diff --git a/app/AppKernel.php b/app/AppKernel.php index 6f8c3a6d6..6315fcde9 100644 --- a/app/AppKernel.php +++ b/app/AppKernel.php @@ -27,6 +27,7 @@ class AppKernel extends Kernel new Bazinga\Bundle\HateoasBundle\BazingaHateoasBundle(), new Lexik\Bundle\FormFilterBundle\LexikFormFilterBundle(), new FOS\OAuthServerBundle\FOSOAuthServerBundle(), + new Wallabag\UserBundle\WallabagUserBundle(), ); if (in_array($this->getEnvironment(), array('dev', 'test'))) { diff --git a/app/config/config.yml b/app/config/config.yml index 3c63ded3e..a4d18c6d8 100644 --- a/app/config/config.yml +++ b/app/config/config.yml @@ -158,7 +158,7 @@ liip_theme: fos_user: db_driver: orm firewall_name: main - user_class: Wallabag\CoreBundle\Entity\User + user_class: Wallabag\UserBundle\Entity\User registration: form: type: wallabag_user_registration diff --git a/app/config/routing.yml b/app/config/routing.yml index dabb48fa7..5fa28fba8 100644 --- a/app/config/routing.yml +++ b/app/config/routing.yml @@ -1,3 +1,8 @@ +wallabag_user: + resource: "@WallabagUserBundle/Controller/" + type: annotation + prefix: / + wallabag_api: resource: "@WallabagApiBundle/Resources/config/routing.yml" prefix: / @@ -10,15 +15,15 @@ doc-api: resource: "@NelmioApiDocBundle/Resources/config/routing.yml" prefix: /api/doc -login: - pattern: /login - defaults: { _controller: WallabagCoreBundle:Security:login } - -login_check: - pattern: /login_check - -logout: - path: /logout +#login: +# pattern: /login +# defaults: { _controller: WallabagCoreBundle:Security:login } +# +#login_check: +# pattern: /login_check +# +#logout: +# path: /logout rest : type : rest diff --git a/app/config/security.yml b/app/config/security.yml index 79a07c48e..d7d8c12b1 100644 --- a/app/config/security.yml +++ b/app/config/security.yml @@ -8,7 +8,7 @@ security: providers: administrators: - entity: { class: WallabagCoreBundle:User, property: username } + entity: { class: WallabagUserBundle:User, property: username } fos_userbundle: id: fos_user.user_provider.username @@ -49,6 +49,6 @@ security: - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } - - { path: ^/forgot-password, roles: IS_AUTHENTICATED_ANONYMOUSLY } + - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: /(unread|starred|archive).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/, roles: ROLE_USER } diff --git a/config/deploy.rb b/config/deploy.rb index be18ce5af..c2562965b 100644 --- a/config/deploy.rb +++ b/config/deploy.rb @@ -4,8 +4,8 @@ lock '3.4.0' set :application, 'wallabag' set :repo_url, 'git@github.com:wallabag/wallabag.git' -set :ssh_user, 'ssh_user' -server 'server_ip', user: fetch(:ssh_user), roles: %w{web app db} +set :ssh_user, 'framasoft_bag' +server '78.46.248.87', user: fetch(:ssh_user), roles: %w{web app db} set :scm, :git diff --git a/config/deploy/staging.rb b/config/deploy/staging.rb index d67d7247d..ccd05b4d9 100644 --- a/config/deploy/staging.rb +++ b/config/deploy/staging.rb @@ -1,2 +1,2 @@ set :branch, 'v2' -set :deploy_to, '/var/www/' +set :deploy_to, '/var/www/v2.wallabag.org/web/' diff --git a/src/Wallabag/ApiBundle/Entity/AccessToken.php b/src/Wallabag/ApiBundle/Entity/AccessToken.php index d6cf0af5d..b1f4e7de2 100644 --- a/src/Wallabag/ApiBundle/Entity/AccessToken.php +++ b/src/Wallabag/ApiBundle/Entity/AccessToken.php @@ -25,7 +25,7 @@ class AccessToken extends BaseAccessToken protected $client; /** - * @ORM\ManyToOne(targetEntity="Wallabag\CoreBundle\Entity\User") + * @ORM\ManyToOne(targetEntity="Wallabag\UserBundle\Entity\User") */ protected $user; } diff --git a/src/Wallabag/ApiBundle/Entity/AuthCode.php b/src/Wallabag/ApiBundle/Entity/AuthCode.php index 7873d97d9..81398158b 100644 --- a/src/Wallabag/ApiBundle/Entity/AuthCode.php +++ b/src/Wallabag/ApiBundle/Entity/AuthCode.php @@ -25,7 +25,7 @@ class AuthCode extends BaseAuthCode protected $client; /** - * @ORM\ManyToOne(targetEntity="Wallabag\CoreBundle\Entity\User") + * @ORM\ManyToOne(targetEntity="Wallabag\UserBundle\Entity\User") */ protected $user; } diff --git a/src/Wallabag/ApiBundle/Entity/RefreshToken.php b/src/Wallabag/ApiBundle/Entity/RefreshToken.php index 74c564b77..be2c1d2e9 100644 --- a/src/Wallabag/ApiBundle/Entity/RefreshToken.php +++ b/src/Wallabag/ApiBundle/Entity/RefreshToken.php @@ -25,7 +25,7 @@ class RefreshToken extends BaseRefreshToken protected $client; /** - * @ORM\ManyToOne(targetEntity="Wallabag\CoreBundle\Entity\User") + * @ORM\ManyToOne(targetEntity="Wallabag\UserBundle\Entity\User") */ protected $user; } diff --git a/src/Wallabag/CoreBundle/Command/InstallCommand.php b/src/Wallabag/CoreBundle/Command/InstallCommand.php index 1bd76ae36..140fdf9e3 100644 --- a/src/Wallabag/CoreBundle/Command/InstallCommand.php +++ b/src/Wallabag/CoreBundle/Command/InstallCommand.php @@ -8,7 +8,7 @@ use Symfony\Component\Console\Input\InputOption; use Symfony\Component\Console\Input\ArrayInput; use Symfony\Component\Console\Output\OutputInterface; use Symfony\Component\Console\Output\NullOutput; -use Wallabag\CoreBundle\Entity\User; +use Wallabag\UserBundle\Entity\User; use Wallabag\CoreBundle\Entity\Config; class InstallCommand extends ContainerAwareCommand diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index 27c323b71..ecfecc66d 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php @@ -7,7 +7,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\Controller; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\JsonResponse; use Wallabag\CoreBundle\Entity\Config; -use Wallabag\CoreBundle\Entity\User; +use Wallabag\UserBundle\Entity\User; use Wallabag\CoreBundle\Form\Type\ChangePasswordType; use Wallabag\CoreBundle\Form\Type\UserInformationType; use Wallabag\CoreBundle\Form\Type\NewUserType; diff --git a/src/Wallabag/CoreBundle/Controller/RssController.php b/src/Wallabag/CoreBundle/Controller/RssController.php index 6121f3614..023a6228e 100644 --- a/src/Wallabag/CoreBundle/Controller/RssController.php +++ b/src/Wallabag/CoreBundle/Controller/RssController.php @@ -5,7 +5,7 @@ namespace Wallabag\CoreBundle\Controller; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route; use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter; use Symfony\Bundle\FrameworkBundle\Controller\Controller; -use Wallabag\CoreBundle\Entity\User; +use Wallabag\UserBundle\Entity\User; use Wallabag\CoreBundle\Entity\Entry; use Pagerfanta\Adapter\DoctrineORMAdapter; use Pagerfanta\Pagerfanta; @@ -16,7 +16,7 @@ class RssController extends Controller * Shows unread entries for current user. * * @Route("/{username}/{token}/unread.xml", name="unread_rss", defaults={"_format"="xml"}) - * @ParamConverter("user", class="WallabagCoreBundle:User", converter="username_rsstoken_converter") + * @ParamConverter("user", class="WallabagUserBundle:User", converter="username_rsstoken_converter") * * @return \Symfony\Component\HttpFoundation\Response */ @@ -29,7 +29,7 @@ class RssController extends Controller * Shows read entries for current user. * * @Route("/{username}/{token}/archive.xml", name="archive_rss") - * @ParamConverter("user", class="WallabagCoreBundle:User", converter="username_rsstoken_converter") + * @ParamConverter("user", class="WallabagUserBundle:User", converter="username_rsstoken_converter") * * @return \Symfony\Component\HttpFoundation\Response */ @@ -42,7 +42,7 @@ class RssController extends Controller * Shows starred entries for current user. * * @Route("/{username}/{token}/starred.xml", name="starred_rss") - * @ParamConverter("user", class="WallabagCoreBundle:User", converter="username_rsstoken_converter") + * @ParamConverter("user", class="WallabagUserBundle:User", converter="username_rsstoken_converter") * * @return \Symfony\Component\HttpFoundation\Response */ diff --git a/src/Wallabag/CoreBundle/Controller/SecurityController.php b/src/Wallabag/CoreBundle/Controller/SecurityController.php deleted file mode 100644 index f0a7ab6d8..000000000 --- a/src/Wallabag/CoreBundle/Controller/SecurityController.php +++ /dev/null @@ -1,153 +0,0 @@ -getSession(); - // get the login error if there is one - if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) { - $error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR); - } else { - $error = $session->get(SecurityContext::AUTHENTICATION_ERROR); - $session->remove(SecurityContext::AUTHENTICATION_ERROR); - } - - return $this->render('WallabagCoreBundle:Security:login.html.twig', array( - // last username entered by the user - 'last_username' => $session->get(SecurityContext::LAST_USERNAME), - 'error' => $error, - )); - } - - /** - * Request forgot password: show form. - * - * @Route("/forgot-password", name="forgot_password") - * - * @Method({"GET", "POST"}) - */ - public function forgotPasswordAction(Request $request) - { - $form = $this->createForm('forgot_password'); - $form->handleRequest($request); - - if ($form->isValid()) { - $user = $this->getDoctrine()->getRepository('WallabagCoreBundle:User')->findOneByEmail($form->get('email')->getData()); - - // generate "hard" token - $user->setConfirmationToken(rtrim(strtr(base64_encode(hash('sha256', uniqid(mt_rand(), true), true)), '+/', '-_'), '=')); - $user->setPasswordRequestedAt(new \DateTime()); - - $em = $this->getDoctrine()->getManager(); - $em->persist($user); - $em->flush(); - - $message = \Swift_Message::newInstance() - ->setSubject('Reset Password') - ->setFrom($this->container->getParameter('from_email')) - ->setTo($user->getEmail()) - ->setBody($this->renderView('WallabagCoreBundle:Mail:forgotPassword.txt.twig', array( - 'username' => $user->getUsername(), - 'confirmationUrl' => $this->generateUrl('forgot_password_reset', array('token' => $user->getConfirmationToken()), true), - ))) - ; - $this->get('mailer')->send($message); - - return $this->redirect($this->generateUrl('forgot_password_check_email', - array('email' => $this->getObfuscatedEmail($user->getEmail())) - )); - } - - return $this->render('WallabagCoreBundle:Security:forgotPassword.html.twig', array( - 'form' => $form->createView(), - )); - } - - /** - * Tell the user to check his email provider. - * - * @Route("/forgot-password/check-email", name="forgot_password_check_email") - * - * @Method({"GET"}) - */ - public function checkEmailAction(Request $request) - { - $email = $request->query->get('email'); - - if (empty($email)) { - // the user does not come from the forgotPassword action - return $this->redirect($this->generateUrl('forgot_password')); - } - - return $this->render('WallabagCoreBundle:Security:checkEmail.html.twig', array( - 'email' => $email, - )); - } - - /** - * Reset