hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-24 02:13:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix login/logout routes

Browse Source
This commit is contained in:
Romain Neutron
2013-03-06 10:31:21 +01:00
parent 0f07d30304
commit e798618b1b
3 changed files with 173 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

230
lib/Alchemy/Phrasea/Controller/Root/Login.php
View File

@@ -24,6 +24,7 @@ use Alchemy\Phrasea\Notification\Mail\MailSuccessEmailConfirmationRegistered;
use Alchemy\Phrasea\Notification\Mail\MailSuccessEmailConfirmationUnregistered; use Alchemy\Phrasea\Notification\Mail\MailSuccessEmailConfirmationUnregistered;
use Alchemy\Phrasea\Authentication\Exception\RequireCaptchaException; use Alchemy\Phrasea\Authentication\Exception\RequireCaptchaException;
use Alchemy\Phrasea\Authentication\Exception\AccountLockedException; use Alchemy\Phrasea\Authentication\Exception\AccountLockedException;
use Alchemy\Phrasea\Form\Login\PhraseaAuthenticationForm;
use Silex\Application; use Silex\Application;
use Silex\ControllerProviderInterface; use Silex\ControllerProviderInterface;
use Symfony\Component\HttpFoundation\Cookie; use Symfony\Component\HttpFoundation\Cookie;
@@ -31,6 +32,7 @@ use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use Symfony\Component\Validator\Constraints as Assert;
/** /**
* *
@@ -58,6 +60,10 @@ class Login implements ControllerProviderInterface
} }
}); });
$controllers->before(function() use ($app) {
$app['twig.form.templates'] = array('login/common/form_div_layout.html.twig');
});
/** /**
* Login * Login
* *
@@ -275,21 +281,21 @@ class Login implements ControllerProviderInterface
/** /**
* @todo This a route test to display cgus * @todo This a route test to display cgus
*/ */
$controllers->get('/cgus', function(Application $app, Request $request) { $controllers->get('/cgus', function(PhraseaApplication $app, Request $request) {
return $app['twig']->render('login/cgus.html.twig'); return $app['twig']->render('login/cgus.html.twig');
})->bind('login_cgus'); })->bind('login_cgus');
/** /**
* Register classic form * Register classic form
*/ */
$controllers->get('/register-classic', function(Application $app, Request $request) { $controllers->get('/register-classic', function(PhraseaApplication $app, Request $request) {
return $app['twig']->render('login/register-classic.html.twig'); return $app['twig']->render('login/register-classic.html.twig');
})->bind('login_register_classic'); })->bind('login_register_classic');
/** /**
* Register throught providers * Register throught providers
*/ */
$controllers->get('/register-provider', function(Application $app, Request $request) { $controllers->get('/register-provider', function(PhraseaApplication $app, Request $request) {
return $app['twig']->render('login/register-provider.html.twig'); return $app['twig']->render('login/register-provider.html.twig');
})->bind('login_register_provider'); })->bind('login_register_provider');
@@ -303,7 +309,7 @@ class Login implements ControllerProviderInterface
* @param Request $request The current request * @param Request $request The current request
* @return RedirectResponse * @return RedirectResponse
*/ */
public function sendConfirmMail(Application $app, Request $request) public function sendConfirmMail(PhraseaApplication $app, Request $request)
{ {
if (null === $usrId = $request->query->get('usr_id')) { if (null === $usrId = $request->query->get('usr_id')) {
$app->abort(400, sprintf(_('Request to send you the confirmation mail failed, please retry'))); $app->abort(400, sprintf(_('Request to send you the confirmation mail failed, please retry')));
@@ -344,7 +350,7 @@ class Login implements ControllerProviderInterface
* @param Request $request The current request * @param Request $request The current request
* @return RedirectResponse * @return RedirectResponse
*/ */
public function registerConfirm(Application $app, Request $request) public function registerConfirm(PhraseaApplication $app, Request $request)
{ {
if (null === $code = $request->query->get('code')) { if (null === $code = $request->query->get('code')) {
return $app->redirect('/login/?redirect=prod&error=code-not-found'); return $app->redirect('/login/?redirect=prod&error=code-not-found');
@@ -397,7 +403,7 @@ class Login implements ControllerProviderInterface
