ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2025-05-31 14:11:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Cleanup User Component, update tests

Browse Source
This commit is contained in:
ErickSkrauch
2019-07-26 17:04:57 +03:00
parent 445c234360
commit 4c2a9cc172
7 changed files with 172 additions and 155 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
api/models/authentication/ConfirmEmailForm.php
View File

@@ -4,12 +4,14 @@ declare(strict_types=1);
namespace api\models\authentication;
use api\aop\annotations\CollectModelMetrics;
use api\components\User\AuthenticationResult;
use api\models\base\ApiForm;
use api\validators\EmailActivationKeyValidator;
use common\models\Account;
use common\models\AccountSession;
use common\models\EmailActivation;
use Webmozart\Assert\Assert;
use Yii;
use yii\base\ErrorException;
class ConfirmEmailForm extends ApiForm {
@@ -23,8 +25,8 @@ class ConfirmEmailForm extends ApiForm {
/**
* @CollectModelMetrics(prefix="signup.confirmEmail")
* @return \api\components\User\AuthenticationResult|bool
* @throws ErrorException
* @return AuthenticationResult|bool
* @throws \Throwable
*/
public function confirm() {
if (!$this->validate()) {
@@ -37,17 +39,22 @@ class ConfirmEmailForm extends ApiForm {
$confirmModel = $this->key;
$account = $confirmModel->account;
$account->status = Account::STATUS_ACTIVE;
if (!$confirmModel->delete()) {
throw new ErrorException('Unable remove activation key.');
}
Assert::notSame($confirmModel->delete(), false, 'Unable remove activation key.');
if (!$account->save()) {
throw new ErrorException('Unable activate user account.');
}
Assert::true($account->save(), 'Unable activate user account.');
$session = new AccountSession();
$session->account_id = $account->id;
$session->setIp(Yii::$app->request->userIP);
$session->generateRefreshToken();
Assert::true($session->save(), 'Cannot save account session model');
$token = Yii::$app->user->createJwtAuthenticationToken($account, $session);
$jwt = Yii::$app->user->serializeToken($token);
$transaction->commit();
return Yii::$app->user->createJwtAuthenticationToken($account, true);
return new AuthenticationResult($account, $jwt, $session);
}
}

44
api/models/authentication/LoginForm.php
View File

@@ -1,12 +1,17 @@
<?php
declare(strict_types=1);
namespace api\models\authentication;
use api\aop\annotations\CollectModelMetrics;
use api\components\User\AuthenticationResult;
use api\models\base\ApiForm;
use api\traits\AccountFinder;
use api\validators\TotpValidator;
use common\helpers\Error as E;
use common\models\Account;
use common\models\AccountSession;
use Webmozart\Assert\Assert;
use Yii;
class LoginForm extends ApiForm {
@@ -41,15 +46,13 @@ class LoginForm extends ApiForm {
];
}
public function validateLogin($attribute) {
if (!$this->hasErrors()) {
if ($this->getAccount() === null) {
$this->addError($attribute, E::LOGIN_NOT_EXIST);
}
public function validateLogin(string $attribute): void {
if (!$this->hasErrors() && $this->getAccount() === null) {
$this->addError($attribute, E::LOGIN_NOT_EXIST);
}
}
public function validatePassword($attribute) {
public function validatePassword(string $attribute): void {
if (!$this->hasErrors()) {
$account = $this->getAccount();
if ($account === null || !$account->validatePassword($this->password)) {
@@ -58,11 +61,12 @@ class LoginForm extends ApiForm {
}
}
public function validateTotp($attribute) {
public function validateTotp(string $attribute): void {
if ($this->hasErrors()) {
return;
}
/** @var Account $account */
$account = $this->getAccount();
if (!$account->is_otp_enabled) {
return;
@@ -73,8 +77,9 @@ class LoginForm extends ApiForm {
$validator->validateAttribute($this, $attribute);
}
public function validateActivity($attribute) {
public function validateActivity(string $attribute): void {
if (!$this->hasErrors()) {
/** @var Account $account */
$account = $this->getAccount();
if ($account->status === Account::STATUS_BANNED) {
$this->addError($attribute, E::ACCOUNT_BANNED);
@@ -92,20 +97,37 @@ class LoginForm extends ApiForm {
/**
* @CollectModelMetrics(prefix="authentication.login")
* @return \api\components\User\AuthenticationResult|bool
* @return AuthenticationResult|bool
*/
public function login() {
if (!$this->validate()) {
return false;
}
$transaction = Yii::$app->db->beginTransaction();
/** @var Account $account */
$account = $this->getAccount();
if ($account->password_hash_strategy !== Account::PASS_HASH_STRATEGY_YII2) {
$account->setPassword($this->password);
$account->save();
Assert::true($account->save(), 'Unable to upgrade user\'s password');
}
return Yii::$app->user->createJwtAuthenticationToken($account, $this->rememberMe);
$session = null;
if ($this->rememberMe) {
$session = new AccountSession();
$session->account_id = $account->id;
$session->setIp(Yii::$app->request->userIP);
$session->generateRefreshToken();
Assert::true($session->save(), 'Cannot save account session model');
}
$token = Yii::$app->user->createJwtAuthenticationToken($account, $session);
$jwt = Yii::$app->user->serializeToken($token);
$transaction->commit();
return new AuthenticationResult($account, $jwt, $session);
}
}

