diff --git a/Controller/ForgotResetController.php b/Controller/ForgotResetController.php index 976cbea..a8426db 100644 --- a/Controller/ForgotResetController.php +++ b/Controller/ForgotResetController.php @@ -5,10 +5,10 @@ use Dayspring\LoginBundle\Entity\ChangePasswordEntity; use Dayspring\LoginBundle\Form\Type\ChangePasswordType; use Dayspring\LoginBundle\Form\Type\ResetPasswordType; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use Symfony\Component\Routing\Annotation\Route; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; -use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\Form\Extension\Core\Type\EmailType; @@ -16,7 +16,7 @@ use Symfony\Component\HttpFoundation\Session\SessionInterface; use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; -use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; +use Symfony\Component\Security\Core\Exception\UserNotFoundException; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Mailer\Exception\TransportExceptionInterface; use Symfony\Component\Mailer\MailerInterface; @@ -28,22 +28,22 @@ class ForgotResetController extends AbstractController protected $authenticationManager; protected $session; protected $tokenStorage; - protected $userPasswordEncoder; + protected $userPasswordHasher; protected $mailer; public function __construct( - AuthenticationManagerInterface $authenticationManager, +// AuthenticationManagerInterface $authenticationManager, UserProviderInterface $userProvider, SessionInterface $session, MailerInterface $mailer, TokenStorageInterface $tokenStorage, - UserPasswordEncoderInterface $userPasswordEncoder + UserPasswordHasherInterface $userPasswordHasher ) { - $this->authenticationManager = $authenticationManager; +// $this->authenticationManager = $authenticationManager; $this->mailer = $mailer; $this->session = $session; $this->tokenStorage = $tokenStorage; - $this->userPasswordEncoder = $userPasswordEncoder; + $this->userPasswordHasher = $userPasswordHasher; $this->userProvider = $userProvider; } @@ -91,7 +91,7 @@ public function forgotPasswordAction(Request $request) $this->mailer->send($message); } - } catch (UsernameNotFoundException $e) { + } catch (UserNotFoundException $e) { // do not throw an error for UsernameNotFoundException } @@ -119,8 +119,7 @@ public function resetPasswordAction(Request $request, $resetToken) if ($form->isValid()) { $data = $form->getData(); - $encoded = $this->userPasswordEncoder->encodePassword($user, $data->getPassword()); -// $encoded = $this->userPasswordEncoder->hashPassword($user, $data->getPassword()); + $encoded = $this->userPasswordHasher->hashPassword($user, $data->getPassword()); $user->setPassword($encoded); $user->save(); @@ -153,19 +152,18 @@ public function changePasswordAction(Request $request) if ($form->isValid()) { $data = $form->getData(); - $encoded = $this->userPasswordEncoder->encodePassword($currentUser, $data->getNewPassword()); -// $encoded = $this->userPasswordEncoder->hashPassword($currentUser, $data->getNewPassword()); + $encoded = $this->userPasswordHasher->hashPassword($currentUser, $data->getNewPassword()); $currentUser->setPassword($encoded); $currentUser->save(); - $token = new UsernamePasswordToken( - $currentUser, - $data->getNewPassword(), - "secured_area", - $currentUser->getRoles() - ); - $token = $this->authenticationManager->authenticate($token); - $this->tokenStorage->setToken($token); +// $token = new UsernamePasswordToken( +// $currentUser, +// $data->getNewPassword(), +// "secured_area", +// $currentUser->getRoles() +// ); +// $token = $this->authenticationManager->authenticate($token); +// $this->tokenStorage->setToken($token); $this->session->getFlashBag()->add('success', 'New password has been saved.'); diff --git a/Model/User.php b/Model/User.php index 751b35c..54191c5 100644 --- a/Model/User.php +++ b/Model/User.php @@ -5,10 +5,11 @@ use DateTime; use Dayspring\LoginBundle\Model\om\BaseUser; use PropelPDO; +use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface; use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Validator\Constraints as Assert; -class User extends BaseUser implements UserInterface +class User extends BaseUser implements UserInterface, PasswordAuthenticatedUserInterface { /** * User constructor. @@ -29,7 +30,7 @@ public function getUsername() return $this->getEmail(); } - public function getUserIdentifier() + public function getUserIdentifier(): string { return $this->getEmail(); } @@ -71,9 +72,9 @@ public function getEmail() * groups={"password"} * ) */ - public function getPassword() + public function getPassword(): string { - return parent::getPassword(); + return parent::getPassword() ?? ''; } public function generateResetToken() diff --git a/Security/AuthenticationSuccessHandler.php b/Security/AuthenticationSuccessHandler.php index e115b67..3b4dffd 100644 --- a/Security/AuthenticationSuccessHandler.php +++ b/Security/AuthenticationSuccessHandler.php @@ -4,6 +4,7 @@ use Dayspring\LoginBundle\Model\User; use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler; @@ -13,7 +14,7 @@ class AuthenticationSuccessHandler extends DefaultAuthenticationSuccessHandler /** * {@inheritdoc} */ - public function onAuthenticationSuccess(Request $request, TokenInterface $token) + public function onAuthenticationSuccess(Request $request, TokenInterface $token): Response { /** @var User $user */ $user = $token->getUser(); diff --git a/Security/User/DayspringUserProvider.php b/Security/User/DayspringUserProvider.php index a0318a1..182daa3 100644 --- a/Security/User/DayspringUserProvider.php +++ b/Security/User/DayspringUserProvider.php @@ -4,7 +4,7 @@ use Dayspring\LoginBundle\Model\User; use Dayspring\LoginBundle\Model\UserQuery; use Symfony\Component\Security\Core\Exception\UnsupportedUserException; -use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; +use Symfony\Component\Security\Core\Exception\UserNotFoundException; use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; @@ -20,15 +20,15 @@ public function loadUserByUsername($username) * @param $username * @return User */ - public function loadUserByIdentifier($username) + public function loadUserByIdentifier(string $identifier): UserInterface { $user = UserQuery::create() - ->filterByEmail($username) + ->filterByEmail($identifier) ->findOne(); if ($user == null) { - throw new UsernameNotFoundException( - sprintf('Username "%s" does not exist.', $username) + throw new UserNotFoundException( + sprintf('Username "%s" does not exist.', $identifier) ); } else { $user->reload(); @@ -41,7 +41,7 @@ public function loadUserByIdentifier($username) * @param UserInterface $user * @return User */ - public function refreshUser(UserInterface $user): \Symfony\Component\Security\Core\User\UserInterface + public function refreshUser(UserInterface $user): UserInterface { if (!$user instanceof User) { throw new UnsupportedUserException( diff --git a/Tests/Controller/ForgotResetControllerTest.php b/Tests/Controller/ForgotResetControllerTest.php index efc1776..deacb4b 100644 --- a/Tests/Controller/ForgotResetControllerTest.php +++ b/Tests/Controller/ForgotResetControllerTest.php @@ -13,6 +13,8 @@ use Dayspring\LoginBundle\Model\UserQuery; use Dayspring\LoginBundle\Tests\WebTestCase; use Symfony\Bundle\FrameworkBundle\Client; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; +use function var_dump; class ForgotResetControllerTest extends WebTestCase { @@ -59,7 +61,7 @@ public function testForgotPassword() public