i want to be able to set a Cookie onKernelRequest Method, but the cookie is not beeing set,
Everything else is working fine, what am missing here?
What i want to achieve is that if the user is not logged in and doesnt have the cookie he should see the http basic auth headers.
If the user is logged in or does have the cookie he has access to the preview domains without having to enter their user credentials in http basic auth.
const AUTH_USER = 'myuser';
const AUTH_PW = 'mypass';
public function sendAuthorizationHeader()
{
header('WWW-Authenticate: Basic realm="Preview Domain"');
header('HTTP/1.0 401 Unauthorized');
die();
}
public function onKernelRequest(GetResponseEvent $event)
{
if (!$event->isMasterRequest()) {
return;
}
$request = $event->getRequest();
$host = $request->getHost();
$loginSuccessful = false;
// check if we are on a preview domain
if (preg_match('/^preview-\d+/', $host)) {
$user = $request->getUser();
$cookie = $request->cookies->get('preview_user');
$phpAuthUser = $request->server->get('PHP_AUTH_USER');
$phpAuthPw = $request->server->get('PHP_AUTH_PW');
if (isset($phpAuthUser) && isset($phpAuthPw)) {
if ($phpAuthUser == self::AUTH_USER && $phpAuthPw == self::AUTH_PW) {
$loginSuccessful = true;
}
} else if ($user === null && $cookie === null) {
$this->sendAuthorizationHeader();
}
if (!$loginSuccessful) {
$this->sendAuthorizationHeader();
} else {
$cookie = new Cookie('preview_user', true, 86400, '/', null, false, false);
$response = new Response();
$response->headers->setCookie($cookie);
$response->sendHeaders();
}
}
}
Setting a cookie on a response object doesn't do anything but adding a cookie to that request. You need to return the same response object, so Symfony renders it back to the client. Rendering it yourself is not a good idea, as there might be contents send later and it's not really testable.
It's easier done in a kernel.response event listener, since you already have a response there. Remember to use the response that your application creates. Do not create it yourself.
If you set the cookie based on logic that should also be available during the request, you can split it into two event listener methods. One will set a request attribute on kernel.request, and the other one will set the cookie on the response on kernel.response:
public function onKernelRequest(GetResponseEvent $event)
{
// your logic goes here. calculate the $result
// ...
$event->getRequest()->attributes->set('my_result', $result);
}
public function onKernelResponse(FilterResponseEvent $event)
{
$response = $event->getResponse();
$request = $event->getRequest();
$myResult = $request->attributes->get('my_result');
$cookie = new Cookie(/* ... */);
$response->headers->setCookie($cookie);
}
Related
I'm turning again on you guys, because I spend my fair share of hours on this "task" and I still can't figure out how to test my service method, without my function connection on database (I have to mock repository functions)
This is my service function
public function getInfo($history, $name)
{
$requestRepository = $this->em->getRepository(Request::class);
if ($history) {
$requests = [];
foreach ($requestRepository->getRequestsByName($name) as $request) {
$requests[] = $requestRepository->transform($request);
}
return $requests;
} else {
$request = $requestRepository->getCompletedRequestByName($name);
if (!is_null($request)) {
return $requestRepository->transform($request);
} else {
return null;
}
}
}
And this is my test
public function testGetInfo()
{
/* This returns errors, because it tries to connect to DATABASE, but I don't wan't that, that's why I figure out I need to mock this
$requestManager = new RequestManager($this->entityManager);
$test = $requestManager->getInfo('histroy', 'antrax.com');
*/
$requestManager = $this->getMockBuilder(RequestManager::class)->disableOriginalConstructor()->setMethods(['getInfo'])
->getMock();
// And rest of this are just my FAILED attempts to figure out, how to test my methods
$queryBuilder = $this->getMockBuilder(RequestRepository::class)->disableOriginalConstructor()
->setMethods(['getInfo'])->getMock();
$test = $queryBuilder->method('getInfo')->willReturnSelf();
$queryBuilder->method('getInfo')->willReturnCallback(function ($field, $value) use ($queryBuilder, $test){
if ($field == 'newStatus') {
$this->assertSame('EXPIRED', $value);
}
return $queryBuilder;
});
}
Can some one please help me how to write a test for my method getInfo so it will have 100% cover. If you need any additional informations, please let me know and I will provide. Thank you!
