ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2024-11-27 01:02:06 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge branch '274-email-activation-error' into develop

Browse Source
This commit is contained in:
ErickSkrauch 2016-12-23 01:23:51 +03:00
commit 0b85354917
8 changed files with 197 additions and 234 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
api/models/authentication/ConfirmEmailForm.php
View File

@ -2,56 +2,53 @@
namespace api\models\authentication; namespace api\models\authentication;
use api\models\AccountIdentity; use api\models\AccountIdentity;
use api\models\base\KeyConfirmationForm; use api\models\base\ApiForm;
use api\models\profile\ChangeUsernameForm; use api\models\profile\ChangeUsernameForm;
use api\validators\EmailActivationKeyValidator;
use common\models\Account; use common\models\Account;
use common\models\EmailActivation; use common\models\EmailActivation;
use Yii; use Yii;
use yii\base\ErrorException; use yii\base\ErrorException;
class ConfirmEmailForm extends KeyConfirmationForm { class ConfirmEmailForm extends ApiForm {
public $key;
public function rules() {
return [
['key', EmailActivationKeyValidator::class, 'type' => EmailActivation::TYPE_REGISTRATION_EMAIL_CONFIRMATION],
];
}
/**
* @return \api\components\User\LoginResult|bool
* @throws ErrorException
*/
public function confirm() { public function confirm() {
if (!$this->validate()) { if (!$this->validate()) {
return false; return false;
} }
$confirmModel = $this->getActivationCodeModel();
if ($confirmModel->type !== EmailActivation::TYPE_REGISTRATION_EMAIL_CONFIRMATION) {
$confirmModel->delete();
// TODO: вот где-то здесь нужно ещё попутно сгенерировать соответствующую ошибку
return false;
}
$transaction = Yii::$app->db->beginTransaction(); $transaction = Yii::$app->db->beginTransaction();
try {
$account = $confirmModel->account;
$account->status = Account::STATUS_ACTIVE;
if (!$confirmModel->delete()) {
throw new ErrorException('Unable remove activation key.');
}
if (!$account->save()) { /** @var \common\models\confirmations\RegistrationConfirmation $confirmModel */
throw new ErrorException('Unable activate user account.'); $confirmModel = $this->key;
} $account = $confirmModel->account;
$account->status = Account::STATUS_ACTIVE;
$changeUsernameForm = new ChangeUsernameForm(); if (!$confirmModel->delete()) {
$changeUsernameForm->createEventTask($account->id, $account->username, null); throw new ErrorException('Unable remove activation key.');
$transaction->commit();
} catch (ErrorException $e) {
$transaction->rollBack();
if (YII_DEBUG) {
throw $e;
} else {
return false;
}
} }
/** @var \api\components\User\Component $component */ if (!$account->save()) {
$component = Yii::$app->user; throw new ErrorException('Unable activate user account.');
}
return $component->login(new AccountIdentity($account->attributes), true); $changeUsernameForm = new ChangeUsernameForm();
$changeUsernameForm->createEventTask($account->id, $account->username, null);
$transaction->commit();
return Yii::$app->user->login(new AccountIdentity($account->attributes), true);
} }
} }