29
api/models/authentication/RecoverPasswordForm.php
View File

@@ -1,4 +1,6 @@
<?php
declare(strict_types=1);
namespace api\models\authentication;
use api\aop\annotations\CollectModelMetrics;
@@ -7,8 +9,8 @@ use api\validators\EmailActivationKeyValidator;
use common\helpers\Error as E;
use common\models\EmailActivation;
use common\validators\PasswordValidator;
use Webmozart\Assert\Assert;
use Yii;
use yii\base\ErrorException;
class RecoverPasswordForm extends ApiForm {
@@ -18,7 +20,7 @@ class RecoverPasswordForm extends ApiForm {
public $newRePassword;
public function rules() {
public function rules(): array {
return [
['key', EmailActivationKeyValidator::class, 'type' => EmailActivation::TYPE_FORGOT_PASSWORD_KEY],
['newPassword', 'required', 'message' => E::NEW_PASSWORD_REQUIRED],
@@ -28,18 +30,16 @@ class RecoverPasswordForm extends ApiForm {
];
}
public function validatePasswordAndRePasswordMatch($attribute) {
if (!$this->hasErrors()) {
if ($this->newPassword !== $this->newRePassword) {
$this->addError($attribute, E::NEW_RE_PASSWORD_DOES_NOT_MATCH);
}
public function validatePasswordAndRePasswordMatch(string $attribute): void {
if (!$this->hasErrors() && $this->newPassword !== $this->newRePassword) {
$this->addError($attribute, E::NEW_RE_PASSWORD_DOES_NOT_MATCH);
}
}
/**
* @CollectModelMetrics(prefix="authentication.recoverPassword")
* @return \api\components\User\AuthenticationResult|bool
* @throws ErrorException
* @throws \Throwable
*/
public function recoverPassword() {
if (!$this->validate()) {
@@ -52,17 +52,16 @@ class RecoverPasswordForm extends ApiForm {
$confirmModel = $this->key;
$account = $confirmModel->account;
$account->password = $this->newPassword;
if (!$confirmModel->delete()) {
throw new ErrorException('Unable remove activation key.');
}
Assert::notSame($confirmModel->delete(), false, 'Unable remove activation key.');
if (!$account->save(false)) {
throw new ErrorException('Unable activate user account.');
}
Assert::true($account->save(), 'Unable activate user account.');
$token = Yii::$app->user->createJwtAuthenticationToken($account);
$jwt = Yii::$app->user->serializeToken($token);
$transaction->commit();
return Yii::$app->user->createJwtAuthenticationToken($account, false);
return new \api\components\User\AuthenticationResult($account, $jwt, null);
}
}