gnu-social/src/Controller/Security.php

<?php

namespace App\Controller;

use App\Core\Controller;
use App\Core\DB\DB;
use App\Core\Form;
use function App\Core\I18n\_m;
use App\Core\VisibilityScope;
use App\Entity\Follow;
use App\Entity\GSActor;
use App\Entity\LocalUser;
use App\Entity\Note;
use App\Security\Authenticator;
use App\Security\EmailVerifier;
use app\Util\Common;
use App\Util\Exception\NicknameTakenException;
use App\Util\Nickname;
use Doctrine\DBAL\Exception\UniqueConstraintViolationException;
use Symfony\Component\Form\Extension\Core\Type\EmailType;
use Symfony\Component\Form\Extension\Core\Type\PasswordType;
use Symfony\Component\Form\Extension\Core\Type\SubmitType;
use Symfony\Component\Form\Extension\Core\Type\TextType;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
use Symfony\Component\Validator\Constraints\Length;
use Symfony\Component\Validator\Constraints\NotBlank;

class Security extends Controller
{
    /**
     * Log a user in
     */
    public function login(AuthenticationUtils $authenticationUtils)
    {
        if ($this->getUser()) {
            return $this->redirectToRoute('main_all');
        }

        // get the login error if there is one
        $error = $authenticationUtils->getLastAuthenticationError();
        // last username entered by the user
        $last_username = $authenticationUtils->getLastUsername();

        return ['_template' => 'security/login.html.twig', 'last_username' => $last_username, 'error' => $error, 'notes' => Note::getAllNotes(VisibilityScope::$instance_scope)];
    }

    public function logout()
    {
        throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
    }

    /**
     * Register a user, making sure the nickname is not reserved and
     * possibly sending a confirmation email
     */
    public function register(Request $request,
                             EmailVerifier $email_verifier,
                             GuardAuthenticatorHandler $guard_handler,
                             Authenticator $authenticator)
    {
        $form = Form::create([
            ['nickname', TextType::class, [
                'label'       => _m('Nickname'),
                'constraints' => [
                    new NotBlank(['message' => _m('Please enter a nickname')]),
                    new Length([
                    'min'        => Common::config('nickname', 'min_length'),
                    'minMessage' => _m(['Your nickname must be at least # characters long'], ['count' => Common::config('nickname', 'min_length')]),
                    'max'        => Nickname::MAX_LEN,
                    'maxMessage' => _m(['Your nickname must be at most # characters long'], ['count' => Nickname::MAX_LEN]), ]),
                ],
            ]],
            ['email', EmailType::class, [
                'label' => _m('Email'),
                'constraints' => [ new NotBlank(['message' => _m('Please enter an email') ])]
            ]],
            ['password', PasswordType::class, [
                'label'       => _m('Password'),
                'mapped'      => false,
                'constraints' => [
                    new NotBlank(['message' => _m('Please enter a password')]),
                    new Length(['min' => Common::config('password', 'min_length'), 'minMessage' => _m(['Your password should be at least # characters'], ['count' => Common::config('password', 'min_length')]),
                                'max' => Common::config('password', 'max_length'), 'maxMessage' => _m(['Your password should be at most # characters'],  ['count' => Common::config('password', 'max_length')]), ]),
                ],
            ]],
            ['register', SubmitType::class, ['label' => _m('Register')]],
        ]);

        $form->handleRequest($request);

        if ($form->isSubmitted() && $form->isValid()) {
            $data             = $form->getData();
            $data['password'] = $form->get('password')->getData();

            $valid_nickname = Nickname::normalize($data['nickname'], check_already_used: true);

            try {
                $actor = GSActor::create(['nickname' => $data['nickname'], 'normalized_nickname' => Nickname::normalize($data['nickname'], check_already_used: true)]);
                $user  = LocalUser::create([
                    'nickname'       => $data['nickname'],
                    'outgoing_email' => $data['email'],
                    'incoming_email' => $data['email'],
                    'password'       => LocalUser::hashPassword($data['password']),
                ]);
                DB::persistWithSameId(
                    $actor,
                    $user,
                    // Self follow
                    fn (int $id) => DB::persist(Follow::create(['follower' => $id, 'followed' => $id]))
                );
                DB::flush();
            } catch (UniqueConstraintViolationException $e) {
                throw new NicknameTakenException;
            }

