@@ -1,10 +1,17 @@ | |||
security: | |||
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers | |||
providers: | |||
users: | |||
local_user: | |||
chain: | |||
providers: [local_user_by_nickname, local_user_by_email] | |||
local_user_by_nickname: | |||
entity: | |||
class: 'App\Entity\LocalUser' | |||
property: 'nickname' | |||
local_user_by_email: | |||
entity: | |||
class: 'App\Entity\LocalUser' | |||
property: 'email' | |||
firewalls: | |||
dev: | |||
pattern: ^/(_(profiler|wdt)|css|images|js)/ | |||
@@ -12,12 +19,12 @@ security: | |||
main: | |||
anonymous: true | |||
lazy: true | |||
provider: users | |||
provider: local_user | |||
guard: | |||
authenticators: | |||
- App\Security\Authenticator | |||
logout: | |||
path: logout | |||
path: security_logout | |||
# where to redirect after logout | |||
target: main_all | |||
@@ -149,7 +149,7 @@ parameters: | |||
image: "/theme/licenses/cc_by_4.0.png" | |||
nickname: | |||
reserved: | |||
blacklisted: | |||
- doc | |||
- main | |||
- avatar | |||
@@ -157,7 +157,6 @@ parameters: | |||
- settings | |||
- admin | |||
featured: [] | |||
min_length: 4 | |||
password: | |||
min_length: 6 | |||
@@ -5,6 +5,8 @@ namespace App\Controller; | |||
use App\Core\Controller; | |||
use App\Core\DB\DB; | |||
use App\Core\Form; | |||
use App\Util\Exception\NicknameInvalidException; | |||
use LogicException; | |||
use function App\Core\I18n\_m; | |||
use App\Core\Log; | |||
use App\Core\VisibilityScope; | |||
@@ -18,11 +20,9 @@ use App\Util\Common; | |||
use App\Util\Exception\DuplicateFoundException; | |||
use App\Util\Exception\EmailTakenException; | |||
use App\Util\Exception\NicknameEmptyException; | |||
use App\Util\Exception\NicknameReservedException; | |||
use App\Util\Exception\NicknameNotAllowedException; | |||
use App\Util\Exception\NicknameTakenException; | |||
use App\Util\Exception\NicknameTooLongException; | |||
use App\Util\Exception\NicknameTooShortException; | |||
use App\Util\Exception\NotImplementedException; | |||
use App\Util\Exception\ServerException; | |||
use App\Util\Form\FormFields; | |||
use App\Util\Nickname; | |||
@@ -57,7 +57,7 @@ class Security extends Controller | |||
'_template' => 'security/login.html.twig', | |||
'last_login_id' => $last_login_id, | |||
'error' => $error, | |||
'notes_fn' => fn () => Note::getAllNotes(VisibilityScope::$instance_scope), | |||
'notes_fn' => fn () => Note::getAllNotes(VisibilityScope::$instance_scope), | |||
]; | |||
} | |||
@@ -66,7 +66,7 @@ class Security extends Controller | |||
*/ | |||
public function logout() | |||
{ | |||
throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.'); | |||
throw new LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.'); | |||
} | |||
/** | |||
@@ -74,25 +74,24 @@ class Security extends Controller | |||
* Register a user, making sure the nickname is not reserved and | |||
* possibly sending a confirmation email | |||
* | |||
* @param Request $request | |||
* @param Request $request | |||
* @param GuardAuthenticatorHandler $guard_handler | |||
* @param Authenticator $authenticator | |||
* @param Authenticator $authenticator | |||
* | |||
* @return null|array|Response | |||
* @throws EmailTakenException | |||
* @throws NicknameTakenException | |||
* @throws ServerException | |||
* @throws DuplicateFoundException | |||
* @throws NicknameEmptyException | |||
* @throws NicknameReservedException | |||
* @throws NicknameNotAllowedException | |||
* @throws NicknameTooLongException | |||
* @throws NicknameTooShortException | |||
* @throws NotImplementedException | |||
* @throws NicknameInvalidException | |||
* | |||
* @return null|array|Response | |||
*/ | |||
public function register(Request $request, | |||
public function register(Request $request, | |||
GuardAuthenticatorHandler $guard_handler, | |||
Authenticator $authenticator) | |||
Authenticator $authenticator) | |||
{ | |||
$form = Form::create([ | |||