* @param Request $request The current request * @param Request $request The current request
* @return RedirectResponse * @return RedirectResponse
*/ */
public function renewPassword(Application $app, Request $request) public function renewPassword(PhraseaApplication $app, Request $request)
{ {
if (null !== $mail = $request->request->get('mail')) { if (null !== $mail = $request->request->get('mail')) {
try { try {
@@ -459,7 +465,7 @@ class Login implements ControllerProviderInterface
* @param Request $request The current request * @param Request $request The current request
* @return Response * @return Response
*/ */
public function displayForgotPasswordForm(Application $app, Request $request) public function displayForgotPasswordForm(PhraseaApplication $app, Request $request)
{ {
$tokenize = false; $tokenize = false;
$errorMsg = $request->query->get('error'); $errorMsg = $request->query->get('error');
@@ -515,7 +521,21 @@ class Login implements ControllerProviderInterface
} }
} }
$form = $app['form.factory']->createNamedBuilder('loginForm', 'form')
->add('email', 'email', array(
'label' => _('E-mail'),
'required' => true,
'disabled' => $app['phraseanet.registry']->get('GV_maintenance'),
'constraints' => array(
new Assert\NotBlank(),
new Assert\Email(),
),
))
->getForm();
return $app['twig']->render('login/forgot-password.html.twig', array( return $app['twig']->render('login/forgot-password.html.twig', array(
'login' => new \login(),
'form' => $form->createView(),
'tokenize' => $tokenize, 'tokenize' => $tokenize,
'passwordMsg' => $passwordMsg, 'passwordMsg' => $passwordMsg,
'errorMsg' => $errorMsg, 'errorMsg' => $errorMsg,
@@ -530,7 +550,7 @@ class Login implements ControllerProviderInterface
* @param Request $request The current request * @param Request $request The current request
* @return Response * @return Response
*/ */
public function displayRegisterForm(Application $app, Request $request) public function displayRegisterForm(PhraseaApplication $app, Request $request)
{ {
$captchaSys = ''; $captchaSys = '';
@@ -610,7 +630,7 @@ class Login implements ControllerProviderInterface
* @param Request $request The current request * @param Request $request The current request
* @return RedirectResponse * @return RedirectResponse
*/ */
public function register(Application $app, Request $request) public function register(PhraseaApplication $app, Request $request)
{ {
$captchaOK = true; $captchaOK = true;
@@ -798,12 +818,13 @@ class Login implements ControllerProviderInterface
public function logout(PhraseaApplication $app, Request $request) public function logout(PhraseaApplication $app, Request $request)
{ {
$app['dispatcher']->dispatch(PhraseaEvents::LOGOUT, new LogoutEvent($app)); $app['dispatcher']->dispatch(PhraseaEvents::LOGOUT, new LogoutEvent($app));
$app['authentication']->closeAccount(); $app['authentication']->closeAccount();
$appRedirect = $request->query->get("app"); $app->addFlash('notice', 'Vous etes maintenant deconnecte. A bientot.');
$response = new RedirectResponse("/login/?logged_out=user" . ($appRedirect ? sprintf("&redirect=%s", ltrim($appRedirect, '/')) : "")); $response = new RedirectResponse($app->path('root', array(
'redirect' => $request->query->get("redirect")
)));
$response->headers->removeCookie('persistent'); $response->headers->removeCookie('persistent');
$response->headers->removeCookie('last_act'); $response->headers->removeCookie('last_act');
@@ -819,107 +840,101 @@ class Login implements ControllerProviderInterface
* @param Request $request The current request * @param Request $request The current request
* @return Response * @return Response
*/ */
public function login(Application $app, Request $request) public function login(PhraseaApplication $app, Request $request)
{ {
require_once($app['phraseanet.registry']->get('GV_RootPath') . 'lib/classes/deprecated/inscript.api.php'); require_once($app['phraseanet.registry']->get('GV_RootPath') . 'lib/classes/deprecated/inscript.api.php');
$warning = $request->query->get('error', ''); // $warning = $request->query->get('error', '');
try { try {
$app['phraseanet.appbox']->get_connection(); $app['phraseanet.appbox']->get_connection();
} catch (\Exception $e) { } catch (\Exception $e) {
$warning = 'no-connection'; $app->addFlash('error', _('login::erreur: No available connection - Please contact sys-admin'));
