/** * @param Request $request * @param PhraseaApplication $app * @return RedirectResponse|null */ public function redirectOnLogRequests(Request $request, PhraseaApplication $app) { if (!$request->query->has('LOG')) { return null; } if ($app->getAuthenticator()->isAuthenticated()) { $app->getAuthenticator()->closeAccount(); } if (null === ($token = $app['repo.tokens']->findValidToken($request->query->get('LOG')))) { $app->addFlash('error', $app->trans('The URL you used is out of date, please login')); return $app->redirectPath('homepage'); } /** @var Token $token */ $app->getAuthenticator()->openAccount($token->getUser()); switch ($token->getType()) { case TokenManipulator::TYPE_FEED_ENTRY: return $app->redirectPath('lightbox_feed_entry', ['entry_id' => $token->getData()]); case TokenManipulator::TYPE_VALIDATE: case TokenManipulator::TYPE_VIEW: return $app->redirectPath('lightbox_validation', ['basket' => $token->getData()]); } return null; }
/** * @expectedException \Alchemy\Phrasea\Exception\InvalidArgumentException */ public function testAddSetFlashWithInvalidArgument() { $app = new Application(Application::ENV_TEST); $app->addFlash('caution', 'BAMBA'); }
private function doAuthentication(PhraseaApplication $app, Request $request, FormInterface $form, $redirector) { if (!is_callable($redirector)) { throw new InvalidArgumentException('Redirector should be callable'); } $context = new Context(Context::CONTEXT_NATIVE); $app['dispatcher']->dispatch(PhraseaEvents::PRE_AUTHENTICATE, new PreAuthenticate($request, $context)); $form->bind($request); if (!$form->isValid()) { $app->addFlash('error', $app->trans('An unexpected error occured during authentication process, please contact an admin')); throw new AuthenticationException(call_user_func($redirector)); } $params = []; if (null !== ($redirect = $request->get('redirect'))) { $params['redirect'] = ltrim($redirect, '/'); } try { $usr_id = $app['auth.native']->getUsrId($request->request->get('login'), $request->request->get('password'), $request); } catch (RequireCaptchaException $e) { $app->requireCaptcha(); $app->addFlash('warning', $app->trans('Please fill the captcha')); throw new AuthenticationException(call_user_func($redirector, $params)); } catch (AccountLockedException $e) { $app->addFlash('warning', $app->trans('login::erreur: Vous n\'avez pas confirme votre email')); $app->addUnlockAccountData($e->getUsrId()); throw new AuthenticationException(call_user_func($redirector, $params)); } if (null === $usr_id) { $app['session']->getFlashBag()->set('error', $app->trans('login::erreur: Erreur d\'authentification')); throw new AuthenticationException(call_user_func($redirector, $params)); } $user = $app['manipulator.user']->getRepository()->find($usr_id); $session = $this->postAuthProcess($app, $user); $response = $this->generateAuthResponse($app, $app['browser'], $request->request->get('redirect')); $response->headers->clearCookie('invite-usr-id'); if ($request->cookies->has('postlog') && $request->cookies->get('postlog') == '1') { if (!$user->isGuest() && $request->cookies->has('invite-usr_id')) { if ($user->getId() != ($inviteUsrId = $request->cookies->get('invite-usr_id'))) { $repo = $app['EM']->getRepository('Phraseanet:Basket'); $baskets = $repo->findBy(['usr_id' => $inviteUsrId]); foreach ($baskets as $basket) { $basket->setUser($user); $app['EM']->persist($basket); } } } } if ($request->request->get('remember-me') == '1') { $nonce = \random::generatePassword(16); $string = $app['browser']->getBrowser() . '_' . $app['browser']->getPlatform(); $token = $app['auth.password-encoder']->encodePassword($string, $nonce); $session->setToken($token)->setNonce($nonce); $response->headers->setCookie(new Cookie('persistent', $token)); $app['EM']->persist($session); $app['EM']->flush(); } $event = new PostAuthenticate($request, $response, $user, $context); $app['dispatcher']->dispatch(PhraseaEvents::POST_AUTHENTICATE, $event); return $event->getResponse(); }
/** * Reset Email * * @param Application $app * @param Request $request * @return RedirectResponse */ public function resetEmail(PhraseaApplication $app, Request $request) { if (null === ($password = $request->request->get('form_password')) || null === ($email = $request->request->get('form_email')) || null === ($emailConfirm = $request->request->get('form_email_confirm'))) { $app->abort(400, $app->trans('Could not perform request, please contact an administrator.')); } $user = $app['authentication']->getUser(); if (!$app['auth.password-encoder']->isPasswordValid($user->getPassword(), $password, $user->getNonce())) { $app->addFlash('error', $app->trans('admin::compte-utilisateur:ftp: Le mot de passe est errone')); return $app->redirectPath('account_reset_email'); } if (!\Swift_Validate::email($email)) { $app->addFlash('error', $app->trans('forms::l\'email semble invalide')); return $app->redirectPath('account_reset_email'); } if ($email !== $emailConfirm) { $app->addFlash('error', $app->trans('forms::les emails ne correspondent pas')); return $app->redirectPath('account_reset_email'); } $date = new \DateTime('1 day'); $token = $app['tokens']->getUrlToken(\random::TYPE_EMAIL, $app['authentication']->getUser()->getId(), $date, $app['authentication']->getUser()->getEmail()); $url = $app->url('account_reset_email', ['token' => $token]); try { $receiver = Receiver::fromUser($app['authentication']->getUser()); } catch (InvalidArgumentException $e) { $app->addFlash('error', $app->trans('phraseanet::erreur: echec du serveur de mail')); return $app->redirectPath('account_reset_email'); } $mail = MailRequestEmailUpdate::create($app, $receiver, null); $mail->setButtonUrl($url); $mail->setExpiration($date); $app['notification.deliverer']->deliver($mail); $app->addFlash('info', $app->trans('admin::compte-utilisateur un email de confirmation vient de vous etre envoye. Veuillez suivre les instructions contenue pour continuer')); return $app->redirectPath('account'); }