MAPG-191 don't create separate variable for data where not necessary
This commit is contained in:
parent
e17cf68007
commit
6db6208896
@ -26,8 +26,9 @@ if ($match !== null) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ($method === 'post' && Container::$request->post('anti_csrf_token') !== Container::$request->session()->get('anti_csrf_token')) {
|
if ($method === 'post' && Container::$request->post('anti_csrf_token') !== Container::$request->session()->get('anti_csrf_token')) {
|
||||||
|
$content = new MapGuesser\Response\JsonContent(['error' => 'no_valid_anti_csrf_token']);
|
||||||
header('Content-Type: text/html; charset=UTF-8', true, 403);
|
header('Content-Type: text/html; charset=UTF-8', true, 403);
|
||||||
echo json_encode(['error' => 'no_valid_anti_csrf_token']);
|
$content->render();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -21,15 +21,15 @@ class GameController
|
|||||||
public function getGame(): IContent
|
public function getGame(): IContent
|
||||||
{
|
{
|
||||||
$mapId = (int) $this->request->query('mapId');
|
$mapId = (int) $this->request->query('mapId');
|
||||||
$data = $this->prepareGame($mapId);
|
|
||||||
return new HtmlContent('game', $data);
|
return new HtmlContent('game', $this->prepareGame($mapId));
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getGameJson(): IContent
|
public function getGameJson(): IContent
|
||||||
{
|
{
|
||||||
$mapId = (int) $this->request->query('mapId');
|
$mapId = (int) $this->request->query('mapId');
|
||||||
$data = $this->prepareGame($mapId);
|
|
||||||
return new JsonContent($data);
|
return new JsonContent($this->prepareGame($mapId));
|
||||||
}
|
}
|
||||||
|
|
||||||
private function prepareGame(int $mapId)
|
private function prepareGame(int $mapId)
|
||||||
|
@ -29,8 +29,7 @@ class GameFlowController
|
|||||||
$session = $this->request->session();
|
$session = $this->request->session();
|
||||||
|
|
||||||
if (!($state = $session->get('state')) || $state['mapId'] !== $mapId) {
|
if (!($state = $session->get('state')) || $state['mapId'] !== $mapId) {
|
||||||
$data = ['error' => 'no_session_found'];
|
return new JsonContent(['error' => 'no_session_found']);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (count($state['rounds']) === 0) {
|
if (count($state['rounds']) === 0) {
|
||||||
@ -79,8 +78,7 @@ class GameFlowController
|
|||||||
$session = $this->request->session();
|
$session = $this->request->session();
|
||||||
|
|
||||||
if (!($state = $session->get('state')) || $state['mapId'] !== $mapId) {
|
if (!($state = $session->get('state')) || $state['mapId'] !== $mapId) {
|
||||||
$data = ['error' => 'no_session_found'];
|
return new JsonContent(['error' => 'no_session_found']);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$last = $state['rounds'][count($state['rounds']) - 1];
|
$last = $state['rounds'][count($state['rounds']) - 1];
|
||||||
@ -119,7 +117,7 @@ class GameFlowController
|
|||||||
|
|
||||||
$session->set('state', $state);
|
$session->set('state', $state);
|
||||||
|
|
||||||
$data = [
|
return new JsonContent([
|
||||||
'result' => [
|
'result' => [
|
||||||
'position' => $position->toArray(),
|
'position' => $position->toArray(),
|
||||||
'distance' => $distance,
|
'distance' => $distance,
|
||||||
@ -127,8 +125,7 @@ class GameFlowController
|
|||||||
],
|
],
|
||||||
'panoId' => $panoId,
|
'panoId' => $panoId,
|
||||||
'pov' => $pov
|
'pov' => $pov
|
||||||
];
|
]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private function addNewRoundToState(&$state, Place $place, array $placesWithoutPano): void
|
private function addNewRoundToState(&$state, Place $place, array $placesWithoutPano): void
|
||||||
|
@ -24,7 +24,6 @@ class HomeController
|
|||||||
{
|
{
|
||||||
// session starts with the request, this method just sends valid data to the client
|
// session starts with the request, this method just sends valid data to the client
|
||||||
|
|
||||||
$data = ['antiCsrfToken' => $this->request->session()->get('anti_csrf_token')];
|
return new JsonContent(['antiCsrfToken' => $this->request->session()->get('anti_csrf_token')]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -46,8 +46,7 @@ class LoginController
|
|||||||
return new Redirect(\Container::$routeCollection->getRoute('index')->generateLink(), IRedirect::TEMPORARY);
|
return new Redirect(\Container::$routeCollection->getRoute('index')->generateLink(), IRedirect::TEMPORARY);
|
||||||
}
|
}
|
||||||
|
|
||||||
$data = [];
|
return new HtmlContent('login/login');
|
||||||