} }
if ($app['phraseanet.registry']->get('GV_maintenance')) { if ($app['phraseanet.registry']->get('GV_maintenance')) {
$warning = 'maintenance'; $app->addFlash('notice', _('login::erreur: maintenance en cours, merci de nous excuser pour la gene occasionee'));
} }
switch ($warning) { // switch ($warning) {
//
case 'maintenance': // case 'maintenance':
$warning = _('login::erreur: maintenance en cours, merci de nous excuser pour la gene occasionee'); // $warning = _('login::erreur: maintenance en cours, merci de nous excuser pour la gene occasionee');
break; // break;
case 'no-connection': // case 'no-connection':
$warning = _('login::erreur: No available connection - Please contact sys-admin'); // $warning = _('login::erreur: No available connection - Please contact sys-admin');
break; // break;
case 'auth': // case 'auth':
$warning = _('login::erreur: Erreur d\'authentification'); // $warning = _('login::erreur: Erreur d\'authentification');
break; // break;
case 'captcha': // case 'captcha':
$warning = _('login::erreur: Erreur de captcha'); // $warning = _('login::erreur: Erreur de captcha');
break; // break;
case 'account-locked' : // case 'account-locked' :
$warning = _('login::erreur: Vous n\'avez pas confirme votre email'); // $warning = _('login::erreur: Vous n\'avez pas confirme votre email');
break; // break;
case 'no-base' : // case 'no-base' :
$warning = _('login::erreur: Aucune base n\'est actuellment accessible'); // $warning = _('login::erreur: Aucune base n\'est actuellment accessible');
break; // break;
case 'session' : // case 'session' :
$warning = _('Error while authentication, please retry or contact an admin if problem persists'); // $warning = _('Error while authentication, please retry or contact an admin if problem persists');
break; // break;
case 'unexpected' : // case 'unexpected' :
$warning = _('An unexpected error occured during authentication process, please contact an admin'); // $warning = _('An unexpected error occured during authentication process, please contact an admin');
break; // break;
} // }
//
if (ctype_digit($request->query->get('usr'))) { // if (ctype_digit($request->query->get('usr'))) {
$warning .= '<div class="notice"><a href="/login/send-mail-confirm/?usr_id=' . $request->query->get('usr') . '" target ="_self" style="color:black;text-decoration:none;">' . _('login:: Envoyer a nouveau le mail de confirmation') . '</a></div>'; // $warning .= '<div class="notice">
} // <a href="/login/send-mail-confirm/?usr_id=' . $request->query->get('usr') . '" target ="_self" style="color:black;text-decoration:none;">' .
// _('login:: Envoyer a nouveau le mail de confirmation') . '</a></div>';
switch ($notice = $request->query->get('notice', '')) { // }
case 'ok': //
$notice = _('login::register: sujet email : confirmation de votre adresse email'); // switch ($notice = $request->query->get('notice', '')) {
break; // case 'ok':
case 'already': // $notice = _('login::register: sujet email : confirmation de votre adresse email');
$notice = _('login::notification: cette email est deja confirmee'); // break;
break; // case 'already':
case 'mail-sent': // $notice = _('login::notification: cette email est deja confirmee');
$notice = _('login::notification: demande de confirmation par mail envoyee'); // break;
break; // case 'mail-sent':
case 'register-ok': // $notice = _('login::notification: demande de confirmation par mail envoyee');
$notice = _('login::notification: votre email est desormais confirme'); // break;
break; // case 'register-ok':
case 'register-ok-wait': // $notice = _('login::notification: votre email est desormais confirme');
$notice = _('Your email is now confirmed. You will be informed as soon as your pending request will be managed'); // break;
break; // case 'register-ok-wait':
case 'password-update-ok': // $notice = _('Your email is now confirmed. You will be informed as soon as your pending request will be managed');
$notice = _('login::notification: Mise a jour du mot de passe avec succes'); // break;
break; // case 'password-update-ok':
case 'no-register-available': // $notice = _('login::notification: Mise a jour du mot de passe avec succes');
$notice = _('User inscriptions are disabled'); // break;
break; // case 'no-register-available':
} // $notice = _('User inscriptions are disabled');