            // generate a signed url and email it to the user
            if (Common::config('site', 'use_email')) {
                $email_verifier->sendEmailConfirmation(
                    'verify_email',
                    $user,
                    (new TemplatedEmail())
                    ->from(new Address(Common::config('site', 'email'), Common::config('site', 'nickname')))
                    ->to($user->getOutgoingEmail())
                    ->subject(_m('Please Confirm your Email'))
                    ->htmlTemplate('security/confirmation_email.html.twig')
                );
            } else {
                $user->setIsEmailVerified(true);
            }

            return $guard_handler->authenticateUserAndHandleSuccess(
                $user,
                $request,
                $authenticator,
                'main' // firewall name in security.yaml
            );
        }

        return [
            '_template'         => 'security/register.html.twig',
            'registration_form' => $form->createView(),
            'notes'             => Note::getAllNotes(VisibilityScope::$instance_scope),
        ];
    }
}
[UI][SESSION] Add login and logout pages 2020-07-22 02:58:25 +01:00			`<?php`

			`namespace App\Controller;`

[CONTROLLER][ROUTES] Refactor controllers to use the new base class and remove controller from the class name 2020-07-23 15:08:31 +01:00			`use App\Core\Controller;`
[USER][UI][AUTHENTICATION] Add registration form 2020-07-25 03:06:55 +01:00			`use App\Core\DB\DB;`
			`use App\Core\Form;`
			`use function App\Core\I18n\_m;`
[CORE] Rename NoteScope to VisibilityScope, as it will be used for attachment visbility too 2021-04-15 23:26:05 +01:00			`use App\Core\VisibilityScope;`
[REGISTER] Add self follow when registering, fixing the '-1 followers' bug 2020-10-11 21:27:50 +01:00			`use App\Entity\Follow;`
[CORE][DB] Fix uses of db tables after previous restructure 2020-08-13 02:23:22 +01:00			`use App\Entity\GSActor;`
[USER][UI][AUTHENTICATION] Add registration form 2020-07-25 03:06:55 +01:00			`use App\Entity\LocalUser;`
[UI][TIMELINES] Refactored query for public stream 2020-12-02 22:57:32 +00:00			`use App\Entity\Note;`
[USER][UI][AUTHENTICATION] Add registration form 2020-07-25 03:06:55 +01:00			`use App\Security\Authenticator;`
			`use App\Security\EmailVerifier;`
			`use app\Util\Common;`
[DB] Remove unique constraint from GSActor.nickname and fix register and related functionality 2021-04-11 12:03:32 +01:00			`use App\Util\Exception\NicknameTakenException;`
[USER][UI][AUTHENTICATION] Add registration form 2020-07-25 03:06:55 +01:00			`use App\Util\Nickname;`
[DB] Remove unique constraint from GSActor.nickname and fix register and related functionality 2021-04-11 12:03:32 +01:00			`use Doctrine\DBAL\Exception\UniqueConstraintViolationException;`
[USER][UI][AUTHENTICATION] Add registration form 2020-07-25 03:06:55 +01:00			`use Symfony\Component\Form\Extension\Core\Type\EmailType;`
			`use Symfony\Component\Form\Extension\Core\Type\PasswordType;`
			`use Symfony\Component\Form\Extension\Core\Type\SubmitType;`
			`use Symfony\Component\Form\Extension\Core\Type\TextType;`
			`use Symfony\Component\HttpFoundation\Request;`
			`use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;`
[UI][SESSION] Add login and logout pages 2020-07-22 02:58:25 +01:00			`use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;`
[USER][UI][AUTHENTICATION] Add registration form 2020-07-25 03:06:55 +01:00			`use Symfony\Component\Validator\Constraints\Length;`
			`use Symfony\Component\Validator\Constraints\NotBlank;`
[UI][SESSION] Add login and logout pages 2020-07-22 02:58:25 +01:00
[CONTROLLER][ROUTES] Refactor controllers to use the new base class and remove controller from the class name 2020-07-23 15:08:31 +01:00			`class Security extends Controller`
[UI][SESSION] Add login and logout pages 2020-07-22 02:58:25 +01:00			`{`
[DOCUMENTATION][REFACTOR] Add documentation to all flagged function and do some small cleanup 2020-11-06 19:47:15 +00:00			`/**`
			`* Log a user in`
			`*/`
[CONTROLLER][ROUTES] Refactor the base Controller to not reinvent the wheel too much and rely on Symfony's events 2020-07-23 18:55:06 +01:00			`public function login(AuthenticationUtils $authenticationUtils)`
[UI][SESSION] Add login and logout pages 2020-07-22 02:58:25 +01:00			`{`
			`if ($this->getUser()) {`
			`return $this->redirectToRoute('main_all');`
			`}`