56
api/models/authentication/RecoverPasswordForm.php
View File

@ -2,26 +2,30 @@
namespace api\models\authentication; namespace api\models\authentication;
use api\models\AccountIdentity; use api\models\AccountIdentity;
use api\models\base\KeyConfirmationForm; use api\models\base\ApiForm;
use api\validators\EmailActivationKeyValidator;
use common\helpers\Error as E; use common\helpers\Error as E;
use common\models\EmailActivation; use common\models\EmailActivation;
use common\validators\PasswordValidator; use common\validators\PasswordValidator;
use Yii; use Yii;
use yii\base\ErrorException; use yii\base\ErrorException;
class RecoverPasswordForm extends KeyConfirmationForm { class RecoverPasswordForm extends ApiForm {
public $key;
public $newPassword; public $newPassword;
public $newRePassword; public $newRePassword;
public function rules() { public function rules() {
return array_merge(parent::rules(), [ return [
['key', EmailActivationKeyValidator::class, 'type' => EmailActivation::TYPE_FORGOT_PASSWORD_KEY],
['newPassword', 'required', 'message' => E::NEW_PASSWORD_REQUIRED], ['newPassword', 'required', 'message' => E::NEW_PASSWORD_REQUIRED],
['newRePassword', 'required', 'message' => E::NEW_RE_PASSWORD_REQUIRED], ['newRePassword', 'required', 'message' => E::NEW_RE_PASSWORD_REQUIRED],
['newPassword', PasswordValidator::class], ['newPassword', PasswordValidator::class],
['newRePassword', 'validatePasswordAndRePasswordMatch'], ['newRePassword', 'validatePasswordAndRePasswordMatch'],
]); ];
} }
public function validatePasswordAndRePasswordMatch($attribute) { public function validatePasswordAndRePasswordMatch($attribute) {
@ -32,46 +36,32 @@ class RecoverPasswordForm extends KeyConfirmationForm {
} }
} }
/**
* @return \api\components\User\LoginResult|bool
* @throws ErrorException
*/
public function recoverPassword() { public function recoverPassword() {
if (!$this->validate()) { if (!$this->validate()) {
return false; return false;
} }
$confirmModel = $this->getActivationCodeModel();
if ($confirmModel->type !== EmailActivation::TYPE_FORGOT_PASSWORD_KEY) {
$confirmModel->delete();
// TODO: вот где-то здесь нужно ещё попутно сгенерировать соответствующую ошибку
return false;
}
$transaction = Yii::$app->db->beginTransaction(); $transaction = Yii::$app->db->beginTransaction();
try {
$account = $confirmModel->account;
$account->password = $this->newPassword;
if (!$confirmModel->delete()) {
throw new ErrorException('Unable remove activation key.');
}
if (!$account->save(false)) { /** @var \common\models\confirmations\ForgotPassword $confirmModel */
throw new ErrorException('Unable activate user account.'); $confirmModel = $this->key;
} $account = $confirmModel->account;
$account->password = $this->newPassword;
$transaction->commit(); if (!$confirmModel->delete()) {
} catch (ErrorException $e) { throw new ErrorException('Unable remove activation key.');
$transaction->rollBack();
if (YII_DEBUG) {
throw $e;
} else {
return false;
}
} }
// TODO: ещё было бы неплохо уведомить пользователя о том, что его пароль изменился if (!$account->save(false)) {
throw new ErrorException('Unable activate user account.');
}
/** @var \api\components\User\Component $component */ $transaction->commit();
$component = Yii::$app->user;
return $component->login(new AccountIdentity($account->attributes), false); return Yii::$app->user->login(new AccountIdentity($account->attributes), false);
} }
} }

33
api/models/base/KeyConfirmationForm.php
View File

@ -1,33 +0,0 @@
<?php
namespace api\models\base;
use common\helpers\Error as E;
use api\validators\EmailActivationKeyValidator;
use common\models\EmailActivation;
class KeyConfirmationForm extends ApiForm {
public $key;
private $model;
public function rules() {
return [
// TODO: нужно провалидировать количество попыток ввода кода для определённого IP адреса и в случае чего запросить капчу
['key', 'required', 'message' => E::KEY_REQUIRED],
['key', EmailActivationKeyValidator::class],
];
}
/**
* @return EmailActivation|null
*/
public function getActivationCodeModel() {
if ($this->model === null) {
$this->model = EmailActivation::findOne($this->key);
}
return $this->model;
}
}

