Реализована форма восстановления пароля от аккаунта

Логика проверки пароля вынесена в отдельный валидатор
В composer.json докинута зависимость от php7
This commit is contained in:
ErickSkrauch 2016-05-12 01:13:19 +03:00
parent ebf4947c37
commit 2a4da87fd5
9 changed files with 201 additions and 8 deletions

View File

@ -3,6 +3,7 @@ namespace api\controllers;
use api\models\ForgotPasswordForm; use api\models\ForgotPasswordForm;
use api\models\LoginForm; use api\models\LoginForm;
use api\models\RecoverPasswordForm;
use common\helpers\StringHelper; use common\helpers\StringHelper;
use Yii; use Yii;
use yii\filters\AccessControl; use yii\filters\AccessControl;
@ -13,13 +14,13 @@ class AuthenticationController extends Controller {
public function behaviors() { public function behaviors() {
return ArrayHelper::merge(parent::behaviors(), [ return ArrayHelper::merge(parent::behaviors(), [
'authenticator' => [ 'authenticator' => [
'except' => ['login', 'forgot-password'], 'except' => ['login', 'forgot-password', 'recover-password'],
], ],
'access' => [ 'access' => [
'class' => AccessControl::class, 'class' => AccessControl::class,
'rules' => [ 'rules' => [
[ [
'actions' => ['login', 'forgot-password'], 'actions' => ['login', 'forgot-password', 'recover-password'],
'allow' => true, 'allow' => true,
'roles' => ['?'], 'roles' => ['?'],
], ],
@ -32,6 +33,7 @@ class AuthenticationController extends Controller {
return [ return [
'login' => ['POST'], 'login' => ['POST'],
'forgot-password' => ['POST'], 'forgot-password' => ['POST'],
'recover-password' => ['POST'],
]; ];
} }
@ -93,4 +95,20 @@ class AuthenticationController extends Controller {
return $response; return $response;
} }
public function actionRecoverPassword() {
$model = new RecoverPasswordForm();
$model->load(Yii::$app->request->post());
if (($jwt = $model->recoverPassword()) === false) {
return [
'success' => false,
'errors' => $this->normalizeModelErrors($model->getErrors()),
];
}
return [
'success' => true,
'jwt' => $jwt,
];
}
} }

View File

@ -1,9 +1,9 @@
<?php <?php
namespace api\models; namespace api\models;
use api\models\base\ApiForm;
use api\models\base\PasswordProtectedForm; use api\models\base\PasswordProtectedForm;
use common\models\Account; use common\models\Account;
use common\validators\PasswordValidate;
use Yii; use Yii;
use yii\helpers\ArrayHelper; use yii\helpers\ArrayHelper;
@ -25,9 +25,8 @@ class ChangePasswordForm extends PasswordProtectedForm {
*/ */
public function rules() { public function rules() {
return ArrayHelper::merge(parent::rules(), [ return ArrayHelper::merge(parent::rules(), [
['newPassword', 'required', 'message' => 'error.newPassword_required'], [['newPassword', 'newRePassword'], 'required', 'message' => 'error.{attribute}_required'],
['newRePassword', 'required', 'message' => 'error.newRePassword_required'], ['newPassword', PasswordValidate::class],
['newPassword', 'string', 'min' => 8, 'tooShort' => 'error.password_too_short'],
['newRePassword', 'validatePasswordAndRePasswordMatch'], ['newRePassword', 'validatePasswordAndRePasswordMatch'],
['logoutAll', 'boolean'], ['logoutAll', 'boolean'],
]); ]);

View File

@ -0,0 +1,71 @@
<?php
namespace api\models;
use api\models\base\KeyConfirmationForm;
use common\models\EmailActivation;
use common\validators\PasswordValidate;
use Yii;
use yii\base\ErrorException;
class RecoverPasswordForm extends KeyConfirmationForm {
public $newPassword;
public $newRePassword;
public function rules() {
return array_merge(parent::rules(), [
[['newPassword', 'newRePassword'], 'required', 'message' => 'error.{attribute}_required'],
['newPassword', PasswordValidate::class],
['newRePassword', 'validatePasswordAndRePasswordMatch'],
]);
}
public function validatePasswordAndRePasswordMatch($attribute) {
if (!$this->hasErrors()) {
if ($this->newPassword !== $this->newRePassword) {
$this->addError($attribute, 'error.rePassword_does_not_match');
}
}
}
public function recoverPassword() {
if (!$this->validate()) {
return false;
}
$confirmModel = $this->getActivationCodeModel();
if ($confirmModel->type !== EmailActivation::TYPE_FORGOT_PASSWORD_KEY) {
$confirmModel->delete();
// TODO: вот где-то здесь нужно ещё попутно сгенерировать соответствующую ошибку
return false;
}
$transaction = Yii::$app->db->beginTransaction();
try {
$account = $confirmModel->account;
$account->password = $this->newPassword;
if (!$confirmModel->delete()) {
throw new ErrorException('Unable remove activation key.');
}
if (!$account->save()) {
throw new ErrorException('Unable activate user account.');
}
$transaction->commit();
} catch (ErrorException $e) {
$transaction->rollBack();
if (YII_DEBUG) {
throw $e;
} else {
return false;
}
}
// TODO: ещё было бы неплохо уведомить пользователя о том, что его E-mail изменился
return $account->getJWT();
}
}