return new HtmlContent('login/login', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getGoogleLoginRedirect(): IRedirect
|
public function getGoogleLoginRedirect(): IRedirect
|
||||||
@ -57,7 +56,10 @@ class LoginController
|
|||||||
$this->request->session()->set('oauth_state', $state);
|
$this->request->session()->set('oauth_state', $state);
|
||||||
|
|
||||||
$oAuth = new GoogleOAuth(new Request());
|
$oAuth = new GoogleOAuth(new Request());
|
||||||
$url = $oAuth->getDialogUrl($state, $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('login-google-action')->generateLink());
|
$url = $oAuth->getDialogUrl(
|
||||||
|
$state,
|
||||||
|
$this->request->getBase() . '/' . \Container::$routeCollection->getRoute('login-google-action')->generateLink()
|
||||||
|
);
|
||||||
|
|
||||||
return new Redirect($url, IRedirect::TEMPORARY);
|
return new Redirect($url, IRedirect::TEMPORARY);
|
||||||
}
|
}
|
||||||
@ -81,8 +83,7 @@ class LoginController
|
|||||||
|
|
||||||
public function getSignupSuccess(): IContent
|
public function getSignupSuccess(): IContent
|
||||||
{
|
{
|
||||||
$data = [];
|
return new HtmlContent('login/signup_success');
|
||||||
return new HtmlContent('login/signup_success', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getSignupWithGoogleForm()
|
public function getSignupWithGoogleForm()
|
||||||
@ -99,8 +100,7 @@ class LoginController
|
|||||||
|
|
||||||
$user = $this->userRepository->getByEmail($userData['email']);
|
$user = $this->userRepository->getByEmail($userData['email']);
|
||||||
|
|
||||||
$data = ['found' => $user !== null, 'email' => $userData['email']];
|
return new HtmlContent('login/google_signup', ['found' => $user !== null, 'email' => $userData['email']]);
|
||||||
return new HtmlContent('login/google_signup', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getRequestPasswordResetForm()
|
public function getRequestPasswordResetForm()
|
||||||
@ -109,8 +109,7 @@ class LoginController
|
|||||||
return new Redirect(\Container::$routeCollection->getRoute('index')->generateLink(), IRedirect::TEMPORARY);
|
return new Redirect(\Container::$routeCollection->getRoute('index')->generateLink(), IRedirect::TEMPORARY);
|
||||||
}
|
}
|
||||||
|
|
||||||
$data = ['email' => $this->request->query('email')];
|
return new HtmlContent('login/password_reset_request', ['email' => $this->request->query('email')]);
|
||||||
return new HtmlContent('login/password_reset_request', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getRequestPasswordResetSuccess(): IContent
|
public function getRequestPasswordResetSuccess(): IContent
|
||||||
@ -128,54 +127,67 @@ class LoginController
|
|||||||
$resetter = $this->userPasswordResetterRepository->getByToken($token);
|
$resetter = $this->userPasswordResetterRepository->getByToken($token);
|
||||||
|
|
||||||
if ($resetter === null || $resetter->getExpiresDate() < new DateTime()) {
|
if ($resetter === null || $resetter->getExpiresDate() < new DateTime()) {
|
||||||
$data = ['success' => false];
|
return new HtmlContent('login/reset_password', ['success' => false]);
|
||||||
return new HtmlContent('login/reset_password', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$user = $this->userRepository->getById($resetter->getUserId());
|
$user = $this->userRepository->getById($resetter->getUserId());
|
||||||
|
|
||||||
$data = ['success' => true, 'token' => $token, 'email' => $user->getEmail()];
|
return new HtmlContent('login/reset_password', ['success' => true, 'token' => $token, 'email' => $user->getEmail()]);
|
||||||
return new HtmlContent('login/reset_password', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function login(): IContent
|
public function login(): IContent
|
||||||
{
|
{
|
||||||
if ($this->request->user() !== null) {
|
if ($this->request->user() !== null) {
|
||||||
$data = ['success' => true];
|
return new JsonContent(['success' => true]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$user = $this->userRepository->getByEmail($this->request->post('email'));
|
$user = $this->userRepository->getByEmail($this->request->post('email'));
|
||||||
|
|
||||||
if ($user === null) {
|
if ($user === null) {
|
||||||
if (strlen($this->request->post('password')) < 6) {
|
if (strlen($this->request->post('password')) < 6) {
|
||||||
$data = ['error' => ['errorText' => 'The given password is too short. Please choose a password that is at least 6 characters long!']];
|
return new JsonContent([
|
||||||
return new JsonContent($data);
|
'error' => [
|
||||||
|
'errorText' => 'The given password is too short. Please choose a password that is at least 6 characters long!'
