/**
* @param string $identification
*/
public function sendResetRequestAction($identification)
{
$person = NULL;
$resetPasswordToken = NULL;
if (empty($identifier)) {
// $response = new Response();
// $response->setType('error');
// $response->setMessage('No username or e-mail address was given!');
// $this->view->assign('value', $response);
} else {
$account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($identifier, 'DefaultProvider');
if ($account !== NULL) {
$person = $account->getParty();
$resetPasswordToken = $this->passwordResetService->generateResetPasswordTokenForParty($person, $this->request);
} else {
$person = $this->userRepository->findByPrimaryElectronicAddress($identifier)->getFirst();
if (is_subclass_of($person, '\\TYPO3\\Party\\Domain\\Model\\AbstractParty')) {
$resetPasswordToken = $this->passwordResetService->generateResetPasswordTokenForParty($person, $this->request);
}
}
if ($resetPasswordToken instanceof ResetToken) {
$this->emitSendResetRequest(array('controllerContext' => $this->controllerContext, 'resetPasswordToken' => $resetPasswordToken->getToken(), 'recipient' => $person, 'properties' => array('recipient' => $person)));
}
$this->request->setFormat('json');
$this->redirect('reset', NULL, NULL, array('identifier' => $identifier));
}
}
/**
* Returns TRUE, if the specified user ($value) does not exist yet.
*
* If at least one error occurred, the result is FALSE.
*
* @param mixed $value The value that should be validated
* @return void
* @throws InvalidSubjectException
*/
protected function isValid($value)
{
$account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($value, 'DefaultProvider');
if ($account instanceof Account) {
$this->addError('There is already a user with the email address.', 1325156008);
}
}
/**
* Executed after the page containing the current element has been submitted
*
* @param \TYPO3\Form\Core\Runtime\FormRuntime $formRuntime
* @param $elementValue raw value of the submitted element
*/
public function onSubmit(\TYPO3\Form\Core\Runtime\FormRuntime $formRuntime, &$elementValue)
{
$isAccountNameTaken = (bool) $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($elementValue, 'DefaultProvider');
if ($isAccountNameTaken) {
$processingRule = $this->getRootForm()->getProcessingRule($this->getIdentifier());
$processingRule->getProcessingMessages()->addError(new \TYPO3\Flow\Error\Error('User name is already taken', 1334768053));
}
$this->requireIfTriggerIsSet($formRuntime);
}
/**
* @Given /^I am logged in as "([^"]*)" with password "([^"]*)"$/
*/
public function iAmLoggedInAsUserWithPassword($username, $password)
{
$user = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($username, 'DefaultProvider');
if (!$user) {
$this->flowContext->iRunTheCommand('roketi.panel:setup:createadminuser --username ' . $username . ' --password ' . $password);
}
$this->visit('/');
$this->fillField('username', $username);
$this->fillField('password', $password);
$this->pressButton('login');
}
/**
* Checks if the given account is already in the account repository
*
* @param \TYPO3\Flow\Security\Account $account
* @return bool
*/
public function doesAccountExist(\TYPO3\Flow\Security\Account $account)
{
$accountIdentifier = $account->getAccountIdentifier();
$authenticationProviderName = $account->getAuthenticationProviderName();
$existingAccount = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($accountIdentifier, $authenticationProviderName);
return $existingAccount !== NULL;
}
/**
* Retrieves an existing user by the given username
*
* @param string $username The username
* @param string $authenticationProviderName Name of the authentication provider to use. Example: "Typo3BackendProvider"
* @return User The user, or null if the user does not exist
* @throws Exception
* @api
*/
public function getUser($username, $authenticationProviderName = null)
{
if ($authenticationProviderName !== null && isset($this->runtimeUserCache['a_' . $authenticationProviderName][$username])) {
return $this->runtimeUserCache['a_' . $authenticationProviderName][$username];
} elseif (isset($this->runtimeUserCache['u_' . $username])) {
return $this->runtimeUserCache['u_' . $username];
}
$account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($username, $authenticationProviderName ?: $this->defaultAuthenticationProviderName);
if (!$account instanceof Account) {
return null;
}
$user = $this->partyService->getAssignedPartyOfAccount($account);
if (!$user instanceof User) {
throw new Exception(sprintf('Unexpected user type "%s". An account with the identifier "%s" exists, but the corresponding party is not a Neos User.', get_class($user), $username), 1422270948);
}
if ($authenticationProviderName !== null) {
if (!isset($this->runtimeUserCache['a_' . $authenticationProviderName])) {
$this->runtimeUserCache['a_' . $authenticationProviderName] = [];
}
$this->runtimeUserCache['a_' . $authenticationProviderName][$username] = $user;
} else {
$this->runtimeUserCache['u_' . $username] = $user;
}
return $user;
}
/**
* @param mixed $value The value that should be validated
* @return void
* @throws \TYPO3\Flow\Validation\Exception\InvalidSubjectException
*/
protected function isValid($value)
{
if (!is_array($value)) {
throw new \TYPO3\Flow\Validation\Exception\InvalidSubjectException('The given account identifier was not a string.', 1325155784);
}
if (empty($value['new'])) {
$this->addError('This property is required', 1354192543);
}
$account = null;
if ($value['new'] != $value['old']) {
$account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($value['new'], 'defaultProvider');
}
if ($account != null) {
$this->addError('The username is already in use.', 9994);
}
}
/**
* Tries to authenticate the given token. Sets isAuthenticated to TRUE if authentication succeeded.
