mirror of
https://gitlab.com/Chill-Projet/chill-bundles.git
synced 2025-09-29 01:55:01 +00:00
apply more cs rules for php-cs
This commit is contained in:
@@ -12,7 +12,6 @@ declare(strict_types=1);
|
||||
namespace Chill\MainBundle\Security\PasswordRecover;
|
||||
|
||||
use Chill\MainBundle\Entity\User;
|
||||
use Symfony\Component\EventDispatcher\Event;
|
||||
|
||||
class PasswordRecoverEvent extends \Symfony\Contracts\EventDispatcher\Event
|
||||
{
|
||||
@@ -23,8 +22,8 @@ class PasswordRecoverEvent extends \Symfony\Contracts\EventDispatcher\Event
|
||||
final public const INVALID_TOKEN = 'chill_main.password_recover_invalid_token';
|
||||
|
||||
/**
|
||||
* @param bool $safelyGenerated true if generated safely (from console command, etc.)
|
||||
* @param null|mixed $ip
|
||||
* @param bool $safelyGenerated true if generated safely (from console command, etc.)
|
||||
* @param mixed|null $ip
|
||||
*/
|
||||
public function __construct(
|
||||
private readonly ?string $token = null,
|
||||
@@ -46,7 +45,7 @@ class PasswordRecoverEvent extends \Symfony\Contracts\EventDispatcher\Event
|
||||
return $this->token;
|
||||
}
|
||||
|
||||
public function getUser(): ?\Chill\MainBundle\Entity\User
|
||||
public function getUser(): ?User
|
||||
{
|
||||
return $this->user;
|
||||
}
|
||||
|
||||
@@ -12,9 +12,7 @@ declare(strict_types=1);
|
||||
namespace Chill\MainBundle\Security\PasswordRecover;
|
||||
|
||||
use Chill\MainBundle\Redis\ChillRedis;
|
||||
use LogicException;
|
||||
use Psr\Log\LoggerInterface;
|
||||
use UnexpectedValueException;
|
||||
|
||||
class PasswordRecoverLocker
|
||||
{
|
||||
@@ -75,7 +73,7 @@ class PasswordRecoverLocker
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $usage 'invalid_token_global' or ...
|
||||
* @param string $usage 'invalid_token_global' or ...
|
||||
* @param mixed|null $discriminator
|
||||
*/
|
||||
public static function generateLockKey($usage, int $number, $discriminator = null)
|
||||
@@ -86,7 +84,7 @@ class PasswordRecoverLocker
|
||||
'ask_token_invalid_form_global' => sprintf('ask_token_invalid_form_global_%d', $number),
|
||||
'ask_token_invalid_form_by_ip' => sprintf('ask_token_invalid_form_by_ip_%s_%d', $discriminator, $number),
|
||||
'ask_token_success_by_user' => sprintf('ask_token_success_by_user_%s_%d', $discriminator->getId(), $number),
|
||||
default => throw new LogicException('this usage is not implemented'),
|
||||
default => throw new \LogicException('this usage is not implemented'),
|
||||
};
|
||||
}
|
||||
|
||||
@@ -98,7 +96,7 @@ class PasswordRecoverLocker
|
||||
'ask_token_invalid_form_global' => self::MAX_ASK_TOKEN_INVALID_FORM_GLOBAL,
|
||||
'ask_token_invalid_form_by_ip' => self::MAX_ASK_TOKEN_INVALID_FORM_BY_IP,
|
||||
'ask_token_success_by_user' => self::MAX_ASK_TOKEN_BY_USER,
|
||||
default => throw new UnexpectedValueException("this usage '{$usage}' is not yet implemented"),
|
||||
default => throw new \UnexpectedValueException("this usage '{$usage}' is not yet implemented"),
|
||||
};
|
||||
}
|
||||
|
||||
@@ -108,7 +106,7 @@ class PasswordRecoverLocker
|
||||
'invalid_token_global', 'invalid_token_by_ip' => self::INVALID_TOKEN_TTL,
|
||||