|
||||||
|
]
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
$tmpUser = new User();
|
$tmpUser = new User();
|
||||||
$tmpUser->setPlainPassword($this->request->post('password'));
|
$tmpUser->setPlainPassword($this->request->post('password'));
|
||||||
|
|
||||||
$this->request->session()->set('tmp_user_data', ['email' => $this->request->post('email'), 'password_hashed' => $tmpUser->getPassword()]);
|
$this->request->session()->set('tmp_user_data', [
|
||||||
|
'email' => $this->request->post('email'),
|
||||||
|
'password_hashed' => $tmpUser->getPassword()
|
||||||
|
]);
|
||||||
|
|
||||||
$data = ['redirect' => ['target' => '/' . \Container::$routeCollection->getRoute('signup')->generateLink()]];
|
return new JsonContent([
|
||||||
return new JsonContent($data);
|
'redirect' => [
|
||||||
|
'target' => '/' . \Container::$routeCollection->getRoute('signup')->generateLink()
|
||||||
|
]
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$user->getActive()) {
|
if (!$user->getActive()) {
|
||||||
$data = ['error' => ['errorText' => 'User found with the given email address, but the account is not activated. Please check your email and click on the activation link!']];
|
return new JsonContent([
|
||||||
return new JsonContent($data);
|
'error' => [
|
||||||
|
'errorText' => 'User found with the given email address, but the account is not activated. ' .
|
||||||
|
'Please check your email and click on the activation link!'
|
||||||
|
]
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$user->checkPassword($this->request->post('password'))) {
|
if (!$user->checkPassword($this->request->post('password'))) {
|
||||||
$data = ['error' => ['errorText' => 'The given password is wrong. You can <a href="/password/requestReset?email=' . urlencode($user->getEmail()) . '" title="Request password reset">request password reset</a>!']];
|
return new JsonContent([
|
||||||
return new JsonContent($data);
|
'error' => [
|
||||||
|
'errorText' => 'The given password is wrong. You can <a href="/password/requestReset?email=' .
|
||||||
|
urlencode($user->getEmail()) . '" title="Request password reset">request password reset</a>!'
|
||||||
|
]
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->request->setUser($user);
|
$this->request->setUser($user);
|
||||||
|
|
||||||
$data = ['success' => true];
|
return new JsonContent(['success' => true]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function loginWithGoogle()
|
public function loginWithGoogle()
|
||||||
@ -185,24 +197,24 @@ class LoginController
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ($this->request->query('state') !== $this->request->session()->get('oauth_state')) {
|
if ($this->request->query('state') !== $this->request->session()->get('oauth_state')) {
|
||||||
$data = [];
|
return new HtmlContent('login/google_login');
|
||||||
return new HtmlContent('login/google_login', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$oAuth = new GoogleOAuth(new Request());
|
$oAuth = new GoogleOAuth(new Request());
|
||||||
$tokenData = $oAuth->getToken($this->request->query('code'), $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('login-google-action')->generateLink());
|
$tokenData = $oAuth->getToken(
|
||||||
|
$this->request->query('code'),
|
||||||
|
$this->request->getBase() . '/' . \Container::$routeCollection->getRoute('login-google-action')->generateLink()
|
||||||
|
);
|
||||||
|
|
||||||
if (!isset($tokenData['id_token'])) {
|
if (!isset($tokenData['id_token'])) {
|
||||||
$data = [];
|
return new HtmlContent('login/google_login');
|
||||||
return new HtmlContent('login/google_login', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$jwtParser = new JwtParser($tokenData['id_token']);
|
$jwtParser = new JwtParser($tokenData['id_token']);
|
||||||
$userData = $jwtParser->getPayload();
|
$userData = $jwtParser->getPayload();
|
||||||
|
|
||||||
if (!$userData['email_verified']) {
|
if (!$userData['email_verified']) {
|
||||||
$data = [];
|
return new HtmlContent('login/google_login');
|
||||||
return new HtmlContent('login/google_login', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$user = $this->userRepository->getByGoogleSub($userData['sub']);
|
$user = $this->userRepository->getByGoogleSub($userData['sub']);
|
||||||
@ -228,8 +240,7 @@ class LoginController
|
|||||||
public function signup(): IContent
|
public function signup(): IContent
|
||||||
{
|
{
|
||||||
if ($this->request->user() !== null) {
|
if ($this->request->user() !== null) {
|
||||||
$data = ['redirect' => ['target' => '/' . \Container::$routeCollection->getRoute('home')->generateLink()]];
|
return new JsonContent(['redirect' => ['target' => '/' . \Container::$routeCollection->getRoute('home')->generateLink()]]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$user = $this->userRepository->getByEmail($this->request->post('email'));
|
$user = $this->userRepository->getByEmail($this->request->post('email'));
|
||||||
@ -237,22 +248,31 @@ class LoginController
|
|||||||
if ($user !== null) {
|
if ($user !== null) {
|
||||||
if ($user->getActive()) {
|
if ($user->getActive()) {
|
||||||
if (!$user->checkPassword($this->request->post('password'))) {
|
if (!$user->checkPassword($this->request->post('password'))) {
|
||||||
$data = ['error' => ['errorText' => 'There is a user already registered with the given email address, but the given password is wrong. You can <a href="/password/requestReset?email=' . urlencode($user->getEmail()) . '" title="Request password reset">request password reset</a>!']];
|
return new JsonContent([
|
||||||
return new JsonContent($data);
|
'error' => [
|
||||||
|
'errorText' => 'There is a user already registered with the given email address, ' .