user password. - * - * @Route("/forgot-password/{token}", name="forgot_password_reset") - * - * @Method({"GET", "POST"}) - */ - public function resetAction(Request $request, $token) - { - $user = $this->getDoctrine()->getRepository('WallabagCoreBundle:User')->findOneByConfirmationToken($token); - - if (null === $user) { - throw $this->createNotFoundException(sprintf('No user found with token "%s"', $token)); - } - - $form = $this->createForm(new ResetPasswordType()); - $form->handleRequest($request); - - if ($form->isValid()) { - $user->setPassword($form->get('new_password')->getData()); - - $em = $this->getDoctrine()->getManager(); - $em->persist($user); - $em->flush(); - - $this->get('session')->getFlashBag()->add( - 'notice', - 'The password has been reset successfully' - ); - - return $this->redirect($this->generateUrl('login')); - } - - return $this->render('WallabagCoreBundle:Security:reset.html.twig', array( - 'token' => $token, - 'form' => $form->createView(), - )); - } - - /** - * Get the truncated email displayed when requesting the resetting. - * - * Keeping only the part following @ in the address. - * - * @param string $email - * - * @return string - */ - protected function getObfuscatedEmail($email) - { - if (false !== $pos = strpos($email, '@')) { - $email = '...'.substr($email, $pos); - } - - return $email; - } -} diff --git a/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadUserData.php b/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadUserData.php index 811451da7..d48855da7 100644 --- a/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadUserData.php +++ b/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadUserData.php @@ -1,11 +1,11 @@ user = $user; } @@ -169,11 +169,11 @@ class Config /** * Set user. * - * @param \Wallabag\CoreBundle\Entity\User $user + * @param User $user * * @return Config */ - public function setUser(\Wallabag\CoreBundle\Entity\User $user = null) + public function setUser(User $user = null) { $this->user = $user; @@ -183,7 +183,7 @@ class Config /** * Get user. * - * @return \Wallabag\CoreBundle\Entity\User + * @return User */ public function getUser() { diff --git a/src/Wallabag/CoreBundle/Entity/Entry.php b/src/Wallabag/CoreBundle/Entity/Entry.php index 9e81ba125..f6206a09f 100644 --- a/src/Wallabag/CoreBundle/Entity/Entry.php +++ b/src/Wallabag/CoreBundle/Entity/Entry.php @@ -7,6 +7,7 @@ use Doctrine\ORM\Mapping as ORM; use Symfony\Component\Validator\Constraints as Assert; use Hateoas\Configuration\Annotation as Hateoas; use JMS\Serializer\Annotation\XmlRoot; +use Wallabag\UserBundle\Entity\User; /** * Entry. @@ -129,7 +130,7 @@ class Entry private $isPublic; /** - * @ORM\ManyToOne(targetEntity="User", inversedBy="entries") + * @ORM\ManyToOne(targetEntity="Wallabag\UserBundle\Entity\User", inversedBy="entries") */ private $user; @@ -142,7 +143,7 @@ class Entry /* * @param User $user */ - public function __construct(User $user) + public function __construct(Wallabag\UserBundle\Entity\User $user) { $this->user = $user; $this->tags = new ArrayCollection(); diff --git a/src/Wallabag/CoreBundle/Entity/Tag.php b/src/Wallabag/CoreBundle/Entity/Tag.php index 97c4579f7..6067360f9 100644 --- a/src/Wallabag/CoreBundle/Entity/Tag.php +++ b/src/Wallabag/CoreBundle/Entity/Tag.php @@ -42,7 +42,7 @@ class Tag private $entries; /** - * @ORM\ManyToOne(targetEntity="User", inversedBy="tags") + * @ORM\ManyToOne(targetEntity="Wallabag\UserBundle\Entity\User", inversedBy="tags") */ private $user; diff --git a/src/Wallabag/CoreBundle/Filter/EntryFilterType.php b/src/Wallabag/CoreBundle/Filter/EntryFilterType.php index 2e6d6ff76..32de21ca8 100644 --- a/src/Wallabag/CoreBundle/Filter/EntryFilterType.php +++ b/src/Wallabag/CoreBundle/Filter/EntryFilterType.php @@ -7,7 +7,7 @@ use Symfony\Component\Form\FormBuilderInterface; use Symfony\Component\OptionsResolver\OptionsResolver; use Lexik\Bundle\FormFilterBundle\Filter\Query\QueryInterface; use Doctrine\ORM\EntityRepository; -use Wallabag\CoreBundle\Entity\User; +use Wallabag\UserBundle\Entity\User; class EntryFilterType extends AbstractType { diff --git a/src/Wallabag/CoreBundle/Form/Type/ForgotPasswordType.php b/src/Wallabag/CoreBundle/Form/Type/ForgotPasswordType.php index 9e95eb47a..5614d8b25 100644 --- a/src/Wallabag/CoreBundle/Form/Type/ForgotPasswordType.php +++ b/src/Wallabag/CoreBundle/Form/Type/ForgotPasswordType.php @@ -39,7 +39,7 @@ class ForgotPasswordType extends AbstractType public function validateEmail($email, ExecutionContextInterface $context) { $user = $this->doctrine - ->getRepository('WallabagCoreBundle:User') + ->getRepository('WallabagUserBundle:User') ->findOneByEmail($email); if (!