['nickname', TextType::class, [ | |||
@@ -101,8 +100,8 @@ class Security extends Controller | |||
'constraints' => [ | |||
new NotBlank(['message' => _m('Please enter a nickname')]), | |||
new Length([ | |||
'min' => Common::config('nickname', 'min_length'), | |||
'minMessage' => _m(['Your nickname must be at least # characters long'], ['count' => Common::config('nickname', 'min_length')]), | |||
'min' => 1, | |||
'minMessage' => _m(['Your nickname must be at least # characters long'], ['count' => 1]), | |||
'max' => Nickname::MAX_LEN, | |||
'maxMessage' => _m(['Your nickname must be at most # characters long'], ['count' => Nickname::MAX_LEN]), ]), | |||
], | |||
@@ -128,29 +127,16 @@ class Security extends Controller | |||
$data = $form->getData(); | |||
$data['password'] = $form->get('password')->getData(); | |||
// This will throw the appropriate errors, result ignored | |||
$user = LocalUser::findByNicknameOrEmail($data['nickname'], $data['email']); | |||
if ($user !== null) { | |||
// If we do find something, there's a duplicate | |||
if ($user->getNickname() === $data['nickname']) { | |||
// Register page feedback on nickname already in use | |||
$this->addFlash('verify_nickname_error', _m('Nickname is already in use on this server.')); | |||
throw new NicknameTakenException; | |||
} else { | |||
// Register page feedback on email already in use | |||
$this->addFlash('verify_email_error', _m('Email is already taken.')); | |||
throw new EmailTakenException; | |||
} | |||
} | |||
// TODO: ensure there's no user with this email registered already | |||
$valid_nickname = Nickname::validate($data['nickname'], check_already_used: false); | |||
// Already used is checked below | |||
$sanitized_nickname = Nickname::normalize($data['nickname'], check_already_used: false); | |||
try { | |||
// This already checks if the nickname is being used | |||
$actor = Actor::create(['nickname' => $valid_nickname]); | |||
$actor = Actor::create(['nickname' => $sanitized_nickname]); | |||
$user = LocalUser::create([ | |||
'nickname' => $valid_nickname, | |||
'nickname' => $sanitized_nickname, | |||
'outgoing_email' => $data['email'], | |||
'incoming_email' => $data['email'], | |||
'password' => LocalUser::hashPassword($data['password']), | |||
@@ -166,7 +152,7 @@ class Security extends Controller | |||
} catch (UniqueConstraintViolationException $e) { | |||
// _something_ was duplicated, but since we already check if nickname is in use, we can't tell what went wrong | |||
$e = 'An error occurred while trying to register'; | |||
Log::critical($e . " with nickname: '{$valid_nickname}' and email '{$data['email']}'"); | |||
Log::critical($e . " with nickname: '{$sanitized_nickname}' and email '{$data['email']}'"); | |||
throw new ServerException(_m($e)); | |||
} | |||
// @codeCoverageIgnoreEnd | |||
@@ -308,9 +308,9 @@ class LocalUser extends Entity implements UserInterface | |||
* | |||
* @return self Returns self if nickname or email found | |||
*/ | |||
public static function findByNicknameOrEmail(string $nickname, string $email): ?self | |||
public static function getByEmail(string $email): ?self | |||
{ | |||
$users = DB::findBy('local_user', ['or' => ['nickname' => $nickname, 'outgoing_email' => $email, 'incoming_email' => $email]]); | |||
$users = DB::findBy('local_user', ['or' => ['outgoing_email' => $email, 'incoming_email' => $email]]); | |||
switch (count($users)) { | |||
case 0: | |||
return null; | |||
@@ -45,12 +45,12 @@ abstract class Main | |||
public static function load(RouteLoader $r): void | |||
{ | |||
$r->connect('login', '/login', [C\Security::class, 'login']); | |||
$r->connect('logout', '/logout', [C\Security::class, 'logout']); | |||
$r->connect('register', '/register', [C\Security::class, 'register']); | |||
$r->connect('check_email', '/check-email', [C\ResetPassword::class, 'checkEmail']); | |||
$r->connect('request_reset_password', '/request-reset-password', [C\ResetPassword::class, 'requestPasswordReset']); | |||