|
||||||
|
'but the given password is wrong. You can <a href="/password/requestReset?email=' .
|
||||||
|
urlencode($user->getEmail()) . '" title="Request password reset">request password reset</a>!'
|
||||||
|
]
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->request->setUser($user);
|
$this->request->setUser($user);
|
||||||
|
|
||||||
$data = ['redirect' => ['target' => '/' . \Container::$routeCollection->getRoute('index')->generateLink()]];
|
$data = ['redirect' => ['target' => '/' . \Container::$routeCollection->getRoute('index')->generateLink()]];
|
||||||
} else {
|
} else {
|
||||||
$data = ['error' => ['errorText' => 'There is a user already registered with the given email address. Please check your email and click on the activation link!']];
|
$data = [
|
||||||
|
'error' => [
|
||||||
|
'errorText' => 'There is a user already registered with the given email address. ' .
|
||||||
|
'Please check your email and click on the activation link!'
|
||||||
|
]
|
||||||
|
];
|
||||||
}
|
}
|
||||||
return new JsonContent($data);
|
return new JsonContent($data);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (filter_var($this->request->post('email'), FILTER_VALIDATE_EMAIL) === false) {
|
if (filter_var($this->request->post('email'), FILTER_VALIDATE_EMAIL) === false) {
|
||||||
$data = ['error' => ['errorText' => 'The given email address is not valid.']];
|
return new JsonContent(['error' => ['errorText' => 'The given email address is not valid.']]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($this->request->session()->has('tmp_user_data')) {
|
if ($this->request->session()->has('tmp_user_data')) {
|
||||||
@ -262,18 +282,19 @@ class LoginController
|
|||||||
$tmpUser->setPassword($tmpUserData['password_hashed']);
|
$tmpUser->setPassword($tmpUserData['password_hashed']);
|
||||||
|
|
||||||
if (!$tmpUser->checkPassword($this->request->post('password'))) {
|
if (!$tmpUser->checkPassword($this->request->post('password'))) {
|
||||||
$data = ['error' => ['errorText' => 'The given passwords do not match.']];
|
return new JsonContent(['error' => ['errorText' => 'The given passwords do not match.']]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (strlen($this->request->post('password')) < 6) {
|
if (strlen($this->request->post('password')) < 6) {
|
||||||
$data = ['error' => ['errorText' => 'The given password is too short. Please choose a password that is at least 6 characters long!']];
|
return new JsonContent([
|
||||||
return new JsonContent($data);
|
'error' => [
|
||||||
|
'errorText' => 'The given password is too short. Please choose a password that is at least 6 characters long!'