53
api/models/profile/ChangeEmail/ConfirmNewEmailForm.php
View File

@ -1,60 +1,60 @@
<?php <?php
namespace api\models\profile\ChangeEmail; namespace api\models\profile\ChangeEmail;
use api\models\base\KeyConfirmationForm; use api\models\base\ApiForm;
use api\validators\EmailActivationKeyValidator;
use common\helpers\Amqp; use common\helpers\Amqp;
use common\models\Account; use common\models\Account;
use common\models\amqp\EmailChanged; use common\models\amqp\EmailChanged;
use Exception; use common\models\EmailActivation;
use PhpAmqpLib\Message\AMQPMessage; use PhpAmqpLib\Message\AMQPMessage;
use Yii; use Yii;
use yii\base\ErrorException; use yii\base\ErrorException;
class ConfirmNewEmailForm extends KeyConfirmationForm { class ConfirmNewEmailForm extends ApiForm {
public $key;
/** /**
* @var Account * @var Account
*/ */
private $account; private $account;
public function __construct(Account $account, array $config = []) { public function rules() {
$this->account = $account; return [
parent::__construct($config); ['key', EmailActivationKeyValidator::class, 'type' => EmailActivation::TYPE_NEW_EMAIL_CONFIRMATION],
];
} }
/** /**
* @return Account * @return Account
*/ */
public function getAccount() : Account { public function getAccount(): Account {
return $this->account; return $this->account;
} }
public function changeEmail() : bool { public function changeEmail(): bool {
if (!$this->validate()) { if (!$this->validate()) {
return false; return false;
} }
$transaction = Yii::$app->db->beginTransaction(); $transaction = Yii::$app->db->beginTransaction();
try {
/** @var \common\models\confirmations\NewEmailConfirmation $activation */
$activation = $this->getActivationCodeModel();
$activation->delete();
$account = $this->getAccount(); /** @var \common\models\confirmations\NewEmailConfirmation $activation */
$oldEmail = $account->email; $activation = $this->key;
$account->email = $activation->newEmail; $activation->delete();
if (!$account->save()) {
throw new ErrorException('Cannot save new account email value');
}
$this->createTask($account->id, $account->email, $oldEmail); $account = $this->getAccount();
$oldEmail = $account->email;
$transaction->commit(); $account->email = $activation->newEmail;
} catch (Exception $e) { if (!$account->save()) {
$transaction->rollBack(); throw new ErrorException('Cannot save new account email value');
throw $e;
} }
$this->createTask($account->id, $account->email, $oldEmail);
$transaction->commit();
return true; return true;
} }
@ -77,4 +77,9 @@ class ConfirmNewEmailForm extends KeyConfirmationForm {
Amqp::sendToEventsExchange('accounts.email-changed', $message); Amqp::sendToEventsExchange('accounts.email-changed', $message);
} }
public function __construct(Account $account, array $config = []) {
$this->account = $account;
parent::__construct($config);
}
} }

44
api/models/profile/ChangeEmail/NewEmailForm.php
View File

@ -1,17 +1,19 @@
<?php <?php
namespace api\models\profile\ChangeEmail; namespace api\models\profile\ChangeEmail;
use api\models\base\KeyConfirmationForm; use api\models\base\ApiForm;
use api\validators\EmailActivationKeyValidator;
use common\models\Account; use common\models\Account;
use common\models\confirmations\NewEmailConfirmation; use common\models\confirmations\NewEmailConfirmation;
use common\models\EmailActivation; use common\models\EmailActivation;
use common\validators\EmailValidator; use common\validators\EmailValidator;
use Yii; use Yii;
use yii\base\ErrorException; use yii\base\ErrorException;
use yii\base\Exception;
use yii\base\InvalidConfigException; use yii\base\InvalidConfigException;
class NewEmailForm extends KeyConfirmationForm { class NewEmailForm extends ApiForm {
public $key;
public $email; public $email;
@ -20,39 +22,32 @@ class NewEmailForm extends KeyConfirmationForm {
*/ */
private $account; private $account;
public function __construct(Account $account, array $config = []) {
$this->account = $account;
parent::__construct($config);
}
public function rules() { public function rules() {
return array_merge(parent::rules(), [ return [
['key', EmailActivationKeyValidator::class, 'type' => EmailActivation::TYPE_CURRENT_EMAIL_CONFIRMATION],
['email', EmailValidator::class], ['email', EmailValidator::class],
]); ];
} }
public function getAccount() : Account { public function getAccount(): Account {
return $this->account; return $this->account;
} }
public function sendNewEmailConfirmation() { public function sendNewEmailConfirmation(): bool {
if (!$this->validate()) { if (!$this->validate()) {
return false; return false;
} }
$transaction = Yii::$app->db->beginTransaction(); $transaction = Yii::$app->db->beginTransaction();
try {
$previousActivation = $this->getActivationCodeModel();
$previousActivation->delete();
$activation = $this->createCode(); /** @var \common\models\confirmations\CurrentEmailConfirmation $previousActivation */
$this->sendCode($activation); $previousActivation = $this->key;
$previousActivation->delete();
$transaction->commit(); $activation = $this->createCode();
} catch (Exception $e) { $this->sendCode($activation);
$transaction->rollBack();
throw $e; $transaction->commit();
}
return true; return true;
} }
@ -98,4 +93,9 @@ class NewEmailForm extends KeyConfirmationForm {
} }
} }
public function __construct(Account $account, array $config = []) {
$this->account = $account;
parent::__construct($config);
}
} }

