GNUsocial
/
gnu-social
4
0
Fork 1
Code Issues Releases 4 Wiki Activity
Browse Source

[CORE][SECURITY] Move to the new authentication format, for Symfony 5.3

oauth1
Hugo Sales 7 months ago
parent
05758c999f
commit
d9544c6edb
Signed by: someonewithpc <hugo@hsal.es> GPG Key ID: 7D0C7EAFC9D835A0
3 changed files with 21 additions and 8 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      config/packages/security.yaml
  2. +18
    -4
      src/Security/Authenticator.php
  3. +2
    -3
      templates/security/login.html.twig

+ 1
- 1
config/packages/security.yaml View File

@@ -3,8 +3,8 @@ security:
password_hashers:
App\Entity\LocalUser:
algorithm: auto
providers:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
local_user:
chain:
providers: [local_user_by_nickname, local_user_by_email]


+ 18
- 4
src/Security/Authenticator.php View File

@@ -82,9 +82,9 @@ class Authenticator extends AbstractFormLoginAuthenticator implements Authentica
public function getCredentials(Request $request): array
{
return [
'nickname_or_email' => $request->request->get('nickname_or_email'),
'password' => $request->request->get('password'),
'csrf_token' => $request->request->get('_csrf_token'),
'nickname_or_email' => $request->request->get('_username'),
'password' => $request->request->get('_password'),
'csrf_token' => $request->request->get('_csrf_token'),
];
}

@@ -161,7 +161,21 @@ class Authenticator extends AbstractFormLoginAuthenticator implements Authentica
return new RedirectResponse(Router::url('main_all'));
}

protected function getLoginUrl(): string
public function authenticate(Request $request): PassportInterface
{
$nickname = $request->request->get('nickname', '');
$request->getSession()->set(Security::LAST_USERNAME, $nickname);

return new Passport(
new UserBadge($nickname),
new PasswordCredentials($request->request->get('password', '')),
[
new CsrfTokenBadge('authenticate', $request->request->get('_csrf_token')),
],
);
}

protected function getLoginUrl()
{
return Router::url(self::LOGIN_ROUTE);
}


+ 2
- 3
templates/security/login.html.twig View File

@@ -39,13 +39,12 @@

<div class="mb-3">
<label class="section-form-label" for="inputNicknameOrEmail">{{ "Nickname or Email" | trans }}</label>
<input type="text" value="{{ last_login_id }}" name="nickname_or_email" id="inputNicknameOrEmail"
class="form-control" required autofocus>
<input type="text" value="{{ last_login_id }}" name="_username" id="inputNicknameOrEmail" class="form-control" required autofocus>
<p class="help-text">{{ "Your nickname or email address." | trans }}</p>
</div>
<div class="mb-3">
<label class="section-form-label" for="inputPassword">{{ "Password" | trans }}</label>
<input type="password" name="password" id="inputPassword" class="form-control" required>
<input type="password" name="_password" id="inputPassword" class="form-control" required>
<p class="help-text">{{ "Your account's password." | trans }}</p>
</div>



Write Preview
Loading…
Cancel
Save