|
||||||
|
]
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($this->request->post('password') !== $this->request->post('password_confirm')) {
|
if ($this->request->post('password') !== $this->request->post('password_confirm')) {
|
||||||
$data = ['error' => ['errorText' => 'The given passwords do not match.']];
|
return new JsonContent(['error' => ['errorText' => 'The given passwords do not match.']]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -299,15 +320,13 @@ class LoginController
|
|||||||
|
|
||||||
$this->request->session()->delete('tmp_user_data');
|
$this->request->session()->delete('tmp_user_data');
|
||||||
|
|
||||||
$data = ['success' => true];
|
return new JsonContent(['success' => true]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function signupWithGoogle(): IContent
|
public function signupWithGoogle(): IContent
|
||||||
{
|
{
|
||||||
if ($this->request->user() !== null) {
|
if ($this->request->user() !== null) {
|
||||||
$data = ['success' => true];
|
return new JsonContent(['success' => true]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$userData = $this->request->session()->get('google_user_data');
|
$userData = $this->request->session()->get('google_user_data');
|
||||||
@ -335,24 +354,21 @@ class LoginController
|
|||||||
$this->request->session()->delete('google_user_data');
|
$this->request->session()->delete('google_user_data');
|
||||||
$this->request->setUser($user);
|
$this->request->setUser($user);
|
||||||
|
|
||||||
$data = ['success' => true];
|
return new JsonContent(['success' => true]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function resetSignup(): IContent
|
public function resetSignup(): IContent
|
||||||
{
|
{
|
||||||
$this->request->session()->delete('tmp_user_data');
|
$this->request->session()->delete('tmp_user_data');
|
||||||
|
|
||||||
$data = ['success' => true];
|
return new JsonContent(['success' => true]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function resetGoogleSignup(): IContent
|
public function resetGoogleSignup(): IContent
|
||||||
{
|
{
|
||||||
$this->request->session()->delete('google_user_data');
|
$this->request->session()->delete('google_user_data');
|
||||||
|
|
||||||
$data = ['success' => true];
|
return new JsonContent(['success' => true]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function activate()
|
public function activate()
|
||||||
@ -364,8 +380,7 @@ class LoginController
|
|||||||
$confirmation = $this->userConfirmationRepository->getByToken($this->request->query('token'));
|
$confirmation = $this->userConfirmationRepository->getByToken($this->request->query('token'));
|
||||||
|
|
||||||
if ($confirmation === null) {
|
if ($confirmation === null) {
|
||||||
$data = [];
|
return new HtmlContent('login/activate');
|
||||||
return new HtmlContent('login/activate', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
\Container::$dbConnection->startTransaction();
|
\Container::$dbConnection->startTransaction();
|
||||||
@ -393,8 +408,7 @@ class LoginController
|
|||||||
$confirmation = $this->userConfirmationRepository->getByToken($this->request->query('token'));
|
$confirmation = $this->userConfirmationRepository->getByToken($this->request->query('token'));
|
||||||
|
|
||||||
if ($confirmation === null) {
|
if ($confirmation === null) {
|
||||||
$data = ['success' => false];
|
return new HtmlContent('login/cancel', ['success' => false]);
|
||||||
return new HtmlContent('login/cancel', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
\Container::$dbConnection->startTransaction();
|
\Container::$dbConnection->startTransaction();
|
||||||
@ -407,27 +421,36 @@ class LoginController
|
|||||||
|
|
||||||
\Container::$dbConnection->commit();
|
\Container::$dbConnection->commit();
|
||||||
|
|
||||||
$data = ['success' => true];
|
return new HtmlContent('login/cancel', ['success' => true]);
|
||||||
return new HtmlContent('login/cancel', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function requestPasswordReset(): IContent
|
public function requestPasswordReset(): IContent
|
||||||
{
|
{
|
||||||
if ($this->request->user() !== null) {
|
if ($this->request->user() !== null) {
|
||||||
$data = ['redirect' => ['target' => '/' . \Container::$routeCollection->getRoute('home')->generateLink()]];
|
return new JsonContent([
|
||||||
return new JsonContent($data);
|
'redirect' => [
|
||||||
|
'target' => '/' . \Container::$routeCollection->getRoute('home')->generateLink()
|
||||||
|
]
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
$user = $this->userRepository->getByEmail($this->request->post('email'));
|
$user = $this->userRepository->getByEmail($this->request->post('email'));
|
||||||
|
|
||||||
if ($user === null) {
|
if ($user === null) {
|
||||||
$data = ['error' => ['errorText' => 'No user found with the given email address. You can <a href="/signup" title="Sign up">sign up</a>!']];
|
return new JsonContent([
|
||||||
return new JsonContent($data);
|
'error' => [
|
||||||
|
'errorText' => 'No user found with the given email address. You can <a href="/signup" title="Sign up">sign up</a>!'
|
||||||
|
]
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$user->getActive()) {
|
if (!$user->getActive()) {
|
||||||
$data = ['error' => ['errorText' => 'User found with the given email address, but the account is not activated. Please check your email and click on the activation link!']];
|
return new JsonContent([
|
||||||
return new JsonContent($data);
|
'error' => [
|
||||||
|
'errorText' => 'User found with the given email address, but the account is not activated. ' .
|
||||||
|
'Please check your email and click on the activation link!'
