forked from deblan/gist
Security: user authentication (still buging)
Service: refatoring Translations
This commit is contained in:
parent
9cf3434d1a
commit
ed37fbf453
|
@ -4,40 +4,47 @@ use Gist\Service\UserProvider;
|
|||
use Silex\Provider\SecurityServiceProvider;
|
||||
use Gist\Service\SaltGenerator;
|
||||
use Silex\Provider\SessionServiceProvider;
|
||||
use Gist\Security\AuthentificationProvider;
|
||||
use Gist\Security\AuthentificationListener;
|
||||
use Gist\Security\AuthenticationProvider;
|
||||
use Gist\Security\AuthenticationListener;
|
||||
use Gist\Security\AuthenticationEntryPoint;
|
||||
|
||||
$app['salt_generator'] = function ($app) {
|
||||
$app['enable_registration'] = true;
|
||||
$app['enable_login'] = true;
|
||||
|
||||
$app['salt_generator'] = $app->share(function($app) {
|
||||
return new SaltGenerator();
|
||||
};
|
||||
});
|
||||
|
||||
$app['user.provider'] = function ($app) {
|
||||
$app['user.provider'] = $app->share(function ($app) {
|
||||
return new UserProvider(
|
||||
$app['security.encoder.digest'],
|
||||
$app['salt_generator']
|
||||
);
|
||||
};
|
||||
});
|
||||
|
||||
$app->register(new SessionServiceProvider());
|
||||
|
||||
|
||||
$app['security.authentication_listener.factory.form_login'] = $app->protect(function ($name, $options) use ($app) {
|
||||
$app['security.authentication_provider.'.$name.'.form_login'] = $app->share(function ($app) {
|
||||
return new AuthentificationProvider($app['user.provider']);
|
||||
return new AuthenticationProvider($app['user.provider']);
|
||||
});
|
||||
|
||||
$app['security.authentication_listener.'.$name.'.form_login'] = $app->share(function ($app) {
|
||||
return new AuthentificationListener(
|
||||
$app['security.authentication_listener.'.$name.'.form_login'] = $app->share(function ($app) use ($name) {
|
||||
return new AuthenticationListener(
|
||||
$app['security.token_storage'],
|
||||
$app['security.authentication_manager'],
|
||||
$app['url_generator']
|
||||
$app['security.authentication_provider.'.$name.'.form_login']
|
||||
);
|
||||
});
|
||||
|
||||
$app['security.authentication.entry_point.'.$name.'.form_login'] = $app->share(function ($app) use ($name) {
|
||||
return new AuthenticationEntryPoint($app['url_generator']);
|
||||
});
|
||||
|
||||
return [
|
||||
'security.authentication_provider.'.$name.'.form_login',
|
||||
'security.authentication_listener.'.$name.'.form_login',
|
||||
null,
|
||||
'security.authentication.entry_point.'.$name.'.form_login',
|
||||
'pre_auth'
|
||||
];
|
||||
});
|
||||
|
@ -47,7 +54,7 @@ $app->register(
|
|||
[
|
||||
'security.firewalls' => [
|
||||
'default' => [
|
||||
'pattern' => '^/[a-z]{2}/my',
|
||||
'pattern' => '^/[a-z]{2}/',
|
||||
'anonymous' => true,
|
||||
'http' => false,
|
||||
'form_login' => [
|
|
@ -4,9 +4,9 @@ use Symfony\Component\Routing\Loader\YamlFileLoader;
|
|||
|
||||
$app['routing.file'] = 'routing.yml';
|
||||
|
||||
$app['routing.loader'] = function ($app) {
|
||||
$app['routing.loader'] = $app->share(function ($app) {
|
||||
return new YamlFileLoader($app['config.locator']);
|
||||
};
|
||||
});
|
||||
|
||||
$app['routes'] = $app->extend('routes', function ($routes, $app) {
|
||||
$routes->addCollection($app['routing.loader']->load($app['routing.file']));
|
||||
|
|
|
@ -12,10 +12,10 @@ $app->extend('twig', function ($twig, $app) {