This is an answer to my problem
public function testGetInfo()
{
$mockEntity = $this->mockEntityManager;
$name = 'antrax.com';
$requestMock = new RequestEntity();
$transformedRequest = [
'id' => 1
];
$requestRepo = $this->getMockBuilder(RequestRepository::class)->disableOriginalConstructor()
->setMethods(['getRequestsByName', 'transform', 'getCompletedRequestByName'])->getMock();
$requestRepo->method('getRequestsByName')->willReturnCallback(function ($passedName) use ($name, $requestMock) {
$this->assertSame($name, $passedName);
return [$requestMock, $requestMock];
});
$requestRepo->method('transform')->willReturnCallback(function ($request) use ($requestMock, $transformedRequest) {
$this->assertSame($requestMock, $request);
return $transformedRequest;
});
$i = 0;
$requestRepo->method('getCompletedRequestByName')->willReturnCallback(function ($passedName) use ($name, $requestMock, &$i) {
$this->assertSame($name, $passedName);
if ($i == 0) {
$i+=1;
return null;
} else {
return $requestMock;
}
});
$mockEntity->method('getRepository')->willReturnCallback(function ($requestClass) use ($requestRepo) {
$this->assertSame(RequestEntity::class, $requestClass);
return $requestRepo;
});
$requestManager = new RequestManager($mockEntity);
$this->assertSame([$transformedRequest, $transformedRequest], $requestManager->getInfo(true, $name));
$this->assertNull($requestManager->getInfo(false, $name));
$this->assertSame($transformedRequest, $requestManager->getInfo(false, $name));
}
i want to create an array as a session table to put it empty in the beggining for my cart shop to display nothing as an empty cart and when i press AddtoCart i want get that array and do an array_push with the new items but i didn't know how to do it
This is the first controller when i create the array empty
public function FrontAction()
{
$pro=new Produit();
$pro->setNom('');
$pro->setQuantite(0);
$pro->setPrix(0);
$em = $this->getDoctrine()->getManager();
$sess=new Session();
$sess->setName('PANIER');
$sess=array('');
array_push($sess,$pro->getNom(),$pro->getQuantite(),$pro->getPrix());
$paniers = $em->getRepository(Panier::class)->findByUserId(1);
$produits = $this->getDoctrine()->getRepository(Produit::class)->findAll();
$boutiques = $this->getDoctrine()->getRepository(Boutique::class)->GetBestShopsDQL();
if ($paniers != null)
{
$prixTotal = 0;
foreach ($paniers as $panier) {
$prixTotal += $panier->getPrixTotal();
}
$resultCount = count($paniers);
return $this->render('BoutiqueBundle:FrontViews:ListBoutique.html.twig', array('produits' => $produits, 'boutiques' => $boutiques,'paniers' => $paniers, 'prixTotal' => $prixTotal,'resultCount' => $resultCount));
}
return $this->render('BoutiqueBundle:FrontViews:ListBoutique.html.twig', array('produits' => $produits, 'boutiques' => $boutiques,'sess'=>$sess));
}
and this is the second controller where i want to fill that empty array with new items
public function ajouterauPanierAction($id)
{
$ses=new Session();
$ses->getName('PANIER');
$test=array('');
$test=$ses;
// $user_id = $this->getUser()->getId(); //à modifier!!!!!