|
||||||
|
]
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
$token = bin2hex(random_bytes(16));
|
$token = bin2hex(random_bytes(16));
|
||||||
@ -442,34 +465,41 @@ class LoginController
|
|||||||
|
|
||||||
$this->sendPasswordResetEmail($user->getEmail(), $token, $expires);
|
$this->sendPasswordResetEmail($user->getEmail(), $token, $expires);
|
||||||
|
|
||||||
$data = ['success' => true];
|
return new JsonContent(['success' => true]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public function resetPassword(): IContent
|
public function resetPassword(): IContent
|
||||||
{
|
{
|
||||||
if ($this->request->user() !== null) {
|
if ($this->request->user() !== null) {
|
||||||
$data = ['redirect' => ['target' => '/' . \Container::$routeCollection->getRoute('home')->generateLink()]];
|
return new JsonContent([
|
||||||
return new JsonContent($data);
|
'redirect' => [
|
||||||
|
'target' => '/' . \Container::$routeCollection->getRoute('home')->generateLink()
|
||||||
|
]
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
$token = $this->request->query('token');
|
$token = $this->request->query('token');
|
||||||
$resetter = $this->userPasswordResetterRepository->getByToken($token);
|
$resetter = $this->userPasswordResetterRepository->getByToken($token);
|
||||||
|
|
||||||
if ($resetter === null || $resetter->getExpiresDate() < new DateTime()) {
|
if ($resetter === null || $resetter->getExpiresDate() < new DateTime()) {
|
||||||
$data = ['redirect' => ['target' => '/' . \Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token])]];
|
return new JsonContent([
|
||||||
return new JsonContent($data);
|
'redirect' => [
|
||||||
|
'target' => '/' . \Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token])
|
||||||
|
]
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (strlen($this->request->post('password')) < 6) {
|
if (strlen($this->request->post('password')) < 6) {
|
||||||
$data = ['error' => ['errorText' => 'The given password is too short. Please choose a password that is at least 6 characters long!']];
|
return new JsonContent([
|
||||||
return new JsonContent($data);
|
'error' => [
|
||||||
|
'errorText' => 'The given password is too short. Please choose a password that is at least 6 characters long!'
|
||||||
|
]
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($this->request->post('password') !== $this->request->post('password_confirm')) {
|
if ($this->request->post('password') !== $this->request->post('password_confirm')) {
|
||||||
$data = ['error' => ['errorText' => 'The given passwords do not match.']];
|
return new JsonContent(['error' => ['errorText' => 'The given passwords do not match.']]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
\Container::$dbConnection->startTransaction();
|
\Container::$dbConnection->startTransaction();
|
||||||
@ -485,8 +515,7 @@ class LoginController
|
|||||||
|
|
||||||
$this->request->setUser($user);
|
$this->request->setUser($user);
|
||||||
|
|
||||||
$data = ['success' => true];
|
return new JsonContent(['success' => true]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private function sendConfirmationEmail(string $email, string $token): void
|
private function sendConfirmationEmail(string $email, string $token): void
|
||||||
@ -496,8 +525,10 @@ class LoginController
|
|||||||
$mail->setSubject('Welcome to ' . $_ENV['APP_NAME'] . ' - Activate your account');
|
$mail->setSubject('Welcome to ' . $_ENV['APP_NAME'] . ' - Activate your account');
|
||||||
$mail->setBodyFromTemplate('signup', [
|
$mail->setBodyFromTemplate('signup', [
|
||||||
'EMAIL' => $email,
|
'EMAIL' => $email,
|
||||||
'ACTIVATE_LINK' => $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('signup.activate')->generateLink(['token' => $token]),
|
'ACTIVATE_LINK' => $this->request->getBase() . '/' .
|
||||||
'CANCEL_LINK' => $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('signup.cancel')->generateLink(['token' => $token]),
|
\Container::$routeCollection->getRoute('signup.activate')->generateLink(['token' => $token]),
|
||||||
|
'CANCEL_LINK' => $this->request->getBase() . '/' .
|
||||||
|
\Container::$routeCollection->getRoute('signup.cancel')->generateLink(['token' => $token]),
|
||||||
]);
|
]);
|
||||||
$mail->send();
|
$mail->send();
|
||||||
}
|
}
|
||||||
@ -520,7 +551,8 @@ class LoginController
|
|||||||
$mail->setSubject($_ENV['APP_NAME'] . ' - Password reset');
|
$mail->setSubject($_ENV['APP_NAME'] . ' - Password reset');
|
||||||
$mail->setBodyFromTemplate('password-reset', [
|
$mail->setBodyFromTemplate('password-reset', [
|
||||||
'EMAIL' => $email,
|
'EMAIL' => $email,
|
||||||
'RESET_LINK' => $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token]),
|
'RESET_LINK' => $this->request->getBase() . '/' .