$r->connect('reset_password', '/reset/{token?}', [C\ResetPassword::class, 'reset']); | |||
$r->connect('security_login', '/main/login', [C\Security::class, 'login']); | |||
$r->connect('security_logout', '/main/logout', [C\Security::class, 'logout']); | |||
$r->connect('security_register', '/main/register', [C\Security::class, 'register']); | |||
$r->connect('security_check_email', '/main/check-email', [C\ResetPassword::class, 'checkEmail']); | |||
$r->connect('security_recover_password', '/main/recover-password', [C\ResetPassword::class, 'requestPasswordReset']); | |||
$r->connect('security_recover_password_token', '/main/recover-password/{token?}', [C\ResetPassword::class, 'reset']); | |||
$r->connect('root', '/', RedirectController::class, ['defaults' => ['route' => 'main_all']]); | |||
$r->connect('main_public', '/main/public', [C\Network::class, 'public']); | |||
@@ -20,6 +20,8 @@ | |||
namespace App\Security; | |||
use App\Core\DB\DB; | |||
use App\Util\Exception\NoSuchActorException; | |||
use App\Util\Exception\NotFoundException; | |||
use function App\Core\I18n\_m; | |||
use App\Entity\LocalUser; | |||
use App\Entity\User; | |||
@@ -52,7 +54,7 @@ class Authenticator extends AbstractFormLoginAuthenticator | |||
{ | |||
use TargetPathTrait; | |||
public const LOGIN_ROUTE = 'login'; | |||
public const LOGIN_ROUTE = 'security_login'; | |||
private $urlGenerator; | |||
private $csrfTokenManager; | |||
@@ -70,17 +72,11 @@ class Authenticator extends AbstractFormLoginAuthenticator | |||
public function getCredentials(Request $request) | |||
{ | |||
$credentials = [ | |||
'nickname' => $request->request->get('nickname'), | |||
return [ | |||
'nickname_or_email' => $request->request->get('nickname_or_email'), | |||
'password' => $request->request->get('password'), | |||
'csrf_token' => $request->request->get('_csrf_token'), | |||
]; | |||
$request->getSession()->set( | |||
Security::LAST_USERNAME, | |||
$credentials['nickname'] | |||
); | |||
return $credentials; | |||
} | |||
public function getUser($credentials, UserProviderInterface $userProvider) | |||
@@ -90,12 +86,17 @@ class Authenticator extends AbstractFormLoginAuthenticator | |||
throw new InvalidCsrfTokenException(); | |||
} | |||
// $nick = Nickname::normalize($credentials['nickname']); | |||
$nick = $credentials['nickname']; | |||
$user = null; | |||
try { | |||
$user = DB::findOneBy('local_user', ['or' => ['nickname' => $nick, 'outgoing_email' => $nick]]); | |||
} catch (Exception $e) { | |||
if (filter_var($credentials['nickname_or_email'], FILTER_VALIDATE_EMAIL) !== false) { | |||
$user = LocalUser::getByEmail($credentials['nickname_or_email']); | |||
} else { | |||
$user = LocalUser::getWithPK(['nickname' => Nickname::normalize($credentials['nickname_or_email'], check_already_used: false)]); | |||
} | |||
if ($user === null) { | |||
throw new NoSuchActorException('No such local user.'); | |||
} | |||
$credentials['nickname'] = $user->getNickname(); | |||
} catch (Exception) { | |||
throw new CustomUserMessageAuthenticationException( | |||
_m('Invalid login credentials.')); | |||
} | |||
@@ -118,6 +119,10 @@ class Authenticator extends AbstractFormLoginAuthenticator | |||
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey) | |||
{ | |||
$request->getSession()->set( | |||
Security::LAST_USERNAME, | |||
$token->getUser()->getNickname() | |||
); | |||
if ($targetPath = $this->getTargetPath($request->getSession(), $providerKey)) { | |||
return new RedirectResponse($targetPath); | |||
} | |||
@@ -41,11 +41,11 @@ namespace App\Util\Exception; | |||
use function App\Core\I18n\_m; | |||
class NicknameReservedException extends NicknameException | |||
class NicknameNotAllowedException extends NicknameException | |||
{ | |||
protected function defaultMessage(): string | |||
{ | |||
// TRANS: Validation error in form for registration, profile and group settings, etc. | |||
