require actual password for change + insert link in menu

2025-08-27 10:03:49 +00:00 · 2018-08-16 13:41:32 +02:00
parent af803cc87d
commit 5b1ba71a8a
9 changed files with 169 additions and 36 deletions
--- a/Form/UserPasswordType.php
+++ b/Form/UserPasswordType.php
@@ -10,9 +10,34 @@ use Symfony\Component\Validator\Constraints\NotBlank;
 use Symfony\Component\Validator\Constraints\Regex;
 use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
 use Symfony\Component\Form\Extension\Core\Type\PasswordType;
+use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
+use Symfony\Component\Validator\Context\ExecutionContextInterface;
+use Symfony\Component\Validator\Constraints\Callback;
+use Psr\Log\LoggerInterface;

 class UserPasswordType extends AbstractType
 {
+    /**
+     *
+     * @var UserPasswordEncoderInterface
+     */
+    protected $passwordEncoder;
+    
+    /**
+     *
+     * @var LoggerInterface
+     */
+    protected $chillLogger;
+    
+    public function __construct(
+        UserPasswordEncoderInterface $passwordEncoder, 
+        LoggerInterface $chillLogger
+    ) {
+        $this->passwordEncoder = $passwordEncoder;
+        $this->chillLogger = $chillLogger;
+    }
+
+    
    /**
     * @param FormBuilderInterface $builder
     * @param array $options
@@ -20,7 +45,7 @@ class UserPasswordType extends AbstractType
    public function buildForm(FormBuilderInterface $builder, array $options)
    {
        $builder
-            ->add('password', RepeatedType::class, array(
+            ->add('new_password', RepeatedType::class, array(
                'type' => PasswordType::class,
                'required' => false,
                'options' => array(),
@@ -45,17 +70,35 @@ class UserPasswordType extends AbstractType
                        ))
                )
            ))
+            ->add('actual_password', PasswordType::class, [
+                'label' => 'Your actual password',
+                'mapped' => false,
+                'constraints' => [
+                    new Callback([
+                        'callback' => function($password, ExecutionContextInterface $context, $payload) use ($options) {
+                            if (TRUE === $this->passwordEncoder->isPasswordValid($options['user'], $password)) {
+                                return;
+                            }
+                            
+                            // password problem :-)
+                            $this->chillLogger
+                                ->notice("incorrect password when trying to change password", [
+                                    'username' => $options['user']->getUsername()
+                                ]);
+                            $context->addViolation('Incorrect password');
+                        }
+                    ])
+                ]
+            ])
        ;
    }
-
-    /**
-     * @param OptionsResolverInterface $resolver
-     */
+    
    public function configureOptions(OptionsResolver $resolver)
    {
-        $resolver->setDefaults(array(
-            'data_classds' => 'Chill\MainBundle\Entity\User'
-        ));
+        $resolver
+            ->setRequired('user')
+            ->setAllowedTypes('user', \Chill\MainBundle\Entity\User::class)
+            ;
    }

    /**