wamo/gnu-social
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[CONTROLLER][SECURITY] Registration feedback. The flashError works. However, Symfony's Exception error page is viewed upon trying to register.

Browse Source
This commit is contained in:
Eliseu Amaro 2021-09-15 00:25:16 +01:00
parent efafc9f7eb
commit 26af284353
4 changed files with 116 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
src/Controller/Security.php
View File

@ -5,6 +5,13 @@ namespace App\Controller;
use App\Core\Controller;
use App\Core\DB\DB;
use App\Core\Form;
use App\Util\Exception\DuplicateFoundException;
use App\Util\Exception\NicknameEmptyException;
use App\Util\Exception\NicknameReservedException;
use App\Util\Exception\NicknameTooLongException;
use App\Util\Exception\NicknameTooShortException;
use App\Util\Exception\NotImplementedException;
use Symfony\Component\HttpFoundation\Response;
use function App\Core\I18n\_m;
use App\Core\Log;
use App\Core\VisibilityScope;
@ -62,13 +69,29 @@ class Security extends Controller
throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
}
/**
*
* Register a user, making sure the nickname is not reserved and
* possibly sending a confirmation email
*
* @param Request $request
* @param GuardAuthenticatorHandler $guard_handler
* @param Authenticator $authenticator
* @return array|Response|null
* @throws EmailTakenException
* @throws NicknameTakenException
* @throws ServerException
* @throws DuplicateFoundException
* @throws NicknameEmptyException
* @throws NicknameReservedException
* @throws NicknameTooLongException
* @throws NicknameTooShortException
* @throws NotImplementedException
*/
public function register(Request $request,
public function register(Request $request,
GuardAuthenticatorHandler $guard_handler,
Authenticator $authenticator)
Authenticator $authenticator)
{
$form = Form::create([
['nickname', TextType::class, [
@ -84,6 +107,7 @@ class Security extends Controller
],
'block_name' => 'nickname',
'label_attr' => ['class' => 'section-form-label'],
'invalid_message' => _m('Nickname not valid. Please provide a valid nickname.'),
]],
['email', EmailType::class, [
'label' => _m('Email'),
@ -91,6 +115,7 @@ class Security extends Controller
'constraints' => [ new NotBlank(['message' => _m('Please enter an email') ])],
'block_name' => 'email',
'label_attr' => ['class' => 'section-form-label'],
'invalid_message' => _m('Email not valid. Please provide a valid email.'),
]],
FormFields::repeated_password(),
['register', SubmitType::class, ['label' => _m('Register')]],
@ -105,10 +130,15 @@ class Security extends Controller
// This will throw the appropriate errors, result ignored
$user = LocalUser::findByNicknameOrEmail($data['nickname'], $data['email']);
if ($user !== null) {
// If we do find something, there's a duplicate
if ($user->getNickname() == $data['nickname']) {
if ($user->getNickname() === $data['nickname']) {
// Register page feedback on nickname already in use
$this->addFlash("verify_nickname_error", _m('Nickname is already in use on this server.'));
throw new NicknameTakenException;
} else {
// Register page feedback on email already in use
$this->addFlash("verify_email_error", _m('Email is already taken.'));
throw new EmailTakenException;
}
}