48
api/validators/EmailActivationKeyValidator.php
View File

@ -5,30 +5,54 @@ use common\helpers\Error as E;
use common\models\EmailActivation; use common\models\EmailActivation;
use yii\validators\Validator; use yii\validators\Validator;
/**
* Валидатор для проверки полученного от пользователя кода активации.
* В случае успешной валидации подменяет значение поля на актуальную модель
*/
class EmailActivationKeyValidator extends Validator { class EmailActivationKeyValidator extends Validator {
/**
* @var int тип ключа. Если не указан, то валидирует по всем ключам.
*/
public $type;
public $keyRequired = E::KEY_REQUIRED;
public $notExist = E::KEY_NOT_EXISTS; public $notExist = E::KEY_NOT_EXISTS;
public $expired = E::KEY_EXPIRE; public $expired = E::KEY_EXPIRE;
public function validateValue($value) { public $skipOnEmpty = false;
if (($model = $this->findEmailActivationModel($value)) === null) {
return [$this->notExist, []]; public function validateAttribute($model, $attribute) {
$value = $model->$attribute;
if (empty($value)) {
$this->addError($model, $attribute, $this->keyRequired);
return;
} }
if ($model->isExpired()) { $activation = $this->findEmailActivationModel($value, $this->type);
return [$this->expired, []]; if ($activation === null) {
$this->addError($model, $attribute, $this->notExist);
return;
} }
return null; if ($activation->isExpired()) {
$this->addError($model, $attribute, $this->expired);
return;
}
$model->$attribute = $activation;
} }
/** protected function findEmailActivationModel(string $key, int $type = null): ?EmailActivation {
* @param string $key $query = EmailActivation::find();
* @return null|EmailActivation $query->andWhere(['key' => $key]);
*/ if ($type !== null) {
protected function findEmailActivationModel($key) { $query->andWhere(['type' => $type]);
return EmailActivation::findOne($key); }
return $query->one();
} }
} }

29
tests/codeception/api/unit/models/base/KeyConfirmationFormTest.php
View File

@ -1,29 +0,0 @@
<?php
namespace tests\codeception\api\models\base;
use api\models\base\KeyConfirmationForm;
use Codeception\Specify;
use common\models\EmailActivation;
use tests\codeception\api\unit\TestCase;
use tests\codeception\common\fixtures\EmailActivationFixture;
class KeyConfirmationFormTest extends TestCase {
use Specify;
public function _fixtures() {
return [
'emailActivations' => EmailActivationFixture::class,
];
}
public function testGetActivationCodeModel() {
$model = new KeyConfirmationForm();
$model->key = $this->tester->grabFixture('emailActivations', 'freshRegistrationConfirmation')['key'];
$this->assertInstanceOf(EmailActivation::class, $model->getActivationCodeModel());
$model = new KeyConfirmationForm();
$model->key = 'this-is-invalid-key';
$this->assertNull($model->getActivationCodeModel());
}
}

105
tests/codeception/api/unit/validators/EmailActivationKeyValidatorTest.php
View File