return _m('Nickname is reserved.'); | |||
return _m('This nickname is not allowed.'); | |||
} | |||
} |
@@ -1,54 +0,0 @@ | |||
<?php | |||
// {{{ License | |||
// This file is part of GNU social - https://www.gnu.org/software/social | |||
// | |||
// GNU social is free software: you can redistribute it and/or modify | |||
// it under the terms of the GNU Affero General Public License as published by | |||
// the Free Software Foundation, either version 3 of the License, or | |||
// (at your option) any later version. | |||
// | |||
// GNU social is distributed in the hope that it will be useful, | |||
// but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |||
// GNU Affero General Public License for more details. | |||
// | |||
// You should have received a copy of the GNU Affero General Public License | |||
// along with GNU social. If not, see <http://www.gnu.org/licenses/>. | |||
// }}} | |||
/** | |||
* Nickname too long exception | |||
* | |||
* @category Exception | |||
* @package GNUsocial | |||
* | |||
* @author Zach Copley <zach@status.net> | |||
* @copyright 2010 StatusNet Inc. | |||
* @author Brion Vibber <brion@pobox.com> | |||
* @author Mikael Nordfeldth <mmn@hethane.se> | |||
* @author Nym Coy <nymcoy@gmail.com> | |||
* @copyright 2009-2014 Free Software Foundation, Inc http://www.fsf.org | |||
* @auuthor Daniel Supernault <danielsupernault@gmail.com> | |||
* @auuthor Diogo Cordeiro <diogo@fc.up.pt> | |||
* | |||
* @author Hugo Sales <hugo@hsal.es> | |||
* @copyright 2018-2021 Free Software Foundation, Inc http://www.fsf.org | |||
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later | |||
*/ | |||
namespace App\Util\Exception; | |||
use function App\Core\I18n\_m; | |||
use App\Util\Common; | |||
class NicknameTooShortException extends NicknameInvalidException | |||
{ | |||
protected function defaultMessage(): string | |||
{ | |||
// TRANS: Validation error in form for registration, profile and group settings, etc. | |||
return _m(['Nickname cannot be less than # character long.'], ['count' => Common::config('nickname', 'min_length')]); | |||
} | |||
} |
@@ -0,0 +1,30 @@ | |||
<?php | |||
// {{{ License | |||
// This file is part of GNU social - https://www.gnu.org/software/social | |||
// | |||
// GNU social is free software: you can redistribute it and/or modify | |||
// it under the terms of the GNU Affero General Public License as published by | |||
// the Free Software Foundation, either version 3 of the License, or | |||
// (at your option) any later version. | |||
// | |||
// GNU social is distributed in the hope that it will be useful, | |||
// but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |||
// GNU Affero General Public License for more details. | |||
// | |||
// You should have received a copy of the GNU Affero General Public License | |||
// along with GNU social. If not, see <http://www.gnu.org/licenses/>. | |||
// }}} | |||
namespace App\Util\Exception; | |||
class NoSuchActorException extends ClientException | |||
{ | |||
public function __construct(string $m) | |||
{ | |||
parent::__construct($m); | |||
} | |||
} |
@@ -25,13 +25,13 @@ use App\Entity\LocalUser; | |||
use App\Util\Exception\NicknameEmptyException; | |||
use App\Util\Exception\NicknameException; | |||
use App\Util\Exception\NicknameInvalidException; | |||
use App\Util\Exception\NicknameReservedException; | |||
use App\Util\Exception\NicknameNotAllowedException; | |||
use App\Util\Exception\NicknameTakenException; | |||
use App\Util\Exception\NicknameTooLongException; | |||
use App\Util\Exception\NicknameTooShortException; | |||
use App\Util\Exception\NotImplementedException; | |||
use Functional as F; | |||
use Normalizer; | |||
use InvalidArgumentException; | |||
/** | |||
* Nickname validation | |||
@@ -45,9 +45,8 @@ use Normalizer; | |||
* @author Mikael Nordfeldth <mmn@hethane.se> | |||
* @author Nym Coy <nymcoy@gmail.com> | |||