|
||||||
|
\Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token]),
|
||||||
'EXPIRES' => $expires->format('Y-m-d H:i:s T')
|
'EXPIRES' => $expires->format('Y-m-d H:i:s T')
|
||||||
]);
|
]);
|
||||||
$mail->send();
|
$mail->send();
|
||||||
|
@ -58,8 +58,13 @@ class MapAdminController implements ISecured
|
|||||||
$places = [];
|
$places = [];
|
||||||
}
|
}
|
||||||
|
|
||||||
$data = ['mapId' => $mapId, 'mapName' => $map->getName(), 'mapDescription' => str_replace('<br>', "\n", $map->getDescription()), 'bounds' => $map->getBounds()->toArray(), 'places' => &$places];
|
return new HtmlContent('admin/map_editor', [
|
||||||
return new HtmlContent('admin/map_editor', $data);
|
'mapId' => $mapId,
|
||||||
|
'mapName' => $map->getName(),
|
||||||
|
'mapDescription' => str_replace('<br>', "\n", $map->getDescription()),
|
||||||
|
'bounds' => $map->getBounds()->toArray(),
|
||||||
|
'places' => &$places
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getPlace(): IContent
|
public function getPlace(): IContent
|
||||||
@ -68,8 +73,7 @@ class MapAdminController implements ISecured
|
|||||||
|
|
||||||
$place = $this->placeRepository->getById($placeId);
|
$place = $this->placeRepository->getById($placeId);
|
||||||
|
|
||||||
$data = ['panoId' => $place->getFreshPanoId()];
|
return new JsonContent(['panoId' => $place->getFreshPanoId()]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function saveMap(): IContent
|
public function saveMap(): IContent
|
||||||
@ -157,8 +161,7 @@ class MapAdminController implements ISecured
|
|||||||
|
|
||||||
\Container::$dbConnection->commit();
|
\Container::$dbConnection->commit();
|
||||||
|
|
||||||
$data = ['mapId' => $map->getId(), 'added' => $addedIds];
|
return new JsonContent(['mapId' => $map->getId(), 'added' => $addedIds]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function deleteMap()
|
public function deleteMap()
|
||||||
@ -175,8 +178,7 @@ class MapAdminController implements ISecured
|
|||||||
|
|
||||||
\Container::$dbConnection->commit();
|
\Container::$dbConnection->commit();
|
||||||
|
|
||||||
$data = ['success' => true];
|
return new JsonContent(['success' => true]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private function deletePlaces(Map $map): void
|
private function deletePlaces(Map $map): void
|
||||||
|
@ -46,8 +46,10 @@ class MapsController
|
|||||||
}
|
}
|
||||||
|
|
||||||
$user = $this->request->user();
|
$user = $this->request->user();
|
||||||
$data = ['maps' => $maps, 'isAdmin' => $user !== null && $user->hasPermission(IUser::PERMISSION_ADMIN)];
|
return new HtmlContent('maps', [
|
||||||
return new HtmlContent('maps', $data);
|
'maps' => $maps,
|
||||||
|
'isAdmin' => $user !== null && $user->hasPermission(IUser::PERMISSION_ADMIN)
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function formatMapAreaForHuman(float $area): array
|
private function formatMapAreaForHuman(float $area): array
|
||||||
|
@ -48,8 +48,7 @@ class UserController implements ISecured
|
|||||||
*/
|
*/
|
||||||
$user = $this->request->user();
|
$user = $this->request->user();
|
||||||
|
|
||||||
$data = ['user' => $user->toArray()];
|
return new HtmlContent('account/account', ['user' => $user->toArray()]);
|
||||||
return new HtmlContent('account/account', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getGoogleAuthenticateRedirect(): IRedirect
|
public function getGoogleAuthenticateRedirect(): IRedirect
|
||||||
@ -82,31 +81,36 @@ class UserController implements ISecured
|
|||||||
$user = $this->request->user();
|
$user = $this->request->user();
|
||||||
|
|
||||||
if ($this->request->query('state') !== $this->request->session()->get('oauth_state')) {
|
if ($this->request->query('state') !== $this->request->session()->get('oauth_state')) {
|
||||||
$data = ['success' => false];
|
return new HtmlContent('account/google_authenticate', ['success' => false]);
|
||||||
return new HtmlContent('account/google_authenticate', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$oAuth = new GoogleOAuth(new Request());
|
$oAuth = new GoogleOAuth(new Request());
|
||||||
$tokenData = $oAuth->getToken($this->request->query('code'), $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink());
|
$tokenData = $oAuth->getToken(
|
||||||
|
$this->request->query('code'),
|
||||||
|
$this->request->getBase() . '/' . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink()
|
||||||
|
);
|
||||||
|
|
||||||
if (!isset($tokenData['id_token'])) {
|
if (!isset($tokenData['id_token'])) {
|
||||||
$data = ['success' => false];
|
return new HtmlContent('account/google_authenticate', ['success' => false]);
|
||||||
return new HtmlContent('account/google_authenticate', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$jwtParser = new JwtParser($tokenData['id_token']);
|
$jwtParser = new JwtParser($tokenData['id_token']);
|
||||||
$userData = $jwtParser->getPayload();
|
$userData = $jwtParser->getPayload();
|
||||||
|
|
||||||
if ($userData['sub'] !== $user->getGoogleSub()) {
|
if ($userData['sub'] !== $user->getGoogleSub()) {
|
||||||
$data = ['success' => false, 'errorText' => 'This Google account is not linked to your account.'];
|
return new HtmlContent('account/google_authenticate', [
|
||||||
return new HtmlContent('account/google_authenticate', $data);
|
'success' => false,
|
||||||
|
'errorText' => 'This Google account is not linked to your account.'