@ -3,71 +3,80 @@ namespace codeception\api\unit\validators;
use api\validators\EmailActivationKeyValidator; use api\validators\EmailActivationKeyValidator;
use Codeception\Specify; use Codeception\Specify;
use common\helpers\Error as E;
use common\models\confirmations\ForgotPassword; use common\models\confirmations\ForgotPassword;
use common\models\EmailActivation; use common\models\EmailActivation;
use tests\codeception\api\unit\TestCase; use tests\codeception\api\unit\TestCase;
use tests\codeception\common\_support\ProtectedCaller; use tests\codeception\common\_support\ProtectedCaller;
use tests\codeception\common\fixtures\EmailActivationFixture; use tests\codeception\common\fixtures\EmailActivationFixture;
use yii\base\Model;
class EmailActivationKeyValidatorTest extends TestCase { class EmailActivationKeyValidatorTest extends TestCase {
use Specify; use Specify;
use ProtectedCaller; use ProtectedCaller;
public function _fixtures() { public function testValidateAttribute() {
return [ /** @var Model $model */
'emailActivations' => EmailActivationFixture::class, $model = new class extends Model {
]; public $key;
};
/** @var EmailActivationKeyValidator|\PHPUnit_Framework_MockObject_MockObject $validator */
$validator = $this->getMockBuilder(EmailActivationKeyValidator::class)
->setMethods(['findEmailActivationModel'])
->getMock();
$expiredActivation = new ForgotPassword();
$expiredActivation->created_at = time() - $expiredActivation->expirationTimeout - 10;
$validActivation = new EmailActivation();
$validator->expects($this->exactly(3))
->method('findEmailActivationModel')
->willReturnOnConsecutiveCalls(null, $expiredActivation, $validActivation);
$validator->validateAttribute($model, 'key');
$this->assertEquals([E::KEY_REQUIRED], $model->getErrors('key'));
$this->assertNull($model->key);
$model->clearErrors();
$model->key = 'original value';
$validator->validateAttribute($model, 'key');
$this->assertEquals([E::KEY_NOT_EXISTS], $model->getErrors('key'));
$this->assertEquals('original value', $model->key);
$model->clearErrors();
$validator->validateAttribute($model, 'key');
$this->assertEquals([E::KEY_EXPIRE], $model->getErrors('key'));
$this->assertEquals('original value', $model->key);
$model->clearErrors();
$validator->validateAttribute($model, 'key');
$this->assertEmpty($model->getErrors('key'));
$this->assertEquals($validActivation, $model->key);
} }
public function testFindEmailActivationModel() { public function testFindEmailActivationModel() {
$this->specify('get EmailActivation model for exists key', function() { $this->tester->haveFixtures(['emailActivations' => EmailActivationFixture::class]);
$key = $this->tester->grabFixture('emailActivations', 'freshRegistrationConfirmation')['key'];
$model = new EmailActivationKeyValidator();
/** @var EmailActivation $result */
$result = $this->callProtected($model, 'findEmailActivationModel', $key);
expect($result)->isInstanceOf(EmailActivation::class);
expect($result->key)->equals($key);
});
$this->specify('get null model for exists key', function() { $key = $this->tester->grabFixture('emailActivations', 'freshRegistrationConfirmation')['key'];
$model = new EmailActivationKeyValidator(); $model = new EmailActivationKeyValidator();
expect($this->callProtected($model, 'findEmailActivationModel', 'invalid-key'))->null(); /** @var EmailActivation $result */
}); $result = $this->callProtected($model, 'findEmailActivationModel', $key);
} $this->assertInstanceOf(EmailActivation::class, $result, 'valid key without specifying type must return model');
$this->assertEquals($key, $result->key);
public function testValidateValue() { /** @var EmailActivation $result */
$this->specify('get error.key_not_exists with validation wrong key', function () { $result = $this->callProtected($model, 'findEmailActivationModel', $key, 0);
/** @var EmailActivationKeyValidator $model */ $this->assertInstanceOf(EmailActivation::class, $result, 'valid key with valid type must return model');
$model = new class extends EmailActivationKeyValidator {
public function findEmailActivationModel($key) {
return null;
}
};
expect($this->callProtected($model, 'validateValue', null))->equals([$model->notExist, []]);
});
$this->specify('get error.key_expire if we use old key', function () { /** @var EmailActivation $result */
/** @var EmailActivationKeyValidator $model */ $result = $this->callProtected($model, 'findEmailActivationModel', $key, 1);
$model = new class extends EmailActivationKeyValidator { $this->assertNull($result, 'valid key, but invalid type must return null');
public function findEmailActivationModel($key) {
$codeModel = new ForgotPassword();
$codeModel->created_at = time() - $codeModel->expirationTimeout - 10;
return $codeModel; $model = new EmailActivationKeyValidator();
} $result = $this->callProtected($model, 'findEmailActivationModel', 'invalid-key');
}; $this->assertNull($result, 'invalid key must return null');
expect($this->callProtected($model, 'validateValue', null))->equals([$model->expired, []]);
});
$this->specify('no errors, if model exists and not expired', function () {
/** @var EmailActivationKeyValidator $model */
$model = new class extends EmailActivationKeyValidator {
public function findEmailActivationModel($key) {
return new EmailActivation();
}
};
expect($this->callProtected($model, 'validateValue', null))->null();
});
} }
} }