function testForgotPasswordDeactiveUser() { - $encoder = static::$kernel->getContainer()->get('security.password_encoder'); + $encoder = static::getContainer()->get(UserPasswordHasherInterface::class); $user = new User(); $user @@ -67,7 +69,7 @@ public function testForgotPasswordDeactiveUser() ->setPassword("password") ->setIsActive(false); - $encoded = $encoder->encodePassword($user, 'password'); + $encoded = $encoder->hashPassword($user, 'password'); $user ->setPassword($encoded) ->save(); @@ -192,13 +194,13 @@ public function testChangePasswordNotLoggedIn() public function testChangePassword() { - $encoder = static::$kernel->getContainer()->get('security.password_encoder'); + $encoder = static::getContainer()->get(UserPasswordHasherInterface::class); $securityRole = new SecurityRole(); $securityRole->setRoleName('ROLE'); $user = new User(); - $encoded = $encoder->encodePassword($user, 'password'); + $encoded = $encoder->hashPassword($user, 'password'); $user ->addSecurityRole($securityRole) @@ -240,13 +242,13 @@ public function testChangePassword() public function testChangePasswordNoMatch() { - $encoder = static::$kernel->getContainer()->get('security.password_encoder'); + $encoder = static::getContainer()->get(UserPasswordHasherInterface::class); $securityRole = new SecurityRole(); $securityRole->setRoleName('ROLE'); $user = new User(); - $encoded = $encoder->encodePassword($user, 'password'); + $encoded = $encoder->hashPassword($user, 'password'); $user ->addSecurityRole($securityRole) diff --git a/Tests/Controller/UserAccountControllerTest.php b/Tests/Controller/UserAccountControllerTest.php index a886fba..825c2fc 100644 --- a/Tests/Controller/UserAccountControllerTest.php +++ b/Tests/Controller/UserAccountControllerTest.php @@ -10,6 +10,7 @@ use Symfony\Bundle\FrameworkBundle\Client; use Symfony\Bundle\FrameworkBundle\Console\Application; use Symfony\Component\Console\Tester\CommandTester; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; class UserAccountControllerTest extends WebTestCase { @@ -23,7 +24,7 @@ protected function setUp(): void parent::setUp(); $application = new Application(static::$kernel); - $application->add(new FixturesLoadCommand(static::$kernel->getContainer())); + $application->add(new FixturesLoadCommand(static::getContainer())); $command = $application->find('propel:fixtures:load'); $commandTester = new CommandTester($command); @@ -39,11 +40,11 @@ protected function setUp(): void protected function createUserAndLogin() { - $encoder = static::$kernel->getContainer()->get('security.password_encoder'); + $encoder = static::getContainer()->get(UserPasswordHasherInterface::class); $user = new User(); $user->setEmail(sprintf("test+%s@test.com", microtime())); - $encoded = $encoder->encodePassword($user, 'password'); + $encoded = $encoder->hashPassword($user, 'password'); $user->setPassword($encoded); $user->addSecurityRole(SecurityRoleQuery::create()->filterByRoleName("ROLE_User")->findOneOrCreate()); $user->save(); @@ -70,7 +71,7 @@ protected function loginAdminUser() public function testInactiveUser() { - $encoder = static::$kernel->getContainer()->get('security.password_encoder'); + $encoder = static::getContainer()->get(UserPasswordHasherInterface::class); $user = new User(); $user @@ -78,7 +79,7 @@ public function testInactiveUser() ->setPassword("password") ->setIsActive(false); - $encoded = $encoder->encodePassword($user, 'password'); + $encoded = $encoder->hashPassword($user, 'password'); $user ->setPassword($encoded) ->save(); @@ -99,11 +100,11 @@ public function testInactiveUser() public function testLastLoginDate() { - $encoder = static::$kernel->getContainer()->get('security.password_encoder'); + $encoder = static::getContainer()->get(UserPasswordHasherInterface::class); $user = new User(); $user->setEmail(sprintf("test+%s@test.com", microtime())); - $encoded = $encoder->encodePassword($user, 'password'); + $encoded = $encoder->hashPassword($user, 'password'); $user->setPassword($encoded); $user->addSecurityRole(SecurityRoleQuery::create()->filterByRoleName("ROLE_User")->findOneOrCreate()); $user->save(); diff --git a/Tests/Resources/config/security.yml b/Tests/Resources/config/security.yml index 2fd272e..ea3a6fb 100644 --- a/Tests/Resources/config/security.yml +++ b/Tests/Resources/config/security.yml @@ -1,6 +1,7 @@ # To get started with security, check out the documentation: # http://symfony.com/doc/current/book/security.html security: + enable_authenticator_manager: true # http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers providers: @@ -8,7 +9,7 @@ security: id: dayspring_login.user_provider # http://symfony.com/doc/current/book/security.html#encoding-the-user-s-password - encoders: + password_hashers: Dayspring\LoginBundle\Model\User: algorithm: bcrypt cost: 12 @@ -35,8 +36,8 @@ security: logout: path: _logout target: / - anonymous: ~ +# anonymous: ~ main: - anonymous: ~ +# anonymous: ~ #logout_on_user_change: true diff --git a/Tests/Security/User/DayspringUserProviderTest.php b/Tests/Security/User/DayspringUserProviderTest.php index 4262251..119d095 100644 --- a/Tests/Security/User/DayspringUserProviderTest.php +++ b/Tests/Security/User/DayspringUserProviderTest.php @@ -15,7 +15,7 @@ use Symfony\Bundle\FrameworkBundle\Console\Application; use Symfony\Component\Console\Tester\CommandTester; use Symfony\Component\Security\Core\Exception\UnsupportedUserException; -use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; +use Symfony\Component\Security\Core\Exception\UserNotFoundException; use Symfony\Component\Security\Core\User\UserInterface; class DayspringUserProviderTest extends WebTestCase @@ -70,7 +70,7 @@ public function testSupportsClass() public function testLoadUserByUsernameFailure() { - $this->expectException(UsernameNotFoundException::class); + $this->expectException(UserNotFoundException::class); $this->userProvider->loadUserByIdentifier('foobar@doesnotexist.com'); } @@ -104,7 +104,7 @@ public function getSalt() { } - public function getUserIdentifier() + public function getUserIdentifier(): string { } diff --git a/composer.json b/composer.json index aa98a07..3f62fc7 100644 --- a/composer.json +++ b/composer.json @@ -29,17 +29,17 @@ ], "require": { "php": ">=7.4", - "symfony/framework-bundle": "^4.4.23|^5.0", - "symfony/mailer": "^4.0|^5.0", - "symfony/security-bundle": "^4.0|^5.0", - "symfony/twig-bundle": "^4.4.19|^5.0", - "symfony/yaml": "^4.0|^5.0", - "symfony/form": "^4.0|^5.0", - "symfony/validator": "^4.0|^5.0", - "symfony/console": "^4.0|^5.0", - "symfony/routing": "^4.0|^5.0", - "symfony/asset": "^4.0|^5.0", - "symfony/expression-language": "^4.0|^5.0", + "symfony/framework-bundle": "^4.4.23|^5.0|^6.0", + "symfony/mailer": "^4.0|^5.0|^6.0", + "symfony/security-bundle": "^5.3|^6.0", + "symfony/twig-bundle": "^4.4.19|^5.0|^6.0", + "symfony/yaml": "^4.0|^5.0|^6.0", + "symfony/form": "^4.0|^5.0|^6.0", + "symfony/validator": "^4.0|^5.0|^6.0", + "symfony/console": "^4.0|^5.0|^6.0", + "symfony/routing": "^4.0|^5.0|^6.0", + "symfony/asset": "^4.0|^5.0|^6.0", + "symfony/expression-language": "^4.0|^5.0|^6.0", "symfony/monolog-bundle": "^3.6.0", "sensio/framework-extra-bundle": "^5.0.1", "dayspring-tech/propel-bundle": "^1.8.6", @@ -48,6 +48,7 @@ "doctrine/annotations": "^1.12.1" }, "require-dev": { + "symfony/framework-bundle": "^5.3|^6.0", "symfony/phpunit-bridge": "^5.0|^6.0", "phpunit/phpunit": "^8.5.23|^9.0", "symfony/browser-kit": "^4.0|^5.0",