 +1,10 @@
+createQueryBuilder('e')
->select('e')
->where('e.isFav =:isStarred')->setParameter('isStarred', $isStarred)
diff --git a/src/Wallabag/CoreBundle/Resources/config/services.xml b/src/Wallabag/CoreBundle/Resources/config/services.xml
index 02308e6aa..d5bc5cca5 100644
--- a/src/Wallabag/CoreBundle/Resources/config/services.xml
+++ b/src/Wallabag/CoreBundle/Resources/config/services.xml
@@ -5,13 +5,25 @@
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">