* @copyright 2009-2014 Free Software Foundation, Inc http://www.fsf.org | |||
* @auuthor Daniel Supernault <danielsupernault@gmail.com> | |||
* @auuthor Diogo Cordeiro <diogo@fc.up.pt> | |||
* | |||
* @author Daniel Supernault <danielsupernault@gmail.com> | |||
* @author Diogo Cordeiro <mail@diogo.site> | |||
* @author Hugo Sales <hugo@hsal.es> | |||
* @copyright 2018-2021 Free Software Foundation, Inc http://www.fsf.org | |||
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later | |||
@@ -91,6 +90,11 @@ class Nickname | |||
*/ | |||
const WEBFINGER_FMT = '(?:\w+[\w\-\_\.]*)?\w+\@' . URL_REGEX_DOMAIN_NAME; | |||
/** | |||
* Maximum number of characters in a canonical-form nickname. Changes must validate regexs | |||
*/ | |||
const MAX_LEN = 64; | |||
/** | |||
* Regex fragment for checking a canonical nickname. | |||
* | |||
@@ -104,12 +108,7 @@ class Nickname | |||
* | |||
* This, INPUT_FMT and DISPLAY_FMT should not be enclosed in []s. | |||
*/ | |||
const CANONICAL_FMT = '[0-9a-z]{1,64}'; | |||
/** | |||
* Maximum number of characters in a canonical-form nickname. Changes must validate regexs | |||
*/ | |||
const MAX_LEN = 64; | |||
const CANONICAL_FMT = '[0-9a-z]{1,' . self::MAX_LEN . '}'; | |||
/** | |||
* Regex with non-capturing group that matches whitespace and some | |||
@@ -121,72 +120,78 @@ class Nickname | |||
*/ | |||
const BEFORE_MENTIONS = '(?:^|[\s\.\,\:\;\[\(]+)'; | |||
const CHECK_LOCAL_USER = 1; | |||
const CHECK_LOCAL_USER = 1; | |||
const CHECK_LOCAL_GROUP = 2; | |||
/** | |||
* Check if a nickname is valid or throw exceptions if it's not. | |||
* Can optionally check if the nickname is currently in use | |||
* @param string $nickname | |||
* @param bool $check_already_used | |||
* @param int $which | |||
* @param bool $check_is_allowed | |||
* @return bool | |||
* @throws NicknameEmptyException | |||
* @throws NicknameNotAllowedException | |||
* @throws NicknameTakenException | |||
* @throws NicknameTooLongException | |||
*/ | |||
public static function validate(string $nickname, bool $check_already_used = false, int $which = self::CHECK_LOCAL_USER) | |||
public static function validate(string $nickname, bool $check_already_used = false, int $which = self::CHECK_LOCAL_USER, bool $check_is_allowed = true): bool | |||
{ | |||
$nickname = trim($nickname); | |||
$length = mb_strlen($nickname); | |||
$length = mb_strlen($nickname); | |||
if ($length < 1) { | |||
throw new NicknameEmptyException(); | |||
} elseif ($length < Common::config('nickname', 'min_length')) { | |||
// dd($nickname, $length, Common::config('nickname', 'min_length')); | |||
throw new NicknameTooShortException(); | |||
} else { | |||
if ($length > self::MAX_LEN) { | |||
throw new NicknameTooLongException(); | |||
} elseif (self::isReserved($nickname) || Common::isSystemPath($nickname)) { | |||
throw new NicknameReservedException(); | |||
} elseif ($check_is_allowed && self::isBlacklisted($nickname)) { | |||
throw new NicknameNotAllowedException(); | |||
} elseif ($check_already_used) { | |||
switch ($which) { | |||
case self::CHECK_LOCAL_USER: | |||
$lu = LocalUser::findByNicknameOrEmail($nickname, email: ''); | |||
if ($lu !== null) { | |||
throw new NicknameTakenException($lu->getActor()); | |||
} | |||
break; | |||
case self::CHECK_LOCAL_USER: | |||
$lu = LocalUser::getWithPK(['nickname' => $nickname]); | |||
if ($lu !== null) { | |||
throw new NicknameTakenException($lu->getActor()); | |||
} | |||
break; | |||
// @codeCoverageIgnoreStart | |||
case self::CHECK_LOCAL_GROUP: | |||
throw new NotImplementedException(); | |||
break; | |||
default: | |||
throw new \InvalidArgumentException(); | |||
case self::CHECK_LOCAL_GROUP: | |||
throw new NotImplementedException(); | |||
break; | |||
default: | |||
throw new InvalidArgumentException(); | |||
// @codeCoverageIgnoreEnd | |||
} | |||
} | |||
} | |||
return $nickname; | |||
return true; | |||
} | |||
/** | |||