// break;
$captchaSys = ''; // }
if (!$app['phraseanet.registry']->get('GV_maintenance')
&& $app['phraseanet.registry']->get('GV_captchas')
&& trim($app['phraseanet.registry']->get('GV_captcha_private_key')) !== ''
&& trim($app['phraseanet.registry']->get('GV_captcha_public_key')) !== ''
&& $request->query->get('error') == 'captcha') {
$captchaSys = '<div style="margin:0;float: left;width:330px;"><div id="recaptcha_image" style="float: left;margin:10px 15px 5px"></div>
<div style="text-align:center;float: left;margin:0 15px 5px;width:300px;">
<a href="javascript:Recaptcha.reload()" class="link">' . _('login::captcha: obtenir une autre captcha') . '</a>
</div>
<div style="text-align:center;float: left;width:300px;margin:0 15px 0px;">
<span class="recaptcha_only_if_image">' . _('login::captcha: recopier les mots ci dessous') . ' : </span>
<input name="recaptcha_response_field" id="recaptcha_response_field" value="" type="text" style="width:180px;"/>
</div>' . recaptcha_get_html($app['phraseanet.registry']->get('GV_captcha_public_key')) . '</div>';
}
$public_feeds = \Feed_Collection::load_public_feeds($app); $public_feeds = \Feed_Collection::load_public_feeds($app);
$feeds = array_merge(array($public_feeds->get_aggregate()), $public_feeds->get_feeds());
$feeds = $public_feeds->get_feeds();
array_unshift($feeds, $public_feeds->get_aggregate());
$form = $app->form(new PhraseaAuthenticationForm(), null, array(
'disabled' => $app['phraseanet.registry']->get('GV_maintenance')
));
return $app['twig']->render('login/index.html.twig', array( return $app['twig']->render('login/index.html.twig', array(
'module_name' => _('Accueil'), 'module_name' => _('Accueil'),
'notice' => $notice,
'warning' => $warning,
'redirect' => ltrim($request->query->get('redirect'), '/'), 'redirect' => ltrim($request->query->get('redirect'), '/'),
'logged_out' => $request->query->get('logged_out'), 'recaptcha_display' => false,
'captcha_system' => $captchaSys, // 'logged_out' => $request->query->get('logged_out'),
// 'captcha_system' => $captchaSys,
'login' => new \login(), 'login' => new \login(),
'feeds' => $feeds, 'feeds' => $feeds,
'display_layout' => $app['phraseanet.registry']->get('GV_home_publi') 'guest_allowed' => \phrasea::guest_allowed($app),
// 'display_layout' => $app['phraseanet.registry']->get('GV_home_publi'),
'form' => $form->createView(),
)); ));
} }
@@ -930,10 +945,19 @@ class Login implements ControllerProviderInterface
* @param Request $request The current request * @param Request $request The current request
* @return RedirectResponse * @return RedirectResponse
*/ */
public function authenticate(Application $app, Request $request) public function authenticate(PhraseaApplication $app, Request $request)
{ {
$app['dispatcher']->dispatch(PhraseaEvents::PRE_AUTHENTICATE, new PreAuthenticate($request)); $app['dispatcher']->dispatch(PhraseaEvents::PRE_AUTHENTICATE, new PreAuthenticate($request));
$form = $app->form(new PhraseaAuthenticationForm());
$form->bind($request);
if (!$form->isValid()) {
$app->addFlash('error', _('An unexpected error occured during authentication process, please contact an admin'));
return $app->redirect($app->path('homepage'));
}
$params = array(); $params = array();
if (null !== $redirect = $request->get('redirect')) { if (null !== $redirect = $request->get('redirect')) {
@@ -941,7 +965,7 @@ class Login implements ControllerProviderInterface
} }
try { try {
$usr_id = $app['auth.native']->isValid($request->request->get('login'), $request->request->get('pwd'), $request); $usr_id = $app['auth.native']->isValid($request->request->get('login'), $request->request->get('password'), $request);
} catch (RequireCaptchaException $e) { } catch (RequireCaptchaException $e) {
$params = array_merge($params, array('error' => 'captcha')); $params = array_merge($params, array('error' => 'captcha'));
@@ -1006,7 +1030,7 @@ class Login implements ControllerProviderInterface
return $response; return $response;
} }
public function authenticateAsGuest(Application $app, Request $request) public function authenticateAsGuest(PhraseaApplication $app, Request $request)
{ {
if (!\phrasea::guest_allowed($app)) { if (!\phrasea::guest_allowed($app)) {
$app->abort(403, _('Phraseanet guest-access is disabled')); $app->abort(403, _('Phraseanet guest-access is disabled'));
