/** * @param string $identification */ public function sendResetRequestAction($identification) { $person = NULL; $resetPasswordToken = NULL; if (empty($identifier)) { // $response = new Response(); // $response->setType('error'); // $response->setMessage('No username or e-mail address was given!'); // $this->view->assign('value', $response); } else { $account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($identifier, 'DefaultProvider'); if ($account !== NULL) { $person = $account->getParty(); $resetPasswordToken = $this->passwordResetService->generateResetPasswordTokenForParty($person, $this->request); } else { $person = $this->userRepository->findByPrimaryElectronicAddress($identifier)->getFirst(); if (is_subclass_of($person, '\\TYPO3\\Party\\Domain\\Model\\AbstractParty')) { $resetPasswordToken = $this->passwordResetService->generateResetPasswordTokenForParty($person, $this->request); } } if ($resetPasswordToken instanceof ResetToken) { $this->emitSendResetRequest(array('controllerContext' => $this->controllerContext, 'resetPasswordToken' => $resetPasswordToken->getToken(), 'recipient' => $person, 'properties' => array('recipient' => $person))); } $this->request->setFormat('json'); $this->redirect('reset', NULL, NULL, array('identifier' => $identifier)); } }
/** * Returns TRUE, if the specified user ($value) does not exist yet. * * If at least one error occurred, the result is FALSE. * * @param mixed $value The value that should be validated * @return void * @throws InvalidSubjectException */ protected function isValid($value) { $account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($value, 'DefaultProvider'); if ($account instanceof Account) { $this->addError('There is already a user with the email address.', 1325156008); } }
/** * Executed after the page containing the current element has been submitted * * @param \TYPO3\Form\Core\Runtime\FormRuntime $formRuntime * @param $elementValue raw value of the submitted element */ public function onSubmit(\TYPO3\Form\Core\Runtime\FormRuntime $formRuntime, &$elementValue) { $isAccountNameTaken = (bool) $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($elementValue, 'DefaultProvider'); if ($isAccountNameTaken) { $processingRule = $this->getRootForm()->getProcessingRule($this->getIdentifier()); $processingRule->getProcessingMessages()->addError(new \TYPO3\Flow\Error\Error('User name is already taken', 1334768053)); } $this->requireIfTriggerIsSet($formRuntime); }
/** * @Given /^I am logged in as "([^"]*)" with password "([^"]*)"$/ */ public function iAmLoggedInAsUserWithPassword($username, $password) { $user = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($username, 'DefaultProvider'); if (!$user) { $this->flowContext->iRunTheCommand('roketi.panel:setup:createadminuser --username ' . $username . ' --password ' . $password); } $this->visit('/'); $this->fillField('username', $username); $this->fillField('password', $password); $this->pressButton('login'); }
/** * Checks if the given account is already in the account repository * * @param \TYPO3\Flow\Security\Account $account * @return bool */ public function doesAccountExist(\TYPO3\Flow\Security\Account $account) { $accountIdentifier = $account->getAccountIdentifier(); $authenticationProviderName = $account->getAuthenticationProviderName(); $existingAccount = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($accountIdentifier, $authenticationProviderName); return $existingAccount !== NULL; }
/** * Retrieves an existing user by the given username * * @param string $username The username * @param string $authenticationProviderName Name of the authentication provider to use. Example: "Typo3BackendProvider" * @return User The user, or null if the user does not exist * @throws Exception * @api */ public function getUser($username, $authenticationProviderName = null) { if ($authenticationProviderName !== null && isset($this->runtimeUserCache['a_' . $authenticationProviderName][$username])) { return $this->runtimeUserCache['a_' . $authenticationProviderName][$username]; } elseif (isset($this->runtimeUserCache['u_' . $username])) { return $this->runtimeUserCache['u_' . $username]; } $account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($username, $authenticationProviderName ?: $this->defaultAuthenticationProviderName); if (!$account instanceof Account) { return null; } $user = $this->partyService->getAssignedPartyOfAccount($account); if (!$user instanceof User) { throw new Exception(sprintf('Unexpected user type "%s". An account with the identifier "%s" exists, but the corresponding party is not a Neos User.', get_class($user), $username), 1422270948); } if ($authenticationProviderName !== null) { if (!isset($this->runtimeUserCache['a_' . $authenticationProviderName])) { $this->runtimeUserCache['a_' . $authenticationProviderName] = []; } $this->runtimeUserCache['a_' . $authenticationProviderName][$username] = $user; } else { $this->runtimeUserCache['u_' . $username] = $user; } return $user; }
/** * @param mixed $value The value that should be validated * @return void * @throws \TYPO3\Flow\Validation\Exception\InvalidSubjectException */ protected function isValid($value) { if (!is_array($value)) { throw new \TYPO3\Flow\Validation\Exception\InvalidSubjectException('The given account identifier was not a string.', 1325155784); } if (empty($value['new'])) { $this->addError('This property is required', 1354192543); } $account = null; if ($value['new'] != $value['old']) { $account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($value['new'], 'defaultProvider'); } if ($account != null) { $this->addError('The username is already in use.', 9994); } }
