I am using FOSUserBundle with Symfony 3.4
I am trying to reset the user password and this works fine; only problem is that I can put ANY email and the status would be true saying that the email has been sent ??
How is it possible that FOS is finding a user that does not exist ? or did I miss something in my template ?
As far as I understand the status block is what should be displaying the error but it is always a success.
I have not overridden any of the default controller
{% extends 'UserBundle:Resetting:request.html.twig' %}
{% trans_default_domain 'FOSUserBundle' %}
{% block status %}
{{ 'resetting.check_email'|trans({'%tokenLifetime%': tokenLifetime})|nl2br }}
{% endblock %}
I think there is no problem and in addition it is a good behavior. Because otherwise, a person could easily devour a lot of users, which will cause a security problem. So if the user does not exist, not the pain to mention.
Again, if you look closely at this class (in fosuserbundle repository) via the link :
ResettingController, more precisely the method sendEmailAction, at the level of the 2nd control structure if
if (null !== $user && !$user->isPasswordRequestNonExpired($this->retryTtl))
you can notice that if the user does not exist then no mail is sent, the instructions inside the if are not executed and we go directly to a redirection instruction.
return new RedirectResponse($this->generateUrl('fos_user_resetting_check_email', array('username' => $username)));
That's why you see success all the time. Also this redirection above can be executed even in the case the user exists. That's how I tried to have an attempt to understand this process.
Related
I want some simple twig tags that allow me to do the following:
{% customtag 'name' %}
<div> some html </div>
{% endcustomtag %}
And then get that html inside of a service.
I have tried doing this myself but when I finally have al the data that I want inside of my NodeVisitor I can't seem to get it to my service. If I inject it and call a method on it it never gets executed. It only gets called if I try to clear my cache from my command line.
Can somebody please give some insight?
Apparently, you can access your extensions from Twig_Template.
So you can do:
$compiler->write('$this->extensions[')
->string('your_extension')
->write(']->getService()->someFunction();')
->raw(PHP_EOL);
in your twig node. And then in your extension you should just inject the service and return it in the getService method.
I have an application with Frontend(sales) and Backend(administration), what I want to do is to set the flash messages separated by context, because When I'm login in both context I'm received in the Backend messages that belong to the Frontend, and I don't want it.
Sorry about my English but I'm not an English speaker.
King Regards
If you are using the sessions flash bag then you just need to use different names when adding a message. For example you could use the following for admin messages:
// in your controller
$this->get('session')->getFlashBag()
->add('admin_error','No user found with that email address');
.........................................................
{# in your template #}
{% for flashMessage in app.session.flashbag.get('admin_error') %}
<div class="error-message">{{ flashMessage }}</div>
{% endfor %}
Then do the same thing in your public controllers/templates but replace 'admin_error' with something like 'public_error'.
About the messaging framework, in the docs it is written that every message has a message.tag property that can be uses for css. so my code looks like this
try:
models.save()
message.success(request, "Model successfully saved")
except DatabaseManagementTransaction:
message.error(request, "Model could not be saved")
in my html template
{% if messages %}
{% for message in messages %}
<div class="alert alert-{{message.tag}} alert-dissmissable">
{{message}}
</div>
{%endfor%}
{% endif %}
But when the template is rendered i see no message.tag and the div class looks like this
<div class="alert alert- alert-dissmissable">...</div>
So do i have to create MESSAGE_TAGS in settings file for this to work? Why is the message.tag empty? And another question. What happens to messages after they are presented to user? Are they deleted? If i add a new model will the previous messages be shown to me plus the newly appended one?
If should be tags as alert-{{message.tags}} in the template.
What happens to messages after they are presented to user? Are they deleted?
Yes, they are cleared once iterated (or displayed through template) from the storage. Refer message expiry.
If i add a new model will the previous messages be shown to me plus the newly appended one?
The messages list will have all currently active messages. So if previous message is still there it will be shown as well.
Almost everything's working great in my project, except that when I log in (using facebook) with a user that has no correspondence in my database (FOSUserBundle), I get redirected to /registration/{id} only to get an error:
The form's view data is expected to be an instance of class Naroga\Reader\CommonBundle\Entity\User, but is an instance of class HWI\Bundle\OAuthBundle\OAuth\Response\PathUserResponse. You can avoid this error by setting the "data_class" option to null or by adding a view transformer that transforms an instance of class HWI\Bundle\OAuthBundle\OAuth\Response\PathUserResponse to an instance of Naroga\Reader\CommonBundle\Entity\User.
I also had to overwrite connect.confirm.html.twig to delete the following lines:
{% if userInformation.profilePicture is not empty %}
<img src="{{ userInformation.profilePicture }}" />
{% endif %}
It said PathUserResponse had no profilePicture method. My guess is I should not be using PathUserResponse, but I don't know what I did wrong. Can someone point me in the right direction?
The kind people of HWI/OAuth-Bundle have fixed the issue. I thought I was doing something wrong, but those were actually known bugs.
I have successfully installed FOSUserBundle in my project and everything works as expected. However, I am struggling with how to implement it in my actual project.
I want to create the following setup:
A page displaying some user settings in one form (like newsletter subscription), the possibility to change the password in a second form and maybe also a third form to change the username.
The settings form as well as some more information is coming from an existing action in my controller and is working well.
I did try a few things but things are not really working out yet:
I copied some functionality from FOSUserBundle\Controller\ChangePasswordController\changePasswordAction() to my own action. This way I could get the change password form, create the view and pass it to my template.
I added the form to my template with {{ form_widget(form) }}. The form is being displayed and it's even working. I can change the password. However, the labels are being lost, simply reading Current, First, and Second. Also there is no error messaging showing up when the two new passwords don't match or are being left empty.
Over all I have the feeling I am probably doing this in a wrong way. Could you please help me how I should handle this task and point out where I am likely doing something stupid?
Here is the code of my action, reduced to what's important here:
# src/Acme/MyBundle/Controller/BackendController.php
public function accountAction(){
//pretty much a copy of FOSUserBundle\Controller\ChangePasswordController\changePasswordAction()
$user = $this->get('security.context')->getToken()->getUser();
$form = $this->container->get('fos_user.change_password.form');
$formHandler = $this->container->get('fos_user.change_password.form.handler');
$process = $formHandler->process($user);
if ($process) {
//password has been changed, response will be generated
}
//more stuff going on here
$moreStuff = ...
//render view
return $this->render('AcmeMyBundle:Backend:account.html.twig', array(
'form' => $form->createView(),
'moreStuff' => $moreStuff
));
}
IMO rendering more than one form in one action is not a good idea.
Always try to separate things and let an action handle only one feature.
In your twig template I suggest to use the render method :
{% render 'AcmeBundle:SomeAction' with{'param:param} %}
It will generate a GET request on the action provided with some params if needed.
Create one action that will render the twig template with subrequests :
// AcmeUserBundle:editAction
{% render 'AcmeUserBundle:changePasswordAction' %}
{% render 'AcmeUserBundle:settingsAction' %}
{% render 'AcmeUserBundle:profileAction' %}
And then you'll need to create one action per form.
For password and username modification you can also override FOSUserBundle views if your needs are only visual. If you need to add/remove a field on the form you will need to create a new service.
I sugget reading FOSUserBundle documentation about overriding :
https://github.com/FriendsOfSymfony/FOSUserBundle/blob/master/Resources/doc/index.md#next-steps