			`// get the login error if there is one`
			`$error = $authenticationUtils->getLastAuthenticationError();`
			`// last username entered by the user`
[CONTROLLER][ROUTES] Refactor controllers to use the new base class and remove controller from the class name 2020-07-23 15:08:31 +01:00			`$last_username = $authenticationUtils->getLastUsername();`
[UI][SESSION] Add login and logout pages 2020-07-22 02:58:25 +01:00
[CORE] Rename NoteScope to VisibilityScope, as it will be used for attachment visbility too 2021-04-15 23:26:05 +01:00			`return ['_template' => 'security/login.html.twig', 'last_username' => $last_username, 'error' => $error, 'notes' => Note::getAllNotes(VisibilityScope::$instance_scope)];`
[UI][SESSION] Add login and logout pages 2020-07-22 02:58:25 +01:00			`}`

			`public function logout()`
			`{`
			`throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');`
			`}`
[USER][UI][AUTHENTICATION] Add registration form 2020-07-25 03:06:55 +01:00
[DOCUMENTATION][REFACTOR] Add documentation to all flagged function and do some small cleanup 2020-11-06 19:47:15 +00:00			`/**`
			`* Register a user, making sure the nickname is not reserved and`
			`* possibly sending a confirmation email`
			`*/`
[USER][UI][AUTHENTICATION] Add registration form 2020-07-25 03:06:55 +01:00			`public function register(Request $request,`
			`EmailVerifier $email_verifier,`
			`GuardAuthenticatorHandler $guard_handler,`
			`Authenticator $authenticator)`
			`{`
			`$form = Form::create([`
			`['nickname', TextType::class, [`
			`'label' => _m('Nickname'),`
[CONFIG] Make password length limits configurable 2021-07-28 22:06:10 +01:00			`'constraints' => [`
			`new NotBlank(['message' => _m('Please enter a nickname')]),`
			`new Length([`
[WEB] Fix translations and small inconsistency when opening on web 2021-04-10 23:32:47 +01:00			`'min' => Common::config('nickname', 'min_length'),`
			`'minMessage' => _m(['Your nickname must be at least # characters long'], ['count' => Common::config('nickname', 'min_length')]),`
			`'max' => Nickname::MAX_LEN,`
			`'maxMessage' => _m(['Your nickname must be at most # characters long'], ['count' => Nickname::MAX_LEN]), ]),`
[USER][UI][AUTHENTICATION] Add registration form 2020-07-25 03:06:55 +01:00			`],`
			`]],`
[CONFIG] Make password length limits configurable 2021-07-28 22:06:10 +01:00			`['email', EmailType::class, [`
			`'label' => _m('Email'),`
			`'constraints' => [ new NotBlank(['message' => _m('Please enter an email') ])]`
			`]],`
[USER][UI][AUTHENTICATION] Add registration form 2020-07-25 03:06:55 +01:00			`['password', PasswordType::class, [`
			`'label' => _m('Password'),`
			`'mapped' => false,`
			`'constraints' => [`
			`new NotBlank(['message' => _m('Please enter a password')]),`
[CONFIG] Make password length limits configurable 2021-07-28 22:06:10 +01:00			`new Length(['min' => Common::config('password', 'min_length'), 'minMessage' => _m(['Your password should be at least # characters'], ['count' => Common::config('password', 'min_length')]),`
			`'max' => Common::config('password', 'max_length'), 'maxMessage' => _m(['Your password should be at most # characters'], ['count' => Common::config('password', 'max_length')]), ]),`
[USER][UI][AUTHENTICATION] Add registration form 2020-07-25 03:06:55 +01:00			`],`
			`]],`
			`['register', SubmitType::class, ['label' => _m('Register')]],`
			`]);`