@@ -1051,7 +1075,7 @@ class Login implements ControllerProviderInterface
} }
// move this in an event // move this in an event
private function postAuthProcess(Application $app, \User_Adapter $user) private function postAuthProcess(PhraseaApplication $app, \User_Adapter $user)
{ {
$date = new \DateTime('+' . (int) $app['phraseanet.registry']->get('GV_validation_reminder') . ' days'); $date = new \DateTime('+' . (int) $app['phraseanet.registry']->get('GV_validation_reminder') . ' days');
@@ -1107,14 +1131,14 @@ class Login implements ControllerProviderInterface
return $session; return $session;
} }
public function authenticateWithProvider(Application $app, Request $request, $providerId) public function authenticateWithProvider(PhraseaApplication $app, Request $request, $providerId)
{ {
$provider = $app['authentication.providers']->get($providerId); $provider = $app['authentication.providers']->get($providerId);
return $provider->authenticate($request->query->all()); return $provider->authenticate($request->query->all());
} }
public function authenticationCallback(Application $app, Request $request, $providerId) public function authenticationCallback(PhraseaApplication $app, Request $request, $providerId)
{ {
try { try {
$provider = $app['authentication.providers']->get($providerId); $provider = $app['authentication.providers']->get($providerId);
@@ -1165,7 +1189,7 @@ class Login implements ControllerProviderInterface
} }
} }
public function authenticationMapping(Application $app, Request $request, $providerId) public function authenticationMapping(PhraseaApplication $app, Request $request, $providerId)
{ {
try { try {
$provider = $app['authentication.providers']->get($providerId); $provider = $app['authentication.providers']->get($providerId);
@@ -1181,7 +1205,7 @@ class Login implements ControllerProviderInterface
)); ));
} }
public function authenticationBindToAccount(Application $app, Request $request, $providerId) public function authenticationBindToAccount(PhraseaApplication $app, Request $request, $providerId)
{ {
try { try {
$provider = $app['authentication.providers']->get($providerId); $provider = $app['authentication.providers']->get($providerId);
@@ -1194,7 +1218,7 @@ class Login implements ControllerProviderInterface
)); ));
} }
public function authenticationDoBindToAccount(Application $app, Request $request, $providerId) public function authenticationDoBindToAccount(PhraseaApplication $app, Request $request, $providerId)
{ {
if (!$app['authentication.phrasea']->verify($request->query->get('username'), $request->query->get('password'))) { if (!$app['authentication.phrasea']->verify($request->query->get('username'), $request->query->get('password'))) {
// $app // $app
@@ -1227,7 +1251,7 @@ class Login implements ControllerProviderInterface
* @param Application $app * @param Application $app
* @return boolean * @return boolean
*/ */
private function getRegisterFieldConfiguration(Application $app) private function getRegisterFieldConfiguration(PhraseaApplication $app)
{ {
/** /**
* @todo enhance this shit * @todo enhance this shit

45
lib/Alchemy/Phrasea/Form/Login/PhraseaAuthenticationForm.php Normal file
View File

@@ -0,0 +1,45 @@
<?php
/*
* This file is part of Phraseanet
*
* (c) 2005-2013 Alchemy
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Alchemy\Phrasea\Form\Login;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\Validator\Constraints as Assert;
class PhraseaAuthenticationForm extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder->add('login', 'text', array(
'label' => _('Login'),
'required' => true,
'disabled' => $options['disabled'],
'constraints' => array(
new Assert\NotBlank(),
),
));
$builder->add('password', 'password', array(
'label' => _('Password'),
'required' => true,
'disabled' => $options['disabled'],
'constraints' => array(
new Assert\NotBlank(),
),
));
}
public function getName()
{
return null;
}
}

2
templates/web/common/menubar.html.twig
View File

@@ -186,7 +186,7 @@
</li> </li>
<li> <li>
{% if app['authentication'].isAuthenticated() %} {% if app['authentication'].isAuthenticated() %}
<a href="/login/logout/?app={{module}}" target="_self"> <a href="{{ path('logout', { 'redirect' : module }) }}" target="_self">
<span> <span>
{% trans 'phraseanet:: deconnection' %} {% trans 'phraseanet:: deconnection' %}
</span> </span>