*
* @param \TYPO3\Flow\Security\Authentication\TokenInterface $authenticationToken The token to be authenticated
* @throws \TYPO3\Flow\Security\Exception\UnsupportedAuthenticationTokenException
* @return void
*/
public function authenticate(\TYPO3\Flow\Security\Authentication\TokenInterface $authenticationToken)
{
if (!$authenticationToken instanceof OpauthToken) {
throw new \TYPO3\Flow\Security\Exception\UnsupportedAuthenticationTokenException('This provider cannot authenticate the given token.', 1381598908);
}
$response = $this->opauth->getResponse();
if ($response !== NULL && $response->isAuthenticationSucceeded()) {
$accountIdentifier = $this->accountService->createAccountIdentifier($response);
$authenticationProviderName = $this->name;
$account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($accountIdentifier, $authenticationProviderName);
if ($account !== NULL) {
$authenticationToken->setAccount($account);
$authenticationToken->setAuthenticationStatus(\TYPO3\Flow\Security\Authentication\TokenInterface::AUTHENTICATION_SUCCESSFUL);
}
} else {
$authenticationToken->setAuthenticationStatus(\TYPO3\Flow\Security\Authentication\TokenInterface::NO_CREDENTIALS_GIVEN);
}
}
/**
* Retrieves an existing user by the given username
*
* @param string $username The username
* @param string $authenticationProviderName Name of the authentication provider to use. Example: "Typo3BackendProvider"
* @return User The user, or NULL if the user does not exist
* @throws Exception
* @api
*/
public function getUser($username, $authenticationProviderName = NULL)
{
$account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($username, $authenticationProviderName ?: $this->defaultAuthenticationProviderName);
if (!$account instanceof Account) {
return NULL;
}
$user = $this->partyService->getAssignedPartyOfAccount($account);
if (!$user instanceof User) {
throw new Exception(sprintf('Unexpected user type "%s". An account with the identifier "%s" exists, but the corresponding party is not a Neos User.', get_class($user), $username), 1422270948);
}
return $user;
}
/**
* Set a new password for the given user
*
* @param string $username user to modify
* @param string $password new password
* @param string $authenticationProvider Name of the authentication provider to use for finding the user. Default: "Sandstorm.UserManagement:Login".
* @return void
*/
public function setPasswordCommand($username, $password, $authenticationProvider = 'Sandstorm.UserManagement:Login')
{
// If we're in Neos context, we simply forward the command to the Neos command controller.
if ($this->shouldUseNeosService()) {
$cliRequest = new Request($this->request);
$cliRequest->setControllerObjectName(UserCommandController::class);
$cliRequest->setControllerCommandName('setPassword');
$cliRequest->setArguments(['username' => $username, 'password' => $password, 'authenticationProvider' => $authenticationProvider]);
$cliResponse = new Response($this->response);
$this->dispatcher->dispatch($cliRequest, $cliResponse);
$this->quit(0);
}
// Otherwise, we use our own logic.
$account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($username, $authenticationProvider);
if ($account === null) {
$this->outputLine('The user <b>' . $username . '</b> could not be found with auth provider <b>' . $authenticationProvider . '</b>.');
$this->quit(1);
}
$encrypted = $this->hashService->hashPassword($password);
$account->setCredentialsSource($encrypted);
$this->accountRepository->update($account);
$this->outputLine('Password for user <b>' . $username . '</b> changed.');
}
/**
* @param string $password,
* @param string $passwordconfirm
* @param string $code
* @return string|void
*/
public function changePasswordAction($password = NULL, $passwordconfirm = NULL, $code = NULL)
{
if ($code !== NULL) {
$cryptJson = $code;
$cryptKey = md5($this->providerName);
$uncryptJson = base64_decode($cryptJson);
$uncryptJson = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $cryptKey, $uncryptJson, MCRYPT_MODE_CBC, md5($cryptKey));
$uncryptJson = rtrim($uncryptJson, "");
$json = json_decode($uncryptJson);
} else {
$json = NULL;
}
$this->view->assign('code', $code);
// @TODO Check if User has random number
if ($json != NULL) {
if ($this->time->getTimestamp() - $json->date > 86400) {
$this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error($this->translator->translateById('login.messages.registration.not_valid', array(), NULL, NULL, 'Main', 'Incvisio.LostFound')));
$this->redirect('index', 'Standard', NULL, array());
} else {
$account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($json->username, $this->providerName);
if ($password == $passwordconfirm && $password !== NULL) {
$account->setExpirationDate(NULL);
$account->setCredentialsSource($this->hashService->hashPassword($password, 'default'));
$this->accountRepository->update($account);
$this->flashMessageContainer->addMessage(new Message($this->translator->translateById('login.login.update', array(), NULL, NULL, 'Main', 'Incvisio.LostFound')));
$this->redirect('index', 'Standard', NULL, array());
} else {
if ($password !== NULL) {
$this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error("Sorry"));
}
}
}
} else {
$this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error($this->translator->translateById('login.messages.registration.not_valid', array(), NULL, NULL, 'Main', 'Incvisio.LostFound')));
$this->redirect('index', 'Standard', NULL, array());
}
}
