Example #1
0
 /**
  * @param Request            $request
  * @param PhraseaApplication $app
  * @return RedirectResponse|null
  */
 public function redirectOnLogRequests(Request $request, PhraseaApplication $app)
 {
     if (!$request->query->has('LOG')) {
         return null;
     }
     if ($app->getAuthenticator()->isAuthenticated()) {
         $app->getAuthenticator()->closeAccount();
     }
     if (null === ($token = $app['repo.tokens']->findValidToken($request->query->get('LOG')))) {
         $app->addFlash('error', $app->trans('The URL you used is out of date, please login'));
         return $app->redirectPath('homepage');
     }
     /** @var Token $token */
     $app->getAuthenticator()->openAccount($token->getUser());
     switch ($token->getType()) {
         case TokenManipulator::TYPE_FEED_ENTRY:
             return $app->redirectPath('lightbox_feed_entry', ['entry_id' => $token->getData()]);
         case TokenManipulator::TYPE_VALIDATE:
         case TokenManipulator::TYPE_VIEW:
             return $app->redirectPath('lightbox_validation', ['basket' => $token->getData()]);
     }
     return null;
 }
Example #2
0
 /**
  * @expectedException \Alchemy\Phrasea\Exception\InvalidArgumentException
  */
 public function testAddSetFlashWithInvalidArgument()
 {
     $app = new Application(Application::ENV_TEST);
     $app->addFlash('caution', 'BAMBA');
 }
Example #3
0
 private function doAuthentication(PhraseaApplication $app, Request $request, FormInterface $form, $redirector)
 {
     if (!is_callable($redirector)) {
         throw new InvalidArgumentException('Redirector should be callable');
     }
     $context = new Context(Context::CONTEXT_NATIVE);
     $app['dispatcher']->dispatch(PhraseaEvents::PRE_AUTHENTICATE, new PreAuthenticate($request, $context));
     $form->bind($request);
     if (!$form->isValid()) {
         $app->addFlash('error', $app->trans('An unexpected error occured during authentication process, please contact an admin'));
         throw new AuthenticationException(call_user_func($redirector));
     }
     $params = [];
     if (null !== ($redirect = $request->get('redirect'))) {
         $params['redirect'] = ltrim($redirect, '/');
     }
     try {
         $usr_id = $app['auth.native']->getUsrId($request->request->get('login'), $request->request->get('password'), $request);
     } catch (RequireCaptchaException $e) {
         $app->requireCaptcha();
         $app->addFlash('warning', $app->trans('Please fill the captcha'));
         throw new AuthenticationException(call_user_func($redirector, $params));
     } catch (AccountLockedException $e) {
         $app->addFlash('warning', $app->trans('login::erreur: Vous n\'avez pas confirme votre email'));
         $app->addUnlockAccountData($e->getUsrId());
         throw new AuthenticationException(call_user_func($redirector, $params));
     }
     if (null === $usr_id) {
         $app['session']->getFlashBag()->set('error', $app->trans('login::erreur: Erreur d\'authentification'));
         throw new AuthenticationException(call_user_func($redirector, $params));
     }
     $user = $app['manipulator.user']->getRepository()->find($usr_id);
     $session = $this->postAuthProcess($app, $user);
     $response = $this->generateAuthResponse($app, $app['browser'], $request->request->get('redirect'));
     $response->headers->clearCookie('invite-usr-id');
     if ($request->cookies->has('postlog') && $request->cookies->get('postlog') == '1') {
         if (!$user->isGuest() && $request->cookies->has('invite-usr_id')) {
             if ($user->getId() != ($inviteUsrId = $request->cookies->get('invite-usr_id'))) {
                 $repo = $app['EM']->getRepository('Phraseanet:Basket');
                 $baskets = $repo->findBy(['usr_id' => $inviteUsrId]);
                 foreach ($baskets as $basket) {
                     $basket->setUser($user);
                     $app['EM']->persist($basket);
                 }
             }
         }
     }
     if ($request->request->get('remember-me') == '1') {
         $nonce = \random::generatePassword(16);
         $string = $app['browser']->getBrowser() . '_' . $app['browser']->getPlatform();
         $token = $app['auth.password-encoder']->encodePassword($string, $nonce);
         $session->setToken($token)->setNonce($nonce);
         $response->headers->setCookie(new Cookie('persistent', $token));
         $app['EM']->persist($session);
         $app['EM']->flush();
     }
     $event = new PostAuthenticate($request, $response, $user, $context);
     $app['dispatcher']->dispatch(PhraseaEvents::POST_AUTHENTICATE, $event);
     return $event->getResponse();
 }
Example #4
0
 /**
  * Reset Email
  *
  * @param  Application      $app
  * @param  Request          $request
  * @return RedirectResponse
  */
 public function resetEmail(PhraseaApplication $app, Request $request)
 {
     if (null === ($password = $request->request->get('form_password')) || null === ($email = $request->request->get('form_email')) || null === ($emailConfirm = $request->request->get('form_email_confirm'))) {
         $app->abort(400, $app->trans('Could not perform request, please contact an administrator.'));
     }
     $user = $app['authentication']->getUser();
     if (!$app['auth.password-encoder']->isPasswordValid($user->getPassword(), $password, $user->getNonce())) {
         $app->addFlash('error', $app->trans('admin::compte-utilisateur:ftp: Le mot de passe est errone'));
         return $app->redirectPath('account_reset_email');
     }
     if (!\Swift_Validate::email($email)) {
         $app->addFlash('error', $app->trans('forms::l\'email semble invalide'));
         return $app->redirectPath('account_reset_email');
     }
     if ($email !== $emailConfirm) {
         $app->addFlash('error', $app->trans('forms::les emails ne correspondent pas'));
         return $app->redirectPath('account_reset_email');
     }
     $date = new \DateTime('1 day');
     $token = $app['tokens']->getUrlToken(\random::TYPE_EMAIL, $app['authentication']->getUser()->getId(), $date, $app['authentication']->getUser()->getEmail());
     $url = $app->url('account_reset_email', ['token' => $token]);
     try {
         $receiver = Receiver::fromUser($app['authentication']->getUser());
     } catch (InvalidArgumentException $e) {
         $app->addFlash('error', $app->trans('phraseanet::erreur: echec du serveur de mail'));
         return $app->redirectPath('account_reset_email');
     }
     $mail = MailRequestEmailUpdate::create($app, $receiver, null);
     $mail->setButtonUrl($url);
     $mail->setExpiration($date);
     $app['notification.deliverer']->deliver($mail);
     $app->addFlash('info', $app->trans('admin::compte-utilisateur un email de confirmation vient de vous etre envoye. Veuillez suivre les instructions contenue pour continuer'));
     return $app->redirectPath('account');
 }