$em = $this->getDoctrine()->getManager();
$produit = $em->getRepository(Produit::class)->find($id);
$test = $em->getRepository(Panier::class)->findExistant($id, 1);
// $session->replace(array_push($produit,));
if(($produit != null)&&(empty($test)))
{
array_push($test,$produit->getNom(),$produit->getQuantite(),$produit->getPrix());
/* $panier = new Panier();
$panier->setProduitId($produit->getId());
$panier->setUserId(1); //à changer avec le fos
$panier->setDate(new \DateTime("now"));
$panier->setPrixTotal($produit->getPrix());
$em->persist($panier);
*/ $em->flush();
$msg = "success";
// return $this->redirectToRoute('Dashboard');
}
else
{
//return $this->render('BoutiqueBundle:FrontViews:404.html.twig');
$msg = "failure";
}
return new JsonResponse(array('msg' => $msg));
}
i didn't know how to do it correctly or if my idea is wrong so hope u guys got what i need to do
Here is how I am doing it in Symfony 4, (I think this part is unchanged). First I have declared my session keys as class constants on the entities to avoid collisions.
class Appointment
{
const SESSION_KEY = 'confirmed_app_entity_appointment';
...
}
Then in the controller use the SessionInterface and it will get autowired into your controller method with a typehinted parameter (SessionInterface $session). Symfony will handle starting the session, just set, get, and/or remove the key as needed.
use Symfony\Component\HttpFoundation\Session\SessionInterface;
...
public function confirmAppointment($first_name, $last_name, $time, SessionInterface $session)
{
...
$session->set(Appointment::SESSION_KEY, $appointment);
$session->set(StaffMember::SESSION_KEY_SELECTED_STAFF, $member);
...
if ($this->isConflict($appointment)) {
$session->remove(Appointment::SESSION_KEY);
$session->remove(StaffMember::SESSION_KEY_AUTH);
$this->addFlash('error', 'Failed to create Appointment, conflict found');
return $this->redirectToRoute('customer');
}
...
}
public function saveAppointment(SessionInterface $session)
{
if (!empty($session->get(Appointment::SESSION_KEY))) {
$appointment = $session->get(Appointment::SESSION_KEY);
}
...
}
I have locked users that can re-activate their account if they enter a valid ValidationCode on login. As the user is previously locked, I use AuthenticationFailureListener to detect the login failure and determine if there is a valid validation code, according to log tracing every action seems to have correct data and everything should work ok but the problem is the data remains the same, nothing is persisted in database, so no change occurs.
This is my code:
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
{
$userReactivated = false;
// Checks if error is due to user locked and
if ( $exception instanceof LockedException )
{
$username = $request->request->get("_username");
$v_code = $request->request->get("_validation_code");
error_log("{$username} {$v_code}");
$user = $this->em->getRepository("AppUserBundle:Usuario")->findOneBy(array('username' => $username));
if ($user != null)
{
$validationCode = $this->em->getRepository("AppUserBundle:ValidationCode")->findOneBy(array('code' => $v_code));
if ($validationCode != null)
{
error_log("Code " . $validationCode->getId());
if ($validationCode->isActive())
{
$user->setValidationCode($validationCode);
$userReactivated = true;
$user->setLocked(false);
$this->em->persist($user);
$this->em->flush();
}
}
}
}
if (!$userReactivated)
return parent::onAuthenticationFailure($request, $exception);
else
{
return true; // TODO: login user and redirect to home page
}
}
if (!$userReactivated) {
$exception->setUser($user);
return parent::onAuthenticationFailure($request, $exception);
} else {
return true; // TODO: login user and redirect to home page
}
I am implementing my own profile settings page. This will allow the user to change their name, email, password etc.
I understand FOSUserBundle has prebuilt /profile/edit and /profile/change-password. I would like to use the same functionality here except in my own twig bundles. I am not using FormBuilder.