'ask_token_invalid_form_global', 'ask_token_invalid_form_by_ip' => self::ASK_TOKEN_INVALID_FORM_TTL,
|
||||
'ask_token_success_by_user' => self::ASK_TOKEN_INVALID_FORM_TTL * 24,
|
||||
default => throw new UnexpectedValueException("this usage '{$usage}' is not yet implemented"),
|
||||
default => throw new \UnexpectedValueException("this usage '{$usage}' is not yet implemented"),
|
||||
};
|
||||
}
|
||||
|
||||
@@ -119,7 +117,7 @@ class PasswordRecoverLocker
|
||||
for ($i = 0; $i < $max; ++$i) {
|
||||
$key = self::generateLockKey($usage, $i, $discriminator);
|
||||
|
||||
if ($this->chillRedis->exists($key) === 0) {
|
||||
if (0 === $this->chillRedis->exists($key)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -16,8 +16,6 @@ use Symfony\Component\HttpFoundation\RequestStack;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
use function in_array;
|
||||
|
||||
class PasswordRecoverVoter extends Voter
|
||||
{
|
||||
final public const ASK_TOKEN = 'CHILL_PASSWORD_ASK_TOKEN';
|
||||
@@ -47,7 +45,7 @@ class PasswordRecoverVoter extends Voter
|
||||
|
||||
protected function supports($attribute, $subject): bool
|
||||
{
|
||||
if (!in_array($attribute, $this->supported, true)) {
|
||||
if (!\in_array($attribute, $this->supported, true)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
@@ -12,14 +12,10 @@ declare(strict_types=1);
|
||||
namespace Chill\MainBundle\Security\PasswordRecover;
|
||||
|
||||
use Chill\MainBundle\Entity\User;
|
||||
use Chill\MainBundle\Notification\Mailer;
|
||||
use DateTimeInterface;
|
||||
use Symfony\Bridge\Twig\Mime\TemplatedEmail;
|
||||
use Symfony\Component\Mailer\MailerInterface;
|
||||
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
|
||||
|
||||
use function array_merge;
|
||||
|
||||
class RecoverPasswordHelper
|
||||
{
|
||||
final public const RECOVER_PASSWORD_ROUTE = 'password_recover';
|
||||
@@ -27,16 +23,16 @@ class RecoverPasswordHelper
|
||||
public function __construct(private readonly TokenManager $tokenManager, private readonly UrlGeneratorInterface $urlGenerator, private readonly MailerInterface $mailer) {}
|
||||
|
||||
/**
|
||||
* @param bool $absolute
|
||||
* @param bool $absolute
|
||||
* @param array $parameters additional parameters to url
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function generateUrl(User $user, DateTimeInterface $expiration, $absolute = true, array $parameters = [])
|
||||
public function generateUrl(User $user, \DateTimeInterface $expiration, $absolute = true, array $parameters = [])
|
||||
{
|
||||
return $this->urlGenerator->generate(
|
||||
self::RECOVER_PASSWORD_ROUTE,
|
||||
array_merge(
|
||||
\array_merge(
|
||||
$this->tokenManager->generate($user, $expiration),
|
||||
$parameters
|
||||
),
|
||||
@@ -46,7 +42,7 @@ class RecoverPasswordHelper
|
||||
|
||||
public function sendRecoverEmail(
|
||||
User $user,
|
||||
DateTimeInterface $expiration,
|
||||
\DateTimeInterface $expiration,
|
||||
$template = '@ChillMain/Password/recover_email.txt.twig',
|
||||
array $templateParameters = [],
|
||||
$force = false,
|
||||
@@ -54,7 +50,7 @@ class RecoverPasswordHelper
|
||||
$emailSubject = 'Recover your password'
|
||||
) {
|
||||
if (null === $user->getEmail() || '' === trim($user->getEmail())) {
|
||||