92
templates/security/login.html.twig
View File

@ -8,54 +8,58 @@
{% block title %}{{ "Log in!" | trans }}{% endblock %}
{% block body %}
<div class='content'>
<section class="section-widget">
<form class="section-form" method="post">
<fieldset>
<legend class="section-form-legend"><h1>{{ "Login" | trans }}</h1></legend>
<section class="section-widget">
<form class="section-form" method="post">
<fieldset>
<legend class="section-form-legend">{{ "Login" | trans }}</legend>
{% if error %}
<ul>
{% for flashError in app.flashes('verify_email_error') %}
<li class="alert alert-danger">{{ error.messageKey | trans(error.messageData, 'security') }}</li>
{% endfor %}
</ul>
{% endif %}
{% if error %}
{% if app.user %}
<h1 class="mb-3">
{{ "You are logged in as" | trans }} {{ app.user.username }}.
<button class="btn btn-lg btn-primary">
<a href="{{ path('app_logout') }}">{{ "Logout" | trans }}</a>
</button>
</h1>
{% else %}
{# TODO: Login can be done with email, so the id's and stuff should reflect that, along with using the translation facilities #}
<div>
<label class="section-form-label" for="inputNickname">{{ "Nickname or Email" | trans }}</label>
<input type="text" value="{{ last_login_id }}" name="nickname" id="inputNickname" class="form-control" required autofocus>
<p class="help-text">{{ "Your nickname." | trans }}</p>
</div>
<div>
<label class="section-form-label" for="inputPassword">{{ "Password" | trans }}</label>
<input type="password" name="password" id="inputPassword" class="form-control" required>
<p class="help-text">{{ "Your account's password." | trans }}</p>
</div>
<ul>
{% for flashError in app.flashes('verify_email_error') %}
<li class="alert alert-danger">{{ error.messageKey | trans(error.messageData, 'security') }}</li>
{% endfor %}
</ul>
<span class="checkbox mb-3">
<label>{{ "Remember me" | trans }}</label>
<input type="checkbox" name="_remember_me">
</span>
{% endif %}
<div>
<button class="btn btn-lg btn-primary" type="submit">Sign in</button>
</div>
<input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
{% endif %}
</fieldset>
</form>
</section>
</div>
{% if app.user %}
<h1 class="mb-3">
{{ "You are logged in as" | trans }} {{ app.user.username }}.
<button class="btn btn-lg btn-primary">
<a href="{{ path('app_logout') }}">{{ "Logout" | trans }}</a>
</button>
</h1>
{% else %}
{# TODO: Login can be done with email, so the id's and stuff should reflect that, along with using the translation facilities #}
<div class="form-group">
<label class="section-form-label" for="inputNickname">{{ "Nickname or Email" | trans }}</label>
<input type="text" value="{{ last_login_id }}" name="nickname" id="inputNickname" class="form-control" required autofocus>
<p class="help-text">{{ "Your nickname." | trans }}</p>
</div>
<div class="form-group">
<label class="section-form-label" for="inputPassword">{{ "Password" | trans }}</label>
<input type="password" name="password" id="inputPassword" class="form-control" required>
<p class="help-text">{{ "Your account's password." | trans }}</p>
</div>
<span class="checkbox mb-3">
<input type="checkbox" name="_remember_me">
<label>{{ "Remember me" | trans }}</label>
</span>
<div>
<button class="btn btn-lg btn-primary" type="submit">Sign in</button>
</div>
<input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
{% endif %}
</fieldset>
</form>
</section>
{% endblock body %}
{% block javascripts %}{% endblock %}

46
templates/security/register.html.twig
View File

@ -8,29 +8,31 @@
{% block title %}Register{% endblock %}
{% block body %}
<div class='content'>
<div class="section-container">
<section class="section-widget">
{{ form_start(registration_form) }}
<fieldset class="section-form">
<legend class="section-form-legend">
<h1>{{ "Register a new account" | trans }}</h1>
</legend>
<ul>
{% for flashError in app.flashes('verify_email_error') %}
<li class="alert alert-danger" role="alert">{{ flashError }}</li>
{% endfor %}
</ul>
{{ form_row(registration_form.nickname) }}
{{ form_row(registration_form.email) }}
{{ form_row(registration_form.password) }}
{{ form_row(registration_form.register) }}
</fieldset>
{{ form_end(registration_form) }}
</section>
</div>
<section class="section-widget">
</div>
<form class="section-form" method="post">
{{ form_start(registration_form) }}
<fieldset>
<legend class="section-form-legend">{{ "Register" | trans }}</legend>
<ul>
{% for flashError in app.flashes('verify_email_error') %}
<li class="alert alert-danger" role="alert">{{ flashError }}</li>
{% endfor %}
{% for flashError in app.flashes('verify_nickname_error') %}
<li class="alert alert-danger" role="alert">{{ flashError }}</li>
{% endfor %}
</ul>
{{ form_row(registration_form.nickname) }}
{{ form_row(registration_form.email) }}
{{ form_row(registration_form.password) }}
{{ form_row(registration_form.register) }}
</fieldset>
{{ form_end(registration_form) }}
</form>
</section>
{% endblock body %}
{% block javascripts %}{% endblock %}

20
templates/sidepanel/right/right.html.twig
View File

@ -18,21 +18,23 @@
</details>
<div class="section-form">
{{ form_start(post_form) }}
<fieldset>
{{ form_start(post_form) }}
{{ form_row(post_form.to, {'attr': {'class': 'section-form-scope'}}) }}
{{ form_row(post_form.to, {'attr': {'class': 'section-form-scope'}}) }}
{{ form_row(post_form.visibility, {'attr': {'class': 'section-form-scope'}}) }}
{{ form_row(post_form.visibility, {'attr': {'class': 'section-form-scope'}}) }}
{{ form_row(post_form.content, {'attr': {'class': 'section-form-textarea'}}) }}
{{ form_row(post_form.content, {'attr': {'class': 'section-form-textarea'}}) }}
<label for="{{ post_form.attachments.vars.id }}" class="section-form-options">
{{ form_widget(post_form.attachments) }}
</label>
<label for="{{ post_form.attachments.vars.id }}" class="section-form-options">
{{ form_widget(post_form.attachments) }}
</label>
{{ form_row(post_form.post_note, {'attr': {'class': 'section-form-send'}}) }}
{{ form_row(post_form.post_note, {'attr': {'class': 'section-form-send'}}) }}
{{ form_end(post_form) }}
{{ form_end(post_form) }}
</fieldset>
</div>
</section>
{% endif %}