View File

@ -7,6 +7,7 @@ use common\components\UserFriendlyRandomKey;
use common\models\Account; use common\models\Account;
use common\models\confirmations\RegistrationConfirmation; use common\models\confirmations\RegistrationConfirmation;
use common\models\EmailActivation; use common\models\EmailActivation;
use common\validators\PasswordValidate;
use Ramsey\Uuid\Uuid; use Ramsey\Uuid\Uuid;
use Yii; use Yii;
use yii\base\ErrorException; use yii\base\ErrorException;
@ -30,7 +31,7 @@ class RegistrationForm extends ApiForm {
['password', 'required', 'message' => 'error.password_required'], ['password', 'required', 'message' => 'error.password_required'],
['rePassword', 'required', 'message' => 'error.rePassword_required'], ['rePassword', 'required', 'message' => 'error.rePassword_required'],
['password', 'string', 'min' => 8, 'tooShort' => 'error.password_too_short'], ['password', PasswordValidate::class],
['rePassword', 'validatePasswordAndRePasswordMatch'], ['rePassword', 'validatePasswordAndRePasswordMatch'],
]; ];
} }

View File

@ -0,0 +1,15 @@
<?php
namespace common\validators;
use yii\validators\StringValidator;
/**
* Класс должен реализовывать в себе все критерии валидации пароля пользователя
*/
class PasswordValidate extends StringValidator {
public $min = 8;
public $tooShort = 'error.password_too_short';
}

View File

@ -14,7 +14,7 @@
}, },
"minimum-stability": "stable", "minimum-stability": "stable",
"require": { "require": {
"php": ">=5.6.0", "php": "~7.0.6",
"yiisoft/yii2": "~2.0.6", "yiisoft/yii2": "~2.0.6",
"yiisoft/yii2-bootstrap": "*", "yiisoft/yii2-bootstrap": "*",
"yiisoft/yii2-swiftmailer": "*", "yiisoft/yii2-swiftmailer": "*",

View File

@ -23,4 +23,13 @@ class AuthenticationRoute extends BasePage {
]); ]);
} }
public function recoverPassword($key = null, $newPassword = null, $newRePassword = null) {
$this->route = ['authentication/recover-password'];
$this->actor->sendPOST($this->getUrl(), [
'key' => $key,
'newPassword' => $newPassword,
'newRePassword' => $newRePassword,
]);
}
} }

View File

@ -0,0 +1,36 @@
<?php
namespace codeception\api\functional;
use tests\codeception\api\_pages\AccountsRoute;
use tests\codeception\api\_pages\AuthenticationRoute;
use tests\codeception\api\FunctionalTester;
class RecoverPasswordCest {
public function testDataForFrequencyError(FunctionalTester $I) {
$authRoute = new AuthenticationRoute($I);
$I->wantTo('change my account password, using key from email');
$authRoute->recoverPassword('H24HBDCHHAG2HGHGHS', '12345678', '12345678');
$I->canSeeResponseContainsJson([
'success' => true,
]);
$I->canSeeResponseJsonMatchesJsonPath('$.jwt');
$I->wantTo('ensure, that jwt token is valid');
$jwt = $I->grabDataFromResponseByJsonPath('$.jwt')[0];
$I->amBearerAuthenticated($jwt);
$accountRoute = new AccountsRoute($I);
$accountRoute->current();
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseIsJson();
$I->notLoggedIn();
$I->wantTo('check, that password is really changed');
$authRoute->login('Notch', '12345678');
$I->canSeeResponseContainsJson([
'success' => true,
]);
}
}

View File

@ -0,0 +1,44 @@
<?php
namespace tests\codeception\api\models;
use api\models\RecoverPasswordForm;
use Codeception\Specify;
use common\models\Account;
use common\models\EmailActivation;
use tests\codeception\api\unit\DbTestCase;
use tests\codeception\common\fixtures\EmailActivationFixture;
use Yii;
/**
* @property array $emailActivations
*/
class RecoverPasswordFormTest extends DbTestCase {
use Specify;
public function fixtures() {
return [
'emailActivations' => [
'class' => EmailActivationFixture::class,
'dataFile' => '@tests/codeception/common/fixtures/data/email-activations.php',
],
];
}
public function testRecoverPassword() {
$fixture = $this->emailActivations['freshPasswordRecovery'];
$this->specify('change user account password by email confirmation key', function() use ($fixture) {
$model = new RecoverPasswordForm([
'key' => $fixture['key'],
'newPassword' => '12345678',
'newRePassword' => '12345678',
]);
expect($model->recoverPassword())->notEquals(false);
$activationExists = EmailActivation::find()->andWhere(['key' => $fixture['key']])->exists();
expect($activationExists)->false();
/** @var Account $account */
$account = Account::findOne($fixture['account_id']);
expect($account->validatePassword('12345678'))->true();
});
}
}