GNUsocial
/
gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity

[CONTROLLER][SECURITY] Registration feedback. The flashError works. However, Symfony's Exception error page is viewed upon trying to register.

This commit is contained in:
Eliseu Amaro 2021-09-15 00:25:16 +01:00
parent efafc9f7eb
commit 26af284353
4 changed files with 116 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
src/Controller/Security.php
View File

@ -5,6 +5,13 @@ namespace App\Controller;
use App\Core\Controller; use App\Core\Controller;
use App\Core\DB\DB; use App\Core\DB\DB;
use App\Core\Form; use App\Core\Form;
use App\Util\Exception\DuplicateFoundException;
use App\Util\Exception\NicknameEmptyException;
use App\Util\Exception\NicknameReservedException;
use App\Util\Exception\NicknameTooLongException;
use App\Util\Exception\NicknameTooShortException;
use App\Util\Exception\NotImplementedException;
use Symfony\Component\HttpFoundation\Response;
use function App\Core\I18n\_m; use function App\Core\I18n\_m;
use App\Core\Log; use App\Core\Log;
use App\Core\VisibilityScope; use App\Core\VisibilityScope;
@ -62,13 +69,29 @@ class Security extends Controller
throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.'); throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
} }
/** /**
*
* Register a user, making sure the nickname is not reserved and * Register a user, making sure the nickname is not reserved and
* possibly sending a confirmation email * possibly sending a confirmation email
*
* @param Request $request
* @param GuardAuthenticatorHandler $guard_handler
* @param Authenticator $authenticator
* @return array|Response|null
* @throws EmailTakenException
* @throws NicknameTakenException
* @throws ServerException
* @throws DuplicateFoundException
* @throws NicknameEmptyException
* @throws NicknameReservedException
* @throws NicknameTooLongException
* @throws NicknameTooShortException
* @throws NotImplementedException
*/ */
public function register(Request $request, public function register(Request $request,
GuardAuthenticatorHandler $guard_handler, GuardAuthenticatorHandler $guard_handler,
Authenticator $authenticator) Authenticator $authenticator)
{ {
$form = Form::create([ $form = Form::create([
['nickname', TextType::class, [ ['nickname', TextType::class, [
@ -84,6 +107,7 @@ class Security extends Controller
], ],
'block_name' => 'nickname', 'block_name' => 'nickname',
'label_attr' => ['class' => 'section-form-label'], 'label_attr' => ['class' => 'section-form-label'],
'invalid_message' => _m('Nickname not valid. Please provide a valid nickname.'),
]], ]],
['email', EmailType::class, [ ['email', EmailType::class, [
'label' => _m('Email'), 'label' => _m('Email'),
@ -91,6 +115,7 @@ class Security extends Controller
'constraints' => [ new NotBlank(['message' => _m('Please enter an email') ])], 'constraints' => [ new NotBlank(['message' => _m('Please enter an email') ])],
'block_name' => 'email', 'block_name' => 'email',
'label_attr' => ['class' => 'section-form-label'], 'label_attr' => ['class' => 'section-form-label'],
'invalid_message' => _m('Email not valid. Please provide a valid email.'),
]], ]],
FormFields::repeated_password(), FormFields::repeated_password(),
['register', SubmitType::class, ['label' => _m('Register')]], ['register', SubmitType::class, ['label' => _m('Register')]],
@ -105,10 +130,15 @@ class Security extends Controller
// This will throw the appropriate errors, result ignored // This will throw the appropriate errors, result ignored
$user = LocalUser::findByNicknameOrEmail($data['nickname'], $data['email']); $user = LocalUser::findByNicknameOrEmail($data['nickname'], $data['email']);
if ($user !== null) { if ($user !== null) {
// If we do find something, there's a duplicate // If we do find something, there's a duplicate
if ($user->getNickname() == $data['nickname']) { if ($user->getNickname() === $data['nickname']) {
// Register page feedback on nickname already in use
$this->addFlash("verify_nickname_error", _m('Nickname is already in use on this server.'));
throw new NicknameTakenException; throw new NicknameTakenException;
} else { } else {
// Register page feedback on email already in use
$this->addFlash("verify_email_error", _m('Email is already taken.'));
throw new EmailTakenException; throw new EmailTakenException;
} }
} }