$user) { diff --git a/src/Wallabag/CoreBundle/Form/Type/NewUserType.php b/src/Wallabag/CoreBundle/Form/Type/NewUserType.php index ea7bb7aef..8aabc8bbb 100644 --- a/src/Wallabag/CoreBundle/Form/Type/NewUserType.php +++ b/src/Wallabag/CoreBundle/Form/Type/NewUserType.php @@ -31,7 +31,7 @@ class NewUserType extends AbstractType public function configureOptions(OptionsResolver $resolver) { $resolver->setDefaults(array( - 'data_class' => 'Wallabag\CoreBundle\Entity\User', + 'data_class' => 'Wallabag\UserBundle\Entity\User', )); } diff --git a/src/Wallabag/CoreBundle/Form/Type/UserInformationType.php b/src/Wallabag/CoreBundle/Form/Type/UserInformationType.php index e3196d9cc..84f020131 100644 --- a/src/Wallabag/CoreBundle/Form/Type/UserInformationType.php +++ b/src/Wallabag/CoreBundle/Form/Type/UserInformationType.php @@ -27,7 +27,7 @@ class UserInformationType extends AbstractType public function configureOptions(OptionsResolver $resolver) { $resolver->setDefaults(array( - 'data_class' => 'Wallabag\CoreBundle\Entity\User', + 'data_class' => 'Wallabag\UserBundle\Entity\User', )); } diff --git a/src/Wallabag/CoreBundle/Helper/DetectActiveTheme.php b/src/Wallabag/CoreBundle/Helper/DetectActiveTheme.php index 446629db2..679186c08 100644 --- a/src/Wallabag/CoreBundle/Helper/DetectActiveTheme.php +++ b/src/Wallabag/CoreBundle/Helper/DetectActiveTheme.php @@ -4,7 +4,7 @@ namespace Wallabag\CoreBundle\Helper; use Liip\ThemeBundle\Helper\DeviceDetectionInterface; use Symfony\Component\Security\Core\SecurityContextInterface; -use Wallabag\CoreBundle\Entity\User; +use Wallabag\UserBundle\Entity\User; /** * This class intend to detect the active theme for the logged in user. diff --git a/src/Wallabag/CoreBundle/ParamConverter/UsernameRssTokenConverter.php b/src/Wallabag/CoreBundle/ParamConverter/UsernameRssTokenConverter.php index 2771cf116..f7faa2c13 100644 --- a/src/Wallabag/CoreBundle/ParamConverter/UsernameRssTokenConverter.php +++ b/src/Wallabag/CoreBundle/ParamConverter/UsernameRssTokenConverter.php @@ -7,7 +7,7 @@ use Doctrine\Common\Persistence\ManagerRegistry; use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; -use Wallabag\CoreBundle\Entity\User; +use Wallabag\UserBundle\Entity\User; /** * ParamConverter used in the RSS controller to retrieve the right user according to @@ -49,7 +49,7 @@ class UsernameRssTokenConverter implements ParamConverterInterface $em = $this->registry->getManagerForClass($configuration->getClass()); // Check, if class name is what we need - if ('Wallabag\CoreBundle\Entity\User' !== $em->getClassMetadata($configuration->getClass())->getName()) { + if ('Wallabag\UserBundle\Entity\User' !== $em->getClassMetadata($configuration->getClass())->getName()) { return false; } diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/baggy/layout.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/layout.html.twig index 3d573eaa7..de4ed2e78 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/baggy/layout.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/layout.html.twig @@ -52,7 +52,7 @@
  • {% trans %}config{% endtrans %}
  • {% trans %}about{% endtrans %}
    • -
  • {% trans %}logout{% endtrans %}
    • +
  • {% trans %}logout{% endtrans %}
    • {% endblock %} diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/Security/login.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/Security/login.html.twig index 10f380fe3..b0da42ce5 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/material/Security/login.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/Security/login.html.twig @@ -54,7 +54,7 @@
    - {% trans %}Forgot your password?{% endtrans %} + {% trans %}Forgot your password?{% endtrans %}
    diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/layout.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/layout.html.twig index 10dede8ae..36e276f96 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/material/layout.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/layout.html.twig @@ -46,8 +46,7 @@
  • {% trans %}tags{% endtrans %}
  • {% trans %}config{% endtrans %}
  • {% trans %}howto{% endtrans %}
    • -
  • {% trans %}About{% endtrans %}
    • -
  • {% trans %}logout{% endtrans %}
    • +
  • {% trans %}logout{% endtrans %}
    • diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php b/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php deleted file mode 100644 index 98b4e86b2..000000000 --- a/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php +++ /dev/null @@ -1,87 +0,0 @@ -algorithm = $algorithm; - $this->encodeHashAsBase64 = $encodeHashAsBase64; - $this->iterations = $iterations; - } - - public function setUsername($username) - { - $this->username = $username; - } - - /** - * {@inheritdoc} - */ - public function encodePassword($raw, $salt) - { - if ($this->isPasswordTooLong($raw)) { - throw new BadCredentialsException('Invalid password.'); - } - - if (!in_array($this->algorithm, hash_algos(), true)) { - throw new \LogicException(sprintf('The algorithm "%s" is not supported.', $this->algorithm)); - } - - $salted = $this->mergePasswordAndSalt($raw, $salt); - $digest = hash($this->algorithm, $salted, true); - - // "stretch" hash - for ($i = 1; $i < $this->iterations; ++$i) { - $digest = hash($this->algorithm, $digest.$salted, true); - } - - return $this->encodeHashAsBase64 ? base64_encode($digest) : bin2hex($digest); - } - - /** - * {@inheritdoc} - * - * We inject the username inside the salted password - */ - protected function mergePasswordAndSalt($password, $salt) - { - if (null === $this->username) { - throw new \LogicException('We can not check the password without a username.'); - } - - if (empty($salt)) { - return $password; - } - - return $password.$this->username.$salt; - } - - /** - * {@inheritdoc} - */ - public function isPasswordValid($encoded, $raw, $salt) - { - return !