|
|||
return $twig;
|
||||
});
|
||||
|
||||
$app['geshi'] = function ($app) {
|
||||
$app['geshi'] = $app->share(function ($app) {
|
||||
$geshi = new GeSHi();
|
||||
$geshi->enable_classes();
|
||||
$geshi->enable_line_numbers(GESHI_NORMAL_LINE_NUMBERS);
|
||||
|
||||
return $geshi;
|
||||
};
|
||||
});
|
||||
|
|
|
@ -5,14 +5,14 @@ use Gist\Service\GistService;
|
|||
|
||||
$app['gist_path'] = $app['root_path'].'/data/git';
|
||||
|
||||
$app['git_wrapper'] = function ($app) {
|
||||
$app['git_wrapper'] = $app->share(function ($app) {
|
||||
return new GitWrapper('/usr/bin/git');
|
||||
};
|
||||
});
|
||||
|
||||
$app['git_working_copy'] = function ($app) {
|
||||
$app['git_working_copy'] = $app->share(function ($app) {
|
||||
return $app['git_wrapper']->init($app['gist_path']);
|
||||
};
|
||||
});
|
||||
|
||||
$app['gist'] = function ($app) {
|
||||
$app['gist'] = $app->share(function ($app) {
|
||||
return new GistService($app['gist_path'], $app['git_wrapper'], $app['git_working_copy'], $app['geshi']);
|
||||
};
|
||||
});
|
||||
|
|
|
@ -2,6 +2,6 @@
|
|||
|
||||
use Gist\Api\Client;
|
||||
|
||||
$app['api_client'] = function ($app) {
|
||||
$app['api_client'] = $app->share(function ($app) {
|
||||
return new Client(['base_uri' => 'https://gist.deblan.org/']);
|
||||
};
|
||||
});
|
||||
|
|
|
@ -35,12 +35,10 @@ _login:
|
|||
defaults: {_controller: Gist\Controller\LoginController::loginAction, _locale: en}
|
||||
|
||||
_login_check:
|
||||
path: /my/login_check
|
||||
defaults: {_locale: en}
|
||||
path: /login_check
|
||||
|
||||
_logout:
|
||||
path: /my/logout
|
||||
defaults: {_locale: en}
|
||||
path: /logout
|
||||
|
||||
my:
|
||||
path: /my
|
||||
|
|
|
@ -7,6 +7,15 @@ app:
|
|||
title: 'Home'
|
||||
about:
|
||||
title: 'About'
|
||||
my:
|
||||
login:
|
||||
title: 'Login'
|
||||
logout:
|
||||
title: 'Logout'
|
||||
register:
|
||||
title: 'Register'
|
||||
my:
|
||||
title: 'Account'
|
||||
|
||||
gist:
|
||||
untitled: 'Untitled'
|
||||
|
|
|
@ -7,6 +7,15 @@ app:
|
|||
title: 'Accueil'
|
||||
about:
|
||||
title: 'À propos'
|
||||
my:
|
||||
login:
|
||||
title: 'Connexion'
|
||||
logout:
|
||||
title: 'Déconnexion'
|
||||
register:
|
||||
title: 'S''inscrire'
|
||||
my:
|
||||
title: 'Mon compte'
|
||||
|
||||
gist:
|
||||
untitled: 'Sans titre'
|
||||
|
|
|
@ -6,6 +6,7 @@ use Silex\Application;
|
|||
use Gist\Model\Gist;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Gist\Model\GistQuery;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
/**
|
||||
* Class Controller
|
||||
|
@ -15,9 +16,15 @@ class Controller
|
|||
{
|
||||
protected function notFoundResponse(Application $app)
|
||||
{
|
||||
return $app['twig']->render('View/notFound.html.twig');
|
||||
return new Response(
|
||||
$app['twig']->render(
|
||||
'View/notFound.html.twig',
|
||||
[]
|
||||
),
|
||||
404
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
protected function getViewOptions(Request $request, Application $app, $gist, $commit)
|
||||
{
|
||||
$gist = GistQuery::create()->findOneByFile($gist);
|
||||
|
@ -64,4 +71,28 @@ class Controller
|
|||
|
||||
return $app['gist']->getContent($gist, $commit);
|
||||
}
|
||||
|
||||
public function getUser(Application $app)
|
||||
{
|
||||
$securityContext = $app['security'];
|
||||