* Normalize an input $nickname, and normalize it to its canonical form. | |||
* Normalize input $nickname to its canonical form and validates it. | |||
* The canonical form will be returned, or an exception thrown if invalid. | |||
* | |||
* @throws NicknameException (base class) | |||
* @param string $nickname | |||
* @param bool $check_already_used | |||
* @param bool $check_is_allowed | |||
* @return string | |||
* @throws NicknameEmptyException | |||
* @throws NicknameInvalidException | |||
* @throws NicknameNotAllowedException | |||
* @throws NicknameTakenException | |||
* @throws NicknameTooLongException | |||
* @throws NicknameTooShortException | |||
*/ | |||
public static function normalize(string $nickname, bool $check_already_used = true, bool $checking_reserved = false): string | |||
public static function normalize(string $nickname, bool $check_already_used = true, bool $check_is_allowed = true): string | |||
{ | |||
if (!$checking_reserved) { | |||
$nickname = self::validate($nickname, $check_already_used); | |||
} | |||
$nickname = trim($nickname); | |||
$nickname = str_replace('_', '', $nickname); | |||
$nickname = mb_strtolower($nickname); | |||
$nickname = Normalizer::normalize($nickname, Normalizer::FORM_C); | |||
if (!self::isCanonical($nickname) && !filter_var($nickname, FILTER_VALIDATE_EMAIL)) { | |||
// We could do UTF-8 normalization (å to a, etc.) with something like Normalizer::normalize($nickname, Normalizer::FORM_C) | |||
// We won't as it could confuse tremendously the user, he must know what is valid and should fix his own input | |||
if (!self::validate($nickname, $check_already_used, $check_is_allowed) || !self::isCanonical($nickname)) { | |||
throw new NicknameInvalidException(); | |||
} | |||
@@ -201,11 +206,11 @@ class Nickname | |||
* | |||
* @return bool True if nickname is valid. False if invalid (or taken if $check_already_used == true). | |||
*/ | |||
public static function isValid(string $nickname, bool $check_already_used = true): bool | |||
public static function isValid(string $nickname, bool $check_already_used = true, bool $check_is_allowed = true): bool | |||
{ | |||
try { | |||
self::normalize($nickname, $check_already_used); | |||
} catch (NicknameException $e) { | |||
self::normalize($nickname, $check_already_used, $check_is_allowed); | |||
} catch (NicknameException) { | |||
return false; | |||
} | |||
@@ -214,6 +219,8 @@ class Nickname | |||
/** | |||
* Is the given string a valid canonical nickname form? | |||
* @param string $nickname | |||
* @return bool | |||
*/ | |||
public static function isCanonical(string $nickname): bool | |||
{ | |||
@@ -222,15 +229,22 @@ class Nickname | |||
/** | |||
* Is the given string in our nickname blacklist? | |||
* @param string $nickname | |||
* @return bool | |||
* @throws NicknameEmptyException | |||
* @throws NicknameInvalidException | |||
* @throws NicknameNotAllowedException | |||
* @throws NicknameTakenException | |||
* @throws NicknameTooLongException | |||
*/ | |||
public static function isReserved(string $nickname): bool | |||
public static function isBlacklisted(string $nickname): bool | |||
{ | |||
$reserved = Common::config('nickname', 'reserved'); | |||
$reserved = Common::config('nickname', 'blacklist'); | |||
if (empty($reserved)) { | |||
return false; | |||
} | |||
return in_array($nickname, array_merge($reserved, F\map($reserved, function ($n) { | |||
return self::normalize($n, check_already_used: false, checking_reserved: true); | |||
return self::normalize($n, check_already_used: false, check_is_allowed: true); | |||
}))); | |||
} | |||
} |
@@ -89,7 +89,7 @@ | |||
Settings | |||
</a> | |||
<a title='{{ 'Logout from your account.' | trans }}' href='{{ path('logout') }}'> | |||
<a title='{{ 'Logout from your account.' | trans }}' href='{{ path('security_logout') }}'> | |||
Logout | |||
</a> | |||
</nav> | |||
@@ -100,11 +100,11 @@ | |||
<h2 class="section-title">Account</h2> | |||