			`$form->handleRequest($request);`

			`if ($form->isSubmitted() && $form->isValid()) {`
			`$data = $form->getData();`
			`$data['password'] = $form->get('password')->getData();`

[WEB] Fix translations and small inconsistency when opening on web 2021-04-10 23:32:47 +01:00			`$valid_nickname = Nickname::normalize($data['nickname'], check_already_used: true);`
[USER][UI][AUTHENTICATION] Add registration form 2020-07-25 03:06:55 +01:00
[DB] Remove unique constraint from GSActor.nickname and fix register and related functionality 2021-04-11 12:03:32 +01:00			`try {`
[ENTITY] Add 'normalized_nickname' to GSActor, the result of Nickname::normalize, so we can make sure we don't have very similar nicknames duplicated 2021-05-05 13:19:10 +01:00			`$actor = GSActor::create(['nickname' => $data['nickname'], 'normalized_nickname' => Nickname::normalize($data['nickname'], check_already_used: true)]);`
[SECURITY][DB] Make user register 'atomic', by using a single transaction for inserting all objects, to avoid partial inserts 2021-04-23 13:54:25 +01:00			`$user = LocalUser::create([`
[DB] Remove unique constraint from GSActor.nickname and fix register and related functionality 2021-04-11 12:03:32 +01:00			`'nickname' => $data['nickname'],`
			`'outgoing_email' => $data['email'],`
			`'incoming_email' => $data['email'],`
			`'password' => LocalUser::hashPassword($data['password']),`
			`]);`
[SECURITY][DB] Make user register 'atomic', by using a single transaction for inserting all objects, to avoid partial inserts 2021-04-23 13:54:25 +01:00			`DB::persistWithSameId(`
			`$actor,`
			`$user,`
			`// Self follow`
			`fn (int $id) => DB::persist(Follow::create(['follower' => $id, 'followed' => $id]))`
			`);`
			`DB::flush();`
[DB] Remove unique constraint from GSActor.nickname and fix register and related functionality 2021-04-11 12:03:32 +01:00			`} catch (UniqueConstraintViolationException $e) {`
			`throw new NicknameTakenException;`
			`}`
[USER][UI][AUTHENTICATION] Add registration form 2020-07-25 03:06:55 +01:00
			`// generate a signed url and email it to the user`
			`if (Common::config('site', 'use_email')) {`
			`$email_verifier->sendEmailConfirmation(`
			`'verify_email',`
			`$user,`
			`(new TemplatedEmail())`
			`->from(new Address(Common::config('site', 'email'), Common::config('site', 'nickname')))`
			`->to($user->getOutgoingEmail())`
			`->subject(_m('Please Confirm your Email'))`
			`->htmlTemplate('security/confirmation_email.html.twig')`
			`);`
			`} else {`
			`$user->setIsEmailVerified(true);`
			`}`

			`return $guard_handler->authenticateUserAndHandleSuccess(`
			`$user,`
			`$request,`
			`$authenticator,`
			`'main' // firewall name in security.yaml`
			`);`
			`}`

			`return [`
			`'_template' => 'security/register.html.twig',`
			`'registration_form' => $form->createView(),`
[CORE] Rename NoteScope to VisibilityScope, as it will be used for attachment visbility too 2021-04-15 23:26:05 +01:00			`'notes' => Note::getAllNotes(VisibilityScope::$instance_scope),`
[USER][UI][AUTHENTICATION] Add registration form 2020-07-25 03:06:55 +01:00			`];`
			`}`
[UI][SESSION] Add login and logout pages 2020-07-22 02:58:25 +01:00			`}`