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
$authenticatedWithGoogleUntil = new DateTime('+45 seconds');
|
$authenticatedWithGoogleUntil = new DateTime('+45 seconds');
|
||||||
$this->request->session()->set('authenticated_with_google_until', $authenticatedWithGoogleUntil);
|
$this->request->session()->set('authenticated_with_google_until', $authenticatedWithGoogleUntil);
|
||||||
|
|
||||||
$data = ['success' => true, 'authenticatedWithGoogleUntil' => $authenticatedWithGoogleUntil];
|
return new HtmlContent('account/google_authenticate', [
|
||||||
return new HtmlContent('account/google_authenticate', $data);
|
'success' => true,
|
||||||
|
'authenticatedWithGoogleUntil' => $authenticatedWithGoogleUntil
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getDeleteAccount(): IContent
|
public function getDeleteAccount(): IContent
|
||||||
@ -116,8 +120,7 @@ class UserController implements ISecured
|
|||||||
*/
|
*/
|
||||||
$user = $this->request->user();
|
$user = $this->request->user();
|
||||||
|
|
||||||
$data = ['user' => $user->toArray()];
|
return new HtmlContent('account/delete', ['user' => $user->toArray()]);
|
||||||
return new HtmlContent('account/delete', $data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function saveAccount(): IContent
|
public function saveAccount(): IContent
|
||||||
@ -133,19 +136,24 @@ class UserController implements ISecured
|
|||||||
$this->request->post('password'),
|
$this->request->post('password'),
|
||||||
$error
|
$error
|
||||||
)) {
|
)) {
|
||||||
$data = ['error' => ['errorText' => $error]];
|
return new JsonContent(['error' => ['errorText' => $error]]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (strlen($this->request->post('password_new')) > 0) {
|
if (strlen($this->request->post('password_new')) > 0) {
|
||||||
if (strlen($this->request->post('password_new')) < 6) {
|
if (strlen($this->request->post('password_new')) < 6) {
|
||||||
$data = ['error' => ['errorText' => 'The given new password is too short. Please choose a password that is at least 6 characters long!']];
|
return new JsonContent([
|
||||||
return new JsonContent($data);
|
'error' => [
|
||||||
|
'errorText' => 'The given new password is too short. Please choose a password that is at least 6 characters long!'
|
||||||
|
]
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($this->request->post('password_new') !== $this->request->post('password_new_confirm')) {
|
if ($this->request->post('password_new') !== $this->request->post('password_new_confirm')) {
|
||||||
$data = ['error' => ['errorText' => 'The given new passwords do not match.']];
|
return new JsonContent([
|
||||||
return new JsonContent($data);
|
'error' => [
|
||||||
|
'errorText' => 'The given new passwords do not match.'
|
||||||
|
]
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
$user->setPlainPassword($this->request->post('password_new'));
|
$user->setPlainPassword($this->request->post('password_new'));
|
||||||
@ -155,8 +163,7 @@ class UserController implements ISecured
|
|||||||
|
|
||||||
$this->request->session()->delete('authenticated_with_google_until');
|
$this->request->session()->delete('authenticated_with_google_until');
|
||||||
|
|
||||||
$data = ['success' => true];
|
return new JsonContent(['success' => true]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function deleteAccount(): IContent
|
public function deleteAccount(): IContent
|
||||||
@ -172,8 +179,7 @@ class UserController implements ISecured
|
|||||||
$this->request->post('password'),
|
$this->request->post('password'),
|
||||||
$error
|
$error
|
||||||
)) {
|
)) {
|
||||||
$data = ['error' => ['errorText' => $error]];
|
return new JsonContent(['error' => ['errorText' => $error]]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
\Container::$dbConnection->startTransaction();
|
\Container::$dbConnection->startTransaction();
|
||||||
@ -192,8 +198,7 @@ class UserController implements ISecured
|
|||||||
|
|
||||||
$this->request->session()->delete('authenticated_with_google_until');
|
$this->request->session()->delete('authenticated_with_google_until');
|
||||||
|
|
||||||
$data = ['success' => true];
|
return new JsonContent(['success' => true]);
|
||||||
return new JsonContent($data);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private function confirmUserIdentity(User $user, ?DateTime $authenticatedWithGoogleUntil, ?string $password, &$error): bool
|
private function confirmUserIdentity(User $user, ?DateTime $authenticatedWithGoogleUntil, ?string $password, &$error): bool
|
||||||
|
Loading…
Reference in New Issue
Block a user