<nav tabindex="0" class="profile-navigation" title="{{ 'Navigate through account related pages.' | trans }}"> | |||
<a title='{{ 'Login with your existing account.' | trans }}' href="{{ path('login') }}" class='hover-effect {{ active('login') }}'> | |||
<a title='{{ 'Login with your existing account.' | trans }}' href="{{ path('security_login') }}" class='hover-effect {{ active('login') }}'> | |||
Login | |||
</a> | |||
<a title='{{ 'Register a new account!' | trans }}' href="{{ path('register') }}"> | |||
<a title='{{ 'Register a new account!' | trans }}' href="{{ path('security_register') }}"> | |||
Register | |||
</a> | |||
@@ -37,11 +37,11 @@ | |||
{% else %} | |||
{# TODO: Login can be done with email, so the id's and stuff should reflect that, along with using the translation facilities #} | |||
{# TODO: Login can be done with email, so the element id's should reflect that #} | |||
<div class="form-group"> | |||
<label class="section-form-label" for="inputNickname">{{ "Nickname or Email" | trans }}</label> | |||
<input type="text" value="{{ last_login_id }}" name="nickname" id="inputNickname" class="form-control" required autofocus> | |||
<p class="help-text">{{ "Your nickname." | trans }}</p> | |||
<input type="text" value="{{ last_login_id }}" name="nickname_or_email" id="inputNickname" class="form-control" required autofocus> | |||
<p class="help-text">{{ "Your nickname or email address." | trans }}</p> | |||
</div> | |||
<div class="form-group"> | |||
<label class="section-form-label" for="inputPassword">{{ "Password" | trans }}</label> | |||
@@ -22,7 +22,7 @@ namespace App\Tests\Util; | |||
use App\Util\Common; | |||
use App\Util\Exception\NicknameEmptyException; | |||
use App\Util\Exception\NicknameInvalidException; | |||
use App\Util\Exception\NicknameReservedException; | |||
use App\Util\Exception\NicknameNotAllowedException; | |||
use App\Util\Exception\NicknameTakenException; | |||
use App\Util\Exception\NicknameTooLongException; | |||
use App\Util\Exception\NicknameTooShortException; | |||
@@ -53,7 +53,7 @@ class NicknameTest extends GNUsocialTestCase | |||
static::assertThrows(NicknameTooShortException::class, fn () => Nickname::normalize('foo', check_already_used: false)); | |||
static::assertThrows(NicknameEmptyException::class, fn () => Nickname::normalize('', check_already_used: false)); | |||
// static::assertThrows(NicknameInvalidException::class, fn () => Nickname::normalize('FóóBár', check_already_used: false)); | |||
static::assertThrows(NicknameReservedException::class, fn () => Nickname::normalize('this_nickname_is_reserved', check_already_used: false)); | |||
static::assertThrows(NicknameNotAllowedException::class, fn () => Nickname::normalize('this_nickname_is_reserved', check_already_used: false)); | |||
static::bootKernel(); | |||
static::assertSame('foobar', Nickname::normalize('foobar', check_already_used: true)); | |||
@@ -79,13 +79,13 @@ class NicknameTest extends GNUsocialTestCase | |||
static::assertTrue($cb instanceof ContainerBagInterface); | |||
$cb->method('get')->willReturnMap([['gnusocial', $conf], ['gnusocial_defaults', $conf]]); | |||
Common::setupConfig($cb); | |||
static::assertTrue(Nickname::isReserved('this_nickname_is_reserved')); | |||
static::assertFalse(Nickname::isReserved('this_nickname_is_not_reserved')); | |||
static::assertTrue(Nickname::isBlacklisted('this_nickname_is_reserved')); | |||
static::assertFalse(Nickname::isBlacklisted('this_nickname_is_not_reserved')); | |||
$conf = ['nickname' => ['min_length' => 4, 'reserved' => []]]; | |||
$cb = $this->createMock(ContainerBagInterface::class); | |||
$cb->method('get')->willReturnMap([['gnusocial', $conf], ['gnusocial_defaults', $conf]]); | |||
Common::setupConfig($cb); | |||
static::assertFalse(Nickname::isReserved('this_nickname_is_reserved')); | |||
static::assertFalse(Nickname::isBlacklisted('this_nickname_is_reserved')); | |||
} | |||
} |