/** * Tries to authenticate the given token. Sets isAuthenticated to TRUE if authentication succeeded. * * @param \TYPO3\Flow\Security\Authentication\TokenInterface $authenticationToken The token to be authenticated * @throws \TYPO3\Flow\Security\Exception\UnsupportedAuthenticationTokenException * @return void */ public function authenticate(\TYPO3\Flow\Security\Authentication\TokenInterface $authenticationToken) { if (!$authenticationToken instanceof OpauthToken) { throw new \TYPO3\Flow\Security\Exception\UnsupportedAuthenticationTokenException('This provider cannot authenticate the given token.', 1381598908); } $response = $this->opauth->getResponse(); if ($response !== NULL && $response->isAuthenticationSucceeded()) { $accountIdentifier = $this->accountService->createAccountIdentifier($response); $authenticationProviderName = $this->name; $account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($accountIdentifier, $authenticationProviderName); if ($account !== NULL) { $authenticationToken->setAccount($account); $authenticationToken->setAuthenticationStatus(\TYPO3\Flow\Security\Authentication\TokenInterface::AUTHENTICATION_SUCCESSFUL); } } else { $authenticationToken->setAuthenticationStatus(\TYPO3\Flow\Security\Authentication\TokenInterface::NO_CREDENTIALS_GIVEN); } }
/** * Retrieves an existing user by the given username * * @param string $username The username * @param string $authenticationProviderName Name of the authentication provider to use. Example: "Typo3BackendProvider" * @return User The user, or NULL if the user does not exist * @throws Exception * @api */ public function getUser($username, $authenticationProviderName = NULL) { $account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($username, $authenticationProviderName ?: $this->defaultAuthenticationProviderName); if (!$account instanceof Account) { return NULL; } $user = $this->partyService->getAssignedPartyOfAccount($account); if (!$user instanceof User) { throw new Exception(sprintf('Unexpected user type "%s". An account with the identifier "%s" exists, but the corresponding party is not a Neos User.', get_class($user), $username), 1422270948); } return $user; }
/** * Set a new password for the given user * * @param string $username user to modify * @param string $password new password * @param string $authenticationProvider Name of the authentication provider to use for finding the user. Default: "Sandstorm.UserManagement:Login". * @return void */ public function setPasswordCommand($username, $password, $authenticationProvider = 'Sandstorm.UserManagement:Login') { // If we're in Neos context, we simply forward the command to the Neos command controller. if ($this->shouldUseNeosService()) { $cliRequest = new Request($this->request); $cliRequest->setControllerObjectName(UserCommandController::class); $cliRequest->setControllerCommandName('setPassword'); $cliRequest->setArguments(['username' => $username, 'password' => $password, 'authenticationProvider' => $authenticationProvider]); $cliResponse = new Response($this->response); $this->dispatcher->dispatch($cliRequest, $cliResponse); $this->quit(0); } // Otherwise, we use our own logic. $account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($username, $authenticationProvider); if ($account === null) { $this->outputLine('The user <b>' . $username . '</b> could not be found with auth provider <b>' . $authenticationProvider . '</b>.'); $this->quit(1); } $encrypted = $this->hashService->hashPassword($password); $account->setCredentialsSource($encrypted); $this->accountRepository->update($account); $this->outputLine('Password for user <b>' . $username . '</b> changed.'); }
/** * @param string $password, * @param string $passwordconfirm * @param string $code * @return string|void */ public function changePasswordAction($password = NULL, $passwordconfirm = NULL, $code = NULL) { if ($code !== NULL) { $cryptJson = $code; $cryptKey = md5($this->providerName); $uncryptJson = base64_decode($cryptJson); $uncryptJson = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $cryptKey, $uncryptJson, MCRYPT_MODE_CBC, md5($cryptKey)); $uncryptJson = rtrim($uncryptJson, ""); $json = json_decode($uncryptJson); } else { $json = NULL; } $this->view->assign('code', $code); // @TODO Check if User has random number if ($json != NULL) { if ($this->time->getTimestamp() - $json->date > 86400) { $this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error($this->translator->translateById('login.messages.registration.not_valid', array(), NULL, NULL, 'Main', 'Incvisio.LostFound'))); $this->redirect('index', 'Standard', NULL, array()); } else { $account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($json->username, $this->providerName); if ($password == $passwordconfirm && $password !== NULL) { $account->setExpirationDate(NULL); $account->setCredentialsSource($this->hashService->hashPassword($password, 'default')); $this->accountRepository->update($account); $this->flashMessageContainer->addMessage(new Message($this->translator->translateById('login.login.update', array(), NULL, NULL, 'Main', 'Incvisio.LostFound'))); $this->redirect('index', 'Standard', NULL, array()); } else { if ($password !== NULL) { $this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error("Sorry")); } } } } else { $this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error($this->translator->translateById('login.messages.registration.not_valid', array(), NULL, NULL, 'Main', 'Incvisio.LostFound'))); $this->redirect('index', 'Standard', NULL, array()); } }