/**
* In this method, actually create the user / account.
*
* NOTE: After this method is called, the $registrationFlow is DESTROYED, so you need to store all attributes
* in your object as you need them.
*
* @param RegistrationFlow $registrationFlow
* @return void
*/
public function createUserAndAccount(RegistrationFlow $registrationFlow)
{
// Create the account
$account = new Account();
$account->setAccountIdentifier($registrationFlow->getEmail());
$account->setCredentialsSource($registrationFlow->getEncryptedPassword());
$account->setAuthenticationProviderName('Sandstorm.UserManagement:Login');
// Assign pre-configured roles
foreach ($this->rolesForNewUsers as $roleString) {
$account->addRole(new Role($roleString));
}
// Create the user
$user = new User();
$user->setAccount($account);
$user->setEmail($registrationFlow->getEmail());
if (array_key_exists('salutation', $registrationFlow->getAttributes())) {
$user->setGender($registrationFlow->getAttributes()['salutation']);
}
if (array_key_exists('firstName', $registrationFlow->getAttributes())) {
$user->setFirstName($registrationFlow->getAttributes()['firstName']);
}
if (array_key_exists('lastName', $registrationFlow->getAttributes())) {
$user->setLastName($registrationFlow->getAttributes()['lastName']);
}
// Persist user
$this->userRepository->add($user);
$this->persistenceManager->whitelistObject($user);
$this->persistenceManager->whitelistObject($account);
}
/**
* @param string $newPassword
* @param \TYPO3\Flow\Security\Cryptography\HashService $hashService
* @throws \InvalidArgumentException
*/
public function changePassword($newPassword, $hashService)
{
$newPassword = trim($newPassword);
if (empty($newPassword)) {
throw new \InvalidArgumentException('Password must be set.');
}
$this->edits++;
$this->login->setCredentialsSource($hashService->hashPassword($newPassword, 'default'));
}
/**
* Creates a new account and sets the given password and roles
*
* @param string $identifier Identifier of the account, must be unique
* @param string $password The clear text password
* @param array $roleIdentifiers Optionally an array of role identifiers to assign to the new account
* @param string $authenticationProviderName Optional name of the authentication provider the account is affiliated with
* @param string $passwordHashingStrategy Optional password hashing strategy to use for the password
* @return Account A new account, not yet added to the account repository
*/
public function createAccountWithPassword($identifier, $password, $roleIdentifiers = [], $authenticationProviderName = 'DefaultProvider', $passwordHashingStrategy = 'default')
{
$account = new Account();
$account->setAccountIdentifier($identifier);
$account->setCredentialsSource($this->hashService->hashPassword($password, $passwordHashingStrategy));
$account->setAuthenticationProviderName($authenticationProviderName);
$roles = [];
foreach ($roleIdentifiers as $roleIdentifier) {
$roles[] = $this->policyService->getRole($roleIdentifier);
}
$account->setRoles($roles);
return $account;
}
/**
* In this method, actually create the user / account.
*
* NOTE: After this method is called, the $registrationFlow is DESTROYED, so you need to store all attributes
* in your object as you need them.
*
* @param RegistrationFlow $registrationFlow
* @return void
*/
public function createUserAndAccount(RegistrationFlow $registrationFlow)
{
// Create the account
$account = new Account();
$account->setAccountIdentifier($registrationFlow->getEmail());
$account->setCredentialsSource($registrationFlow->getEncryptedPassword());
$account->setAuthenticationProviderName('Sandstorm.UserManagement:Login');
// Assign preconfigured roles
foreach ($this->rolesForNewUsers as $roleString) {
$account->addRole(new Role($roleString));
}
// Create the user
$user = new User();
$name = new PersonName('', $registrationFlow->getAttributes()['firstName'], '', $registrationFlow->getAttributes()['lastName'], '', $registrationFlow->getEmail());
$user->setName($name);
// Assign them to each other and persist
$this->getPartyService()->assignAccountToParty($account, $user);
$this->getPartyRepository()->add($user);
$this->accountRepository->add($account);
$this->persistenceManager->whitelistObject($user);
$this->persistenceManager->whitelistObject($user->getPreferences());
$this->persistenceManager->whitelistObject($name);
$this->persistenceManager->whitelistObject($account);
}
/**
* @param array $userdata
* @return Account
*/
protected function createAccount(array $userdata)
{
if (!isset($userdata['username'])) {
return;
}
$account = new Account();
$account->setCredentialsSource('typo3.org SSO');
$account->setAuthenticationProviderName($this->name);
$account->setRoles(array($this->policyService->getRole('T3DD.Backend:Authenticated')));
$account->setAccountIdentifier($userdata['username']);
$person = new Person();
$this->partyRepository->add($person);
$this->partyService->assignAccountToParty($account, $person);
$this->updatePerson($person, $userdata);
$this->accountRepository->add($account);
$this->persistenceManager->persistAll();
return $account;
}
/**
* Set a new password for the given account
*
* This allows for setting a new password for an existing user account.
*
* @param Account $account
* @param $password
* @param string $passwordHashingStrategy
*
* @return boolean
*/
public function resetPassword(Account $account, $password, $passwordHashingStrategy = 'default')
{
$account->setCredentialsSource($this->hashService->hashPassword($password, $passwordHashingStrategy));
$this->accountRepository->update($account);
return TRUE;
}
/**
* Sends an email to a user with the new password
*
* @param \TYPO3\Flow\Security\Account $account
* @param array $settings
* @param string $newEnteredPassword
* @return boolean $success
*/
public function sendMail(Account $account, $settings, $newEnteredPassword = NULL)
{
if ($newEnteredPassword !== NULL) {
$newPassword = $newEnteredPassword;
} else {
$newPassword = $this->algorithms->generateRandomString(10);
$account->setCredentialsSource($this->hashService->hashPassword($newPassword, 'default'));
$this->accountRepository->update($account);
}
// @TODO: Localize the email format
$mailBody[] = 'Dear %1$s';
$mailBody[] = '';
$mailBody[] = 'Your password for First Visit.';
$mailBody[] = 'The password is %2$s';
$mailBody[] = '';
$mailBody[] = 'If you haven\'t requested this information, please change your password at once';
$mailBody[] = 'as others might be able to access your account';
$success = FALSE;
$message = new SwiftMessage();
if ($message->setTo(array($account->getAccountIdentifier() => $account->getParty()->getName()))->setFrom(array($settings['PasswordRecovery']['Sender']['Email'] => $settings['PasswordRecovery']['Sender']['Name']))->setSubject($settings['PasswordRecovery']['Subject'])->setBody(vsprintf(implode(PHP_EOL, $mailBody), array($account->getParty()->getName(), $newPassword)))->send()) {
$success = TRUE;
}
return $success;
}
/**
* {@inheritDoc}
*/
public function setCredentialsSource($credentialsSource)
{
$this->__initializer__ && $this->__initializer__->__invoke($this, 'setCredentialsSource', array($credentialsSource));
return parent::setCredentialsSource($credentialsSource);
}