$securityToken = $securityContext->getToken();
|
||||
|
||||
if (!$securityToken) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return $securityToken->getUser();
|
||||
}
|
||||
|
||||
public function render($template, array $params, Application $app)
|
||||
{
|
||||
if (!isset($params['user'])) {
|
||||
$params['user'] = $this->getUser($app);
|
||||
}
|
||||
|
||||
return $app['twig']->render(
|
||||
$template,
|
||||
$params
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -34,12 +34,13 @@ class EditController extends Controller
|
|||
}
|
||||
}
|
||||
|
||||
return $app['twig']->render(
|
||||
return $this->render(
|
||||
'Edit/index.html.twig',
|
||||
array(
|
||||
'gist' => isset($gist) ? $gist : null,
|
||||
'form' => $form->createView(),
|
||||
)
|
||||
),
|
||||
$app
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -80,6 +81,6 @@ class EditController extends Controller
|
|||
|
||||
$viewOptions['form'] = $form->createView();
|
||||
|
||||
return $app['twig']->render('Edit/clone.html.twig', $viewOptions);
|
||||
return $this->render('Edit/clone.html.twig', $viewOptions, $app);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -8,6 +8,7 @@ use Silex\Application;
|
|||
use Gist\Model\User;
|
||||
use Gist\Form\UserRegisterForm;
|
||||
use Gist\Form\UserLoginForm;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
/**
|
||||
* Class LoginController
|
||||
|
@ -17,6 +18,10 @@ class LoginController extends Controller
|
|||
{
|
||||
public function registerAction(Request $request, Application $app)
|
||||
{
|
||||
if (false === $app['enable_registration']) {
|
||||
return new Response('', 403);
|
||||
}
|
||||
|
||||
$user = $app['user.provider']->createUser();
|
||||
|
||||
$form = new UserRegisterForm(
|
||||
|
@ -44,18 +49,23 @@ class LoginController extends Controller
|
|||
}
|
||||
}
|
||||
|
||||
return $app['twig']->render(
|
||||
return $this->render(
|
||||
'Login/register.html.twig',
|
||||
[
|
||||
'form' => $form->createView(),
|
||||
'error' => isset($error) ? $error : '',
|
||||
'success' => isset($success) ? $success : '',
|
||||
]
|
||||
],
|
||||
$app
|
||||
);
|
||||
}
|
||||
|
||||
public function loginAction(Request $request, Application $app)
|
||||
{
|
||||
if (false === $app['enable_login']) {
|
||||
return new Response('', 403);
|
||||
}
|
||||
|
||||
$user = $app['user.provider']->createUser();
|
||||
|
||||
$form = new UserLoginForm(
|
||||
|
@ -67,17 +77,26 @@ class LoginController extends Controller
|
|||
|
||||
$form = $form->build()->getForm();
|
||||
|
||||
if ($request->isMethod('post')) {
|
||||
if ($request->query->get('error')) {
|
||||
$error = $app['translator']->trans('login.login.invalid');
|
||||
}
|
||||
|
||||
return $app['twig']->render(
|
||||
return $this->render(
|
||||
'Login/login.html.twig',
|
||||
[
|
||||
'form' => $form->createView(),
|
||||
'error' => isset($error) ? $error : '',
|
||||
]
|
||||
],
|
||||
$app
|
||||
);
|
||||
}
|
||||
|
||||
public function loginCheckAction()
|
||||
{
|
||||
}
|
||||
|
||||
public function logoutAction()
|
||||
{
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -14,7 +14,8 @@ class MyController extends Controller
|
|||
{
|
||||
public function myAction(Request $request, Application $app)
|
||||
{
|
||||
return 'test';
|
||||
echo '<pre>', var_dump($this->getUser($app)), '</pre>';
|
||||