This is my controller for changing user settings.
public function applySettings(Request $request)
{
$user = $this->getUser();
$dm = $this->get('doctrine_mongodb')->getManager();
$repository = $dm->getRepository('AppBundle:User');
$name = $request->get('_username');
$email = $request->get('_email');
$password = $request->get('_password');
$confirm = $request->get('_confirm');
if ($name != null) {
if ($name == ($repository->findOneBy(array('username' => $name )))) {
throw $this->createNotFoundException('Username already in use');
} else {
// username changed
$user->setUsername($name);
}
}
if ($email != null) {
if ($email == ($repository->findOneBy(array('email' => $email )))) {
throw $this->createNotFoundException('Email already in use');
} else {
// email changed
$user->setEmail($email);
}
}
if (strcmp($password, $confirm) == 0) {
// password = confirm here
// change password functionality done here
} else {
throw $this->createNotFoundException(
'Passwords do not match '
);
}
$dm->flush();
return $this->redirectToRoute('settings');
}
Is there a way I can do password validation in my own controller, salt and store the password if valid?
Also is there a way to apply the same validation methods that exist in /register/ and /profile/change-password where the alert comes up if the passwords do not match before submitting?
Any help would be greatly appreciated.
I am using Symfony 2.6.1 and the latest version of FOSUserBundle.
This is the function I used. Works but doesn't do the live validation check.
if (strcmp($password, $confirm) == 0) {
$encoder_service = $this->get('security.encoder_factory');
$encoder = $encoder_service->getEncoder($user);
$newpass = $encoder->encodePassword($password, $user->getSalt());
$user->setPassword($newpass);
} else {
throw $this->createNotFoundException(
'Passwords do not match '
);
}
I need to get the newsletter subscription thing working. The logic i am using is when the user submits his email, i check if there is already a user registered to the site with the email. If yes, i check if he is subscribed to newsletter and do the appropriate subscription. If the email is not in the registered user list, then i have a newsletter table for anonymous users. I check here if he is subscribed or not and do the necessary action.
Here is my controller action code:
/**
* #Route("/newsletter/", name="site_newsletter")
* #return array
*/
public function newsletterSubscriptionAction(httpRequest $request)
{
$email = $request->request->get('email');
try {
$email = $request->request->get('email');
$em = $this->getDoctrine()->getEntityManager();
$query = $em->createQuery(
'SELECT u FROM MyBundle:User u WHERE u.email = :email'
)->setParameter('email', $email);
$user = $query->getSingleResult();
if(!is_object($user)){ //this means anonymous user not registered to site
$em = $this->getDoctrine()->getEntityManager();
$query = $em->createQuery(
'SELECT n FROM MyBundle:Newsletter n WHERE n.email = :email AND n.isSubscribed = 1'
)->setParameter('email', $email);
$record = $query->getSingleResult();
if($record){
$msg = "You are already subscribed!";
}else{
$newsletter = new Newsletter();
$newsletter->setEmail($email);
$newsletter->setIsSubscribed(true);
$em = $this->getDoctrine()->getEntityManager();
$em->persist($newsletter);
$em->flush();
$msg = "You have been subscribed to our newsletter! Thank You.";
}
}else{
if($user->getNewsletterSubscription()){
$msg = "You are already subscribed!";
}else{
$user->setNewsletterSubscription(1);
$em = $this->getDoctrine()->getEntityManager();
$em->flush();
$msg = "You have been subscribed to our newsletter! Thank You.";
}
}
}
catch (\Exception $e) {
$msg = 'Some problem occured. Please try again later';
}
if ($this->getRequest()->isXmlHttpRequest()) {
return new \Symfony\Component\HttpFoundation\Response($msg);
return array('msg' => $msg);
}
}
I am using ajax to call this controller action. This isn't working. The data m getting back to the ajax is redirected login page.
I am using FOSUSerBundle by the way to manage users. Is this causing any issue? Whats the best way to implement it?
Thanks in advance!
It sounds like you need to give anon users permission to use your subscription route.
In your security.yml file, add something like:
security:
access_control:
- { path: ^/subscribe, roles: IS_AUTHENTICATED_ANONYMOUSLY }