throw new \UnexpectedValueException("No emaail associated to the user");
|
||||
throw new \UnexpectedValueException('No emaail associated to the user');
|
||||
}
|
||||
|
||||
$email = (new TemplatedEmail())
|
||||
@@ -64,7 +60,7 @@ class RecoverPasswordHelper
|
||||
->context([
|
||||
'user' => $user,
|
||||
'url' => $this->generateUrl($user, $expiration, true, $additionalUrlParameters),
|
||||
...$templateParameters
|
||||
...$templateParameters,
|
||||
]);
|
||||
|
||||
$this->mailer->send($email);
|
||||
|
||||
@@ -12,18 +12,7 @@ declare(strict_types=1);
|
||||
namespace Chill\MainBundle\Security\PasswordRecover;
|
||||
|
||||
use Chill\MainBundle\Entity\User;
|
||||
use DateTime;
|
||||
use DateTimeImmutable;
|
||||
use DateTimeInterface;
|
||||
use Psr\Log\LoggerInterface;
|
||||
use UnexpectedValueException;
|
||||
|
||||
use function bin2hex;
|
||||
use function hash;
|
||||
use function hex2bin;
|
||||
use function random_bytes;
|
||||
use function strlen;
|
||||
use function trim;
|
||||
|
||||
class TokenManager
|
||||
{
|
||||
@@ -50,21 +39,21 @@ class TokenManager
|
||||
$this->logger = $logger;
|
||||
}
|
||||
|
||||
public function generate(User $user, DateTimeInterface $expiration)
|
||||
public function generate(User $user, \DateTimeInterface $expiration)
|
||||
{
|
||||
$token = random_bytes(self::TOKEN_LENGTH);
|
||||
$token = \random_bytes(self::TOKEN_LENGTH);
|
||||
$username = $user->getUsernameCanonical();
|
||||
|
||||
if (empty($username)) {
|
||||
throw new UnexpectedValueException('username should not be empty to generate a token');
|
||||
throw new \UnexpectedValueException('username should not be empty to generate a token');
|
||||
}
|
||||
|
||||
$timestamp = (string) $expiration->getTimestamp();
|
||||
$hash = hash('sha1', $token . $username . $timestamp . $this->secret);
|
||||
$hash = \hash('sha1', $token.$username.$timestamp.$this->secret);
|
||||
|
||||
return [
|
||||
self::HASH => $hash,
|
||||
self::TOKEN => bin2hex($token),
|
||||
self::TOKEN => \bin2hex($token),
|
||||
self::TIMESTAMP => $timestamp,
|
||||
self::USERNAME_CANONICAL => $username,
|
||||
];
|
||||
@@ -72,23 +61,23 @@ class TokenManager
|
||||
|
||||
public function verify($hash, $token, User $user, string $timestamp)
|
||||
{
|
||||
$token = hex2bin(trim((string) $token));
|
||||
$token = \hex2bin(\trim((string) $token));
|
||||
|
||||
if (strlen($token) !== self::TOKEN_LENGTH) {
|
||||
if (self::TOKEN_LENGTH !== \strlen($token)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$username = $user->getUsernameCanonical();
|
||||
$date = DateTimeImmutable::createFromFormat('U', $timestamp);
|
||||
$date = \DateTimeImmutable::createFromFormat('U', $timestamp);
|
||||
|
||||
if ($date < new DateTime('now')) {
|
||||
if ($date < new \DateTime('now')) {
|
||||
$this->logger->info('receiving a password recover token with expired '
|
||||
. 'validity');
|
||||
.'validity');
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
$expected = hash('sha1', $token . $username . $timestamp . $this->secret);
|
||||
$expected = \hash('sha1', $token.$username.$timestamp.$this->secret);
|
||||
|
||||
if ($expected !== $hash) {
|
||||
return false;
|
||||
|
||||
Reference in New Issue
Block a user