die;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -19,7 +19,7 @@ class ViewController extends Controller
|
|||
$viewOptions = $this->getViewOptions($request, $app, $gist, $commit);
|
||||
|
||||
if (is_array($viewOptions)) {
|
||||
return $app['twig']->render('View/view.html.twig', $viewOptions);
|
||||
return $this->render('View/view.html.twig', $viewOptions, $app);
|
||||
} else {
|
||||
return $this->notFoundResponse($app);
|
||||
}
|
||||
|
@ -41,7 +41,7 @@ class ViewController extends Controller
|
|||
$viewOptions = $this->getViewOptions($request, $app, $gist, $commit);
|
||||
|
||||
return new Response(
|
||||
$app['twig']->render('View/embedJs.html.twig', $viewOptions),
|
||||
$this->render('View/embedJs.html.twig', $viewOptions, $app),
|
||||
200,
|
||||
array(
|
||||
'Content-Type' => 'text/javascript',
|
||||
|
@ -102,12 +102,13 @@ class ViewController extends Controller
|
|||
return $this->notFoundResponse($app);
|
||||
}
|
||||
|
||||
return $app['twig']->render(
|
||||
return $this->render(
|
||||
'View/revisions.html.twig',
|
||||
array(
|
||||
'gist' => $gist,
|
||||
'history' => $history,
|
||||
)
|
||||
),
|
||||
$app
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -36,6 +36,33 @@
|
|||
{{ 'app.menu.home.title'|trans }}
|
||||
</a>
|
||||
</li>
|
||||
|
||||
{% if user != 'anon.' %}
|
||||
<li>
|
||||
<a href="{{ path('my') }}">
|
||||
{{ 'app.menu.my.my.title'|trans }}
|
||||
</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="{{ path('_logout') }}">
|
||||
{{ 'app.menu.my.logout.title'|trans }}
|
||||
</a>
|
||||
</li>
|
||||
{% elseif app.enable_login %}
|
||||
<li>
|
||||
<a href="{{ path('_login') }}">
|
||||
{{ 'app.menu.my.login.title'|trans }}
|
||||
</a>
|
||||
</li>
|
||||
|
||||
{% if app.enable_registration %}
|
||||
<li>
|
||||
<a href="{{ path('register') }}">
|
||||
{{ 'app.menu.my.register.title'|trans }}
|
||||
</a>
|
||||
</li>
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
<li>
|
||||
<a href="https://gitlab.deblan.org/deblan/gist/src/master/README.md">
|
||||
{{ 'app.menu.about.title'|trans }}
|
||||
|
|
|
@ -10,7 +10,7 @@ use InvalidArgumentException;
|
|||
*/
|
||||
class SaltGenerator
|
||||
{
|
||||
public function generate($length = 64)
|
||||
public function generate($length = 32)
|
||||
{
|
||||
if (!is_numeric($length)) {
|
||||
throw new InvalidArgumentException('Paramter length must be a valid integer.');
|
||||
|
|
|
@ -65,11 +65,11 @@ class UserProvider implements UserProviderInterface
|
|||
|
||||
public function registerUser(User $user, $password)
|
||||
{
|
||||
$user->setSalt($this->saltGenerator->generate(64));
|
||||
$user->setSalt($this->saltGenerator->generate());
|
||||
|
||||
$user
|
||||
->setRoles('ROLE_USER')
|
||||
->setPassword($this->encoder->encodePassword($user, $password))
|
||||
->setPassword($this->encoder->encodePassword($password, $user->getSalt()))
|
||||
->save();
|
||||
|
||||
return $user;
|
||||
|
@ -78,7 +78,7 @@ class UserProvider implements UserProviderInterface
|
|||
public function updateUserPassword(User $user, $password)
|
||||
{
|
||||
$user
|
||||
->setPassword($this->encoder->encodePassword($password))
|
||||
->setPassword($this->encoder->encodePassword($password, $user->getSalt()))
|
||||
->save();
|
||||
|
||||
return $user;
|
||||
|
|
Loading…
Reference in a new issue