$this->isPasswordTooLong($raw) && $this->comparePasswords($encoded, $this->encodePassword($raw, $salt)); - } -} diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WallabagAuthenticationProvider.php b/src/Wallabag/CoreBundle/Security/Authentication/Provider/WallabagAuthenticationProvider.php deleted file mode 100644 index cf3cb0511..000000000 --- a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WallabagAuthenticationProvider.php +++ /dev/null @@ -1,89 +0,0 @@ -encoderFactory = $encoderFactory; - $this->userProvider = $userProvider; - } - - /** - * {@inheritdoc} - */ - protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token) - { - $currentUser = $token->getUser(); - if ($currentUser instanceof UserInterface) { - if ($currentUser->getPassword() !== $user->getPassword()) { - throw new BadCredentialsException('The credentials were changed from another session.'); - } - } else { - if ('' === ($presentedPassword = $token->getCredentials())) { - throw new BadCredentialsException('The presented password cannot be empty.'); - } - - // give username, it's used to hash the password - $encoder = $this->encoderFactory->getEncoder($user); - $encoder->setUsername($user->getUsername()); - - if (!$encoder->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) { - throw new BadCredentialsException('The presented password is invalid.'); - } - } - } - - /** - * {@inheritdoc} - */ - protected function retrieveUser($username, UsernamePasswordToken $token) - { - $user = $token->getUser(); - if ($user instanceof UserInterface) { - return $user; - } - - try { - $user = $this->userProvider->loadUserByUsername($username); - - if (!$user instanceof UserInterface) { - throw new AuthenticationServiceException('The user provider must return a UserInterface object.'); - } - - return $user; - } catch (UsernameNotFoundException $notFound) { - $notFound->setUsername($username); - throw $notFound; - } catch (\Exception $repositoryProblem) { - $ex = new AuthenticationServiceException($repositoryProblem->getMessage(), 0, $repositoryProblem); - $ex->setToken($token); - throw $ex; - } - } -} diff --git a/src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php b/src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php deleted file mode 100644 index 520627737..000000000 --- a/src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php +++ /dev/null @@ -1,51 +0,0 @@ -tokenStorage = $tokenStorage; - $this->encoderFactory = $encoderFactory; - } - - /** - * {@inheritdoc} - */ - public function validate($password, Constraint $constraint) - { - if (!$constraint instanceof UserPassword) { - throw new UnexpectedTypeException($constraint, __NAMESPACE__.'\UserPassword'); - } - - $user = $this->tokenStorage->getToken()->getUser(); - - if (!$user instanceof UserInterface) { - throw new ConstraintDefinitionException('The User object must implement the UserInterface interface.'); - } - - // give username, it's used to hash the password - $encoder = $this->encoderFactory->getEncoder($user); - $encoder->setUsername($user->getUsername()); - - if (!$encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) { - $this->context->addViolation($constraint->message); - } - } -} diff --git a/src/Wallabag/CoreBundle/Tests/Controller/ConfigControllerTest.php b/src/Wallabag/CoreBundle/Tests/Controller/ConfigControllerTest.php index 708a07b16..3da5e8b73 100644 --- a/src/Wallabag/CoreBundle/Tests/Controller/ConfigControllerTest.php +++ b/src/Wallabag/CoreBundle/Tests/Controller/ConfigControllerTest.php @@ -354,7 +354,7 @@ class ConfigControllerTest extends WallabagCoreTestCase $em = $client->getContainer()->get('doctrine.orm.entity_manager'); $user = $em - ->getRepository('WallabagCoreBundle:User') + ->getRepository('WallabagUserBundle:User') ->findOneByUsername('wallace'); $this->assertTrue(false !== $user); @@ -369,7 +369,7 @@ class ConfigControllerTest extends WallabagCoreTestCase // reset the token $em = $client->getContainer()->get('doctrine.orm.entity_manager'); $user = $em - ->getRepository('WallabagCoreBundle:User') + ->getRepository('WallabagUserBundle:User') ->findOneByUsername('admin'); if (!$user) { diff --git a/src/Wallabag/CoreBundle/Tests/Controller/RssControllerTest.php b/src/Wallabag/CoreBundle/Tests/Controller/RssControllerTest.php index b7c162a77..45a74c43d 100644 --- a/src/Wallabag/CoreBundle/Tests/Controller/RssControllerTest.php +++ b/src/Wallabag/CoreBundle/Tests/Controller/RssControllerTest.php @@ -64,7 +64,7 @@ class RssControllerTest extends WallabagCoreTestCase $client = $this->getClient(); $em = $client->getContainer()->get('doctrine.orm.entity_manager'); $user = $em - ->getRepository('WallabagCoreBundle:User') + ->getRepository('WallabagUserBundle:User') ->findOneByUsername('admin'); $config = $user->getConfig(); @@ -85,7 +85,7 @@ class RssControllerTest extends WallabagCoreTestCase $client = $this->getClient(); $em = $client->getContainer()->get('doctrine.orm.entity_manager'); $user = $em - ->getRepository('WallabagCoreBundle:User') + ->getRepository('WallabagUserBundle:User') ->findOneByUsername('admin'); $config = $user->getConfig(); @@ -107,7 +107,7 @@ class RssControllerTest extends WallabagCoreTestCase $client = $this->getClient(); $em = $client->getContainer()->get('doctrine.orm.entity_manager'); $user = $em - ->getRepository('WallabagCoreBundle:User') + ->getRepository('WallabagUserBundle:User') ->findOneByUsername('admin'); $config = $user->getConfig(); diff --git a/src/Wallabag/CoreBundle/Tests/Controller/SecurityControllerTest.php b/src/Wallabag/CoreBundle/Tests/Controller/SecurityControllerTest.php deleted file mode 100644 index 7af9d5c45..000000000 --- a/src/Wallabag/CoreBundle/Tests/Controller/SecurityControllerTest.php +++ /dev/null @@ -1,319 +0,0 @@ -getClient(); - - $crawler = $client->request('GET', '/register/'); - - $this->assertEquals(200, $client->getResponse()->getStatusCode()); - $this->assertContains('Register', $client->getResponse()->getContent()); - } - - public function dataForCreateAccountFailed() - { - return array( - array( - array( - 'fos_user_registration_form[email]' => '', - 'fos_user_registration_form[username]' => 'newuser', - 'fos_user_registration_form[plainPassword][first]' => 'mypassword', - 'fos_user_registration_form[plainPassword][second]' => 'mypassword', - ), - 'Please enter an email', - ), - array( - array( - 'fos_user_registration_form[email]' => 'newuser@wallabag.org', - 'fos_user_registration_form[username]' => 'admin', - 'fos_user_registration_form[plainPassword][first]' => 'mypassword', - 'fos_user_registration_form[plainPassword][second]' => 'mypassword', - ), - 'The username is already used', - ), - array( - array( - 'fos_user_registration_form[email]' => 'newuser@wallabag.org', - 'fos_user_registration_form[username]' => 'newuser', - 'fos_user_registration_form[plainPassword][first]' => 'mypassword1', - 'fos_user_registration_form[plainPassword][second]' => 'mypassword2', - ), - 'The entered passwords don't match', - ), - ); - } - - /** - * @dataProvider dataForCreateAccountFailed - */ - public function testCreateAccountFailed($data, $expectedMessage) - { - $client = $this->getClient(); - - $crawler = $client->request('GET', '/register/'); - - $form = $crawler->filter('input[type=submit]')->form(); - - $client->submit($form, $data); - - $this->assertEquals(200, $client->getResponse()->getStatusCode()); - $this->assertContains($expectedMessage, $client->getResponse()->getContent()); - } - - public function dataForCreateAccountSuccess() - { - return array( - array( - array( - 'fos_user_registration_form[email]' => 'newuser@wallabag.org', - 'fos_user_registration_form[username]' => 'newuser', - 'fos_user_registration_form[plainPassword][first]' => 'mypassword', - 'fos_user_registration_form[plainPassword][second]' => 'mypassword', - ), - ), - ); - } - - /** - * @dataProvider dataForCreateAccountSuccess - */ - public function testCreateAccountSuccess($data) - { - $client = $this->getClient(); - - $crawler = $client->request('GET', '/register/'); - - $form = $crawler->filter('input[type=submit]')->form(); - - $client->submit($form, $data); - $this->assertEquals(302, $client->getResponse()->getStatusCode()); - - $crawler = $client->followRedirect(); - - $this->assertContains('The user has been created successfully', $client->getResponse()->getContent()); - } - - public function testRegistrationConfirmation() - { - $client = $this->getClient(); - $client->followRedirects(); - - $user = $client->getContainer() - ->get('doctrine.orm.entity_manager') - ->getRepository('WallabagCoreBundle:User') - ->findOneByUsername('newuser'); - - $this->assertNull($user->getConfig()); - - $client->request('GET', '/register/confirm/b4dT0k3n'); - $this->assertEquals(404, $client->getResponse()->getStatusCode()); - - $crawler = $client->request('GET', '/register/confirm/'.$user->getConfirmationToken()); - $this->assertEquals(200, $client->getResponse()->getStatusCode()); - - $user = $client->getContainer() - ->get('doctrine.orm.entity_manager') - ->getRepository('WallabagCoreBundle:User') - ->findOneByUsername('newuser'); - $this->assertNotNull($user->getConfig()); - } - - public function testLogin() - { - $client = $this->getClient(); - - $crawler = $client->request('GET', '/new'); - - $this->assertEquals(302, $client->getResponse()->getStatusCode()); - $this->assertContains('login', $client->getResponse()->headers->get('location')); - } - - public function testLoginFail() - { - $client = $this->getClient(); - - $crawler = $client->request('GET', '/login'); - - $form = $crawler->filter('button[type=submit]')->form(); - $data = array( - '_username' => 'admin', - '_password' => 'admin', - ); - - $client->submit($form, $data); - - $this->assertEquals(302, $client->getResponse()->getStatusCode()); - $this->assertContains('login', $client->getResponse()->headers->get('location')); - - $crawler = $client->followRedirect(); - - $this->assertContains('Bad credentials', $client->getResponse()->getContent()); - } - - public function testRedirectionAfterLogin() - { - $client = $this->getClient(); - $client->followRedirects(); - - $crawler = $client->request('GET', '/config'); - - $form = $crawler->filter('button[type=submit]')->form(); - - $data = array( - '_username' => 'admin', - '_password' => 'mypassword', - ); - - $client->submit($form, $data); - - $this->assertContains('RSS', $client->getResponse()->getContent()); - } - - public function testForgotPassword() - { - $client = $this->getClient(); - - $crawler = $client->request('GET', '/forgot-password'); - - $this->assertEquals(200, $client->getResponse()->getStatusCode()); - - $this->assertContains('Forgot password', $client->getResponse()->getContent()); - - $form = $crawler->filter('button[type=submit]'); - - $this->assertCount(1, $form); - - return array( - 'form' => $form->form(), - 'client' => $client, - ); - } - - /** - * @depends testForgotPassword - */ - public function testSubmitForgotPasswordFail($parameters) - { - $form = $parameters['form']; - $client = $parameters['client']; - - $data = array( - 'forgot_password[email]' => 'material', - ); - - $client->submit($form, $data); - - $this->assertEquals(200, $client->getResponse()->getStatusCode()); - $this->assertContains('No user found with this email', $client->getResponse()->getContent()); - } - - /** - * @depends testForgotPassword - * - * Instead of using collector which slow down the test suite - * http://symfony.com/doc/current/cookbook/email/testing.html - * - * Use a different way where Swift store email as file - */ - public function testSubmitForgotPassword($parameters) - { - $form = $parameters['form']; - $client = $parameters['client']; - - $spoolDir = $client->getKernel()->getContainer()->getParameter('swiftmailer.spool.default.file.path'); - - // cleanup pool dir - $filesystem = new Filesystem(); - $filesystem->remove($spoolDir); - - // to use `getCollector` since `collect: false` in config_test.yml - $client->enableProfiler(); - - $data = array( - 'forgot_password[email]' => 'bobby@wallabag.org', - ); - - $client->submit($form, $data); - - $this->assertEquals(302, $client->getResponse()->getStatusCode()); - - $crawler = $client->followRedirect(); - - $this->assertContains('An email has been sent to', $client->getResponse()->getContent()); - - // find every files (ie: emails) inside the spool dir except hidden files - $finder = new Finder(); - $finder - ->in($spoolDir) - ->ignoreDotFiles(true) - ->files(); - - $this->assertCount(1, $finder, 'Only one email has been sent'); - - foreach ($finder as $file) { - $message = unserialize(file_get_contents($file)); - - $this->assertInstanceOf('Swift_Message', $message); - $this->assertEquals('Reset Password', $message->getSubject()); - $this->assertEquals('no-reply@wallabag.org', key($message->getFrom())); - $this->assertEquals('bobby@wallabag.org', key($message->getTo())); - $this->assertContains( - 'To reset your password - please visit', - $message->getBody() - ); - } - } - - public function testReset() - { - $client = $this->getClient(); - $user = $client->getContainer() - ->get('doctrine.orm.entity_manager') - ->getRepository('WallabagCoreBundle:User') - ->findOneByEmail('bobby@wallabag.org'); - - $crawler = $client->request('GET', '/forgot-password/'.$user->getConfirmationToken()); - - $this->assertEquals(200, $client->getResponse()->getStatusCode()); - $this->assertCount(2, $crawler->filter('input[type=password]')); - $this->assertCount(1, $form = $crawler->filter('button[type=submit]')); - $this->assertCount(1, $form); - - $data = array( - 'change_passwd[new_password][first]' => 'mypassword', - 'change_passwd[new_password][second]' => 'mypassword', - ); - - $client->submit($form->form(), $data); - - $this->assertEquals(302, $client->getResponse()->getStatusCode()); - $this->assertContains('login', $client->getResponse()->headers->get('location')); - } - - public function testResetBadToken() - { - $client = $this->getClient(); - - $client->request('GET', '/forgot-password/UIZOAU29UE902IEPZO'); - - $this->assertEquals(404, $client->getResponse()->getStatusCode()); - } - - public function testCheckEmailWithoutEmail() - { - $client = $this->getClient(); - - $client->request('GET', '/forgot-password/check-email'); - - $this->assertEquals(302, $client->getResponse()->getStatusCode()); - $this->assertContains('forgot-password', $client->getResponse()->headers->get('location')); - } -} diff --git a/src/Wallabag/CoreBundle/Tests/Helper/ContentProxyTest.php b/src/Wallabag/CoreBundle/Tests/Helper/ContentProxyTest.php index 0d3383894..1d0d40628 100644 --- a/src/Wallabag/CoreBundle/Tests/Helper/ContentProxyTest.php +++ b/src/Wallabag/CoreBundle/Tests/Helper/ContentProxyTest.php @@ -4,7 +4,7 @@ namespace Wallabag\CoreBundle\Tests\Helper; use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase; use Wallabag\CoreBundle\Entity\Entry; -use Wallabag\CoreBundle\Entity\User; +use Wallabag\UserBundle\Entity\User; use Wallabag\CoreBundle\Helper\ContentProxy; class ContentProxyTest extends KernelTestCase diff --git a/src/Wallabag/CoreBundle/Tests/ParamConverter/UsernameRssTokenConverterTest.php b/src/Wallabag/CoreBundle/Tests/ParamConverter/UsernameRssTokenConverterTest.php index ebb550b57..e28dc4bae 100644 --- a/src/Wallabag/CoreBundle/Tests/ParamConverter/UsernameRssTokenConverterTest.php +++ b/src/Wallabag/CoreBundle/Tests/ParamConverter/UsernameRssTokenConverterTest.php @@ -6,7 +6,7 @@ use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase; use Wallabag\CoreBundle\ParamConverter\UsernameRssTokenConverter; use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter; use Symfony\Component\HttpFoundation\Request; -use Wallabag\CoreBundle\Entity\User; +use Wallabag\UserBundle\Entity\User; class UsernameRssTokenConverterTest