92
templates/security/login.html.twig
View File

@ -8,54 +8,58 @@
{% block title %}{{ "Log in!" | trans }}{% endblock %} {% block title %}{{ "Log in!" | trans }}{% endblock %}
{% block body %} {% block body %}
<div class='content'> <section class="section-widget">
<section class="section-widget"> <form class="section-form" method="post">
<form class="section-form" method="post"> <fieldset>
<fieldset> <legend class="section-form-legend">{{ "Login" | trans }}</legend>
<legend class="section-form-legend"><h1>{{ "Login" | trans }}</h1></legend>
{% if error %} {% if error %}
<ul>
{% for flashError in app.flashes('verify_email_error') %}
<li class="alert alert-danger">{{ error.messageKey | trans(error.messageData, 'security') }}</li>
{% endfor %}
</ul>
{% endif %}
{% if app.user %} <ul>
<h1 class="mb-3"> {% for flashError in app.flashes('verify_email_error') %}
{{ "You are logged in as" | trans }} {{ app.user.username }}. <li class="alert alert-danger">{{ error.messageKey | trans(error.messageData, 'security') }}</li>
<button class="btn btn-lg btn-primary"> {% endfor %}
<a href="{{ path('app_logout') }}">{{ "Logout" | trans }}</a> </ul>
</button>
</h1>
{% else %}
{# TODO: Login can be done with email, so the id's and stuff should reflect that, along with using the translation facilities #}
<div>
<label class="section-form-label" for="inputNickname">{{ "Nickname or Email" | trans }}</label>
<input type="text" value="{{ last_login_id }}" name="nickname" id="inputNickname" class="form-control" required autofocus>
<p class="help-text">{{ "Your nickname." | trans }}</p>
</div>
<div>
<label class="section-form-label" for="inputPassword">{{ "Password" | trans }}</label>
<input type="password" name="password" id="inputPassword" class="form-control" required>
<p class="help-text">{{ "Your account's password." | trans }}</p>
</div>
<span class="checkbox mb-3"> {% endif %}
<label>{{ "Remember me" | trans }}</label>
<input type="checkbox" name="_remember_me">
</span>
<div> {% if app.user %}
<button class="btn btn-lg btn-primary" type="submit">Sign in</button>
</div> <h1 class="mb-3">
<input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}"> {{ "You are logged in as" | trans }} {{ app.user.username }}.
{% endif %} <button class="btn btn-lg btn-primary">
</fieldset> <a href="{{ path('app_logout') }}">{{ "Logout" | trans }}</a>
</form> </button>
</section> </h1>
</div>
{% else %}
{# TODO: Login can be done with email, so the id's and stuff should reflect that, along with using the translation facilities #}
<div class="form-group">
<label class="section-form-label" for="inputNickname">{{ "Nickname or Email" | trans }}</label>
<input type="text" value="{{ last_login_id }}" name="nickname" id="inputNickname" class="form-control" required autofocus>
<p class="help-text">{{ "Your nickname." | trans }}</p>
</div>
<div class="form-group">
<label class="section-form-label" for="inputPassword">{{ "Password" | trans }}</label>
<input type="password" name="password" id="inputPassword" class="form-control" required>
<p class="help-text">{{ "Your account's password." | trans }}</p>
</div>
<span class="checkbox mb-3">
<input type="checkbox" name="_remember_me">
<label>{{ "Remember me" | trans }}</label>
</span>
<div>
<button class="btn btn-lg btn-primary" type="submit">Sign in</button>
</div>
<input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
{% endif %}
</fieldset>
</form>
</section>
{% endblock body %} {% endblock body %}
{% block javascripts %}{% endblock %} {% block javascripts %}{% endblock %}

46
templates/security/register.html.twig
View File

@ -8,29 +8,31 @@
{% block title %}Register{% endblock %} {% block title %}Register{% endblock %}
{% block body %} {% block body %}
<div class='content'> <section class="section-widget">
<div class="section-container">
<section class="section-widget">
{{ form_start(registration_form) }}
<fieldset class="section-form">
<legend class="section-form-legend">
<h1>{{ "Register a new account" | trans }}</h1>
</legend>
<ul>
{% for flashError in app.flashes('verify_email_error') %}
<li class="alert alert-danger" role="alert">{{ flashError }}</li>
{% endfor %}
</ul>
{{ form_row(registration_form.nickname) }}
{{ form_row(registration_form.email) }}
{{ form_row(registration_form.password) }}
{{ form_row(registration_form.register) }}
</fieldset>
{{ form_end(registration_form) }}
</section>
</div>
</div> <form class="section-form" method="post">
{{ form_start(registration_form) }}
<fieldset>
<legend class="section-form-legend">{{ "Register" | trans }}</legend>
<ul>
{% for flashError in app.flashes('verify_email_error') %}
<li class="alert alert-danger" role="alert">{{ flashError }}</li>
{% endfor %}
{% for flashError in app.flashes('verify_nickname_error') %}
<li class="alert alert-danger" role="alert">{{ flashError }}</li>
{% endfor %}
</ul>
{{ form_row(registration_form.nickname) }}
{{ form_row(registration_form.email) }}
{{ form_row(registration_form.password) }}
{{ form_row(registration_form.register) }}
</fieldset>
{{ form_end(registration_form) }}
</form>
</section>
{% endblock body %} {% endblock body %}
{% block javascripts %}{% endblock %} {% block javascripts %}{% endblock %}

20
templates/sidepanel/right/right.html.twig
View File

@ -18,21 +18,23 @@
</details> </details>
<div class="section-form"> <div class="section-form">
{{ form_start(post_form) }} <fieldset>
{{ form_start(post_form) }}
{{ form_row(post_form.to, {'attr': {'class': 'section-form-scope'}}) }} {{ form_row(post_form.to, {'attr': {'class': 'section-form-scope'}}) }}
{{ form_row(post_form.visibility, {'attr': {'class': 'section-form-scope'}}) }} {{ form_row(post_form.visibility, {'attr': {'class': 'section-form-scope'}}) }}
{{ form_row(post_form.content, {'attr': {'class': 'section-form-textarea'}}) }} {{ form_row(post_form.content, {'attr': {'class': 'section-form-textarea'}}) }}
<label for="{{ post_form.attachments.vars.id }}" class="section-form-options"> <label for="{{ post_form.attachments.vars.id }}" class="section-form-options">
{{ form_widget(post_form.attachments) }} {{ form_widget(post_form.attachments) }}
</label> </label>
{{ form_row(post_form.post_note, {'attr': {'class': 'section-form-send'}}) }} {{ form_row(post_form.post_note, {'attr': {'class': 'section-form-send'}}) }}
{{ form_end(post_form) }} {{ form_end(post_form) }}
</fieldset>
</div> </div>
</section> </section>
{% endif %} {% endif %}