extends KernelTestCase { @@ -96,7 +96,7 @@ class UsernameRssTokenConverterTest extends KernelTestCase $meta->expects($this->once()) ->method('getName') - ->will($this->returnValue('Wallabag\CoreBundle\Entity\User')); + ->will($this->returnValue('Wallabag\UserBundle\Entity\User')); $em = $this->getMockBuilder('Doctrine\Common\Persistence\ObjectManager') ->disableOriginalConstructor() @@ -104,7 +104,7 @@ class UsernameRssTokenConverterTest extends KernelTestCase $em->expects($this->once()) ->method('getClassMetadata') - ->with('WallabagCoreBundle:User') + ->with('WallabagUserBundle:User') ->will($this->returnValue($meta)); $registry = $this->getMockBuilder('Doctrine\Common\Persistence\ManagerRegistry') @@ -117,10 +117,10 @@ class UsernameRssTokenConverterTest extends KernelTestCase $registry->expects($this->once()) ->method('getManagerForClass') - ->with('WallabagCoreBundle:User') + ->with('WallabagUserBundle:User') ->will($this->returnValue($em)); - $params = new ParamConverter(array('class' => 'WallabagCoreBundle:User')); + $params = new ParamConverter(array('class' => 'WallabagUserBundle:User')); $converter = new UsernameRssTokenConverter($registry); $this->assertTrue($converter->supports($params)); @@ -144,7 +144,7 @@ class UsernameRssTokenConverterTest extends KernelTestCase */ public function testApplyUserNotFound() { - $repo = $this->getMockBuilder('Wallabag\CoreBundle\Repository\UserRepository') + $repo = $this->getMockBuilder('Wallabag\UserBundle\Repository\UserRepository') ->disableOriginalConstructor() ->getMock(); @@ -159,7 +159,7 @@ class UsernameRssTokenConverterTest extends KernelTestCase $em->expects($this->once()) ->method('getRepository') - ->with('WallabagCoreBundle:User') + ->with('WallabagUserBundle:User') ->will($this->returnValue($repo)); $registry = $this->getMockBuilder('Doctrine\Common\Persistence\ManagerRegistry') @@ -168,10 +168,10 @@ class UsernameRssTokenConverterTest extends KernelTestCase $registry->expects($this->once()) ->method('getManagerForClass') - ->with('WallabagCoreBundle:User') + ->with('WallabagUserBundle:User') ->will($this->returnValue($em)); - $params = new ParamConverter(array('class' => 'WallabagCoreBundle:User')); + $params = new ParamConverter(array('class' => 'WallabagUserBundle:User')); $converter = new UsernameRssTokenConverter($registry); $request = new Request(array(), array(), array('username' => 'test', 'token' => 'test')); @@ -182,7 +182,7 @@ class UsernameRssTokenConverterTest extends KernelTestCase { $user = new User(); - $repo = $this->getMockBuilder('Wallabag\CoreBundle\Repository\UserRepository') + $repo = $this->getMockBuilder('Wallabag\UserBundle\Repository\UserRepository') ->disableOriginalConstructor() ->getMock(); @@ -197,7 +197,7 @@ class UsernameRssTokenConverterTest extends KernelTestCase $em->expects($this->once()) ->method('getRepository') - ->with('WallabagCoreBundle:User') + ->with('WallabagUserBundle:User') ->will($this->returnValue($repo)); $registry = $this->getMockBuilder('Doctrine\Common\Persistence\ManagerRegistry') @@ -206,10 +206,10 @@ class UsernameRssTokenConverterTest extends KernelTestCase $registry->expects($this->once()) ->method('getManagerForClass') - ->with('WallabagCoreBundle:User') + ->with('WallabagUserBundle:User') ->will($this->returnValue($em)); - $params = new ParamConverter(array('class' => 'WallabagCoreBundle:User', 'name' => 'user')); + $params = new ParamConverter(array('class' => 'WallabagUserBundle:User', 'name' => 'user')); $converter = new UsernameRssTokenConverter($registry); $request = new Request(array(), array(), array('username' => 'test', 'token' => 'test')); diff --git a/src/Wallabag/CoreBundle/Tests/WallabagCoreTestCase.php b/src/Wallabag/CoreBundle/Tests/WallabagCoreTestCase.php index e5096528c..756525a97 100644 --- a/src/Wallabag/CoreBundle/Tests/WallabagCoreTestCase.php +++ b/src/Wallabag/CoreBundle/Tests/WallabagCoreTestCase.php @@ -21,7 +21,7 @@ abstract class WallabagCoreTestCase extends WebTestCase public function logInAs($username) { $crawler = $this->client->request('GET', '/login'); - $form = $crawler->filter('button[type=submit]')->form(); + $form = $crawler->filter('input[type=submit]')->form(); $data = array( '_username' => $username, '_password' => 'mypassword', diff --git a/src/Wallabag/CoreBundle/Entity/User.php b/src/Wallabag/UserBundle/Entity/User.php similarity index 83% rename from src/Wallabag/CoreBundle/Entity/User.php rename to src/Wallabag/UserBundle/Entity/User.php index ae2902a32..8f02e070e 100644 --- a/src/Wallabag/CoreBundle/Entity/User.php +++ b/src/Wallabag/UserBundle/Entity/User.php @@ -1,6 +1,6 @@ config = $config; @@ -192,7 +195,7 @@ class User extends BaseUser /** * Get config. * - * @return \Wallabag\CoreBundle\Entity\Config + * @return Config */ public function getConfig() { diff --git a/src/Wallabag/CoreBundle/Repository/UserRepository.php b/src/Wallabag/UserBundle/Repository/UserRepository.php similarity index 94% rename from src/Wallabag/CoreBundle/Repository/UserRepository.php rename to src/Wallabag/UserBundle/Repository/UserRepository.php index 968d0b497..c020f3ca9 100644 --- a/src/Wallabag/CoreBundle/Repository/UserRepository.php +++ b/src/Wallabag/UserBundle/Repository/UserRepository.php @@ -1,6 +1,6 @@