From fcb1fba5c2fdb12c9f4041bd334aaced6f302d91 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Tue, 29 Sep 2015 14:31:52 +0200 Subject: * public registration * remove WSSE implementation * add oAuth2 implementation --- app/AppKernel.php | 1 + app/config/config.yml | 14 ++++++++++++++ app/config/config_prod.yml | 5 ----- app/config/routing.yml | 6 ++++++ app/config/security.yml | 21 +++++++++++---------- app/config/services.yml | 5 ----- 6 files changed, 32 insertions(+), 20 deletions(-) (limited to 'app') diff --git a/app/AppKernel.php b/app/AppKernel.php index 08e14b8f..6f8c3a6d 100644 --- a/app/AppKernel.php +++ b/app/AppKernel.php @@ -26,6 +26,7 @@ class AppKernel extends Kernel new Wallabag\ApiBundle\WallabagApiBundle(), new Bazinga\Bundle\HateoasBundle\BazingaHateoasBundle(), new Lexik\Bundle\FormFilterBundle\LexikFormFilterBundle(), + new FOS\OAuthServerBundle\FOSOAuthServerBundle(), ); if (in_array($this->getEnvironment(), array('dev', 'test'))) { diff --git a/app/config/config.yml b/app/config/config.yml index f623ab23..adf68d6c 100644 --- a/app/config/config.yml +++ b/app/config/config.yml @@ -157,3 +157,17 @@ fos_user: db_driver: orm firewall_name: main user_class: Wallabag\CoreBundle\Entity\User + registration: + form: + type: wallabag_user_registration + confirmation: + enabled: true + +fos_oauth_server: + db_driver: orm + client_class: Wallabag\ApiBundle\Entity\Client + access_token_class: Wallabag\ApiBundle\Entity\AccessToken + refresh_token_class: Wallabag\ApiBundle\Entity\RefreshToken + auth_code_class: Wallabag\ApiBundle\Entity\AuthCode + service: + user_provider: fos_user.user_manager diff --git a/app/config/config_prod.yml b/app/config/config_prod.yml index c45f0fa6..342837a0 100644 --- a/app/config/config_prod.yml +++ b/app/config/config_prod.yml @@ -17,11 +17,6 @@ monolog: type: fingers_crossed action_level: error handler: nested - wsse: - type: stream - path: %kernel.logs_dir%/%kernel.environment%.wsse.log - level: error - channels: [wsse] nested: type: stream path: "%kernel.logs_dir%/%kernel.environment%.log" diff --git a/app/config/routing.yml b/app/config/routing.yml index e8bf08a5..dabb48fa 100644 --- a/app/config/routing.yml +++ b/app/config/routing.yml @@ -30,3 +30,9 @@ homepage: defaults: { _controller: WallabagCoreBundle:Entry:showUnread, page : 1 } requirements: page: \d+ + +fos_user: + resource: "@FOSUserBundle/Resources/config/routing/all.xml" + +fos_oauth_server_token: + resource: "@FOSOAuthServerBundle/Resources/config/routing/token.xml" diff --git a/app/config/security.yml b/app/config/security.yml index 98846656..6533a430 100644 --- a/app/config/security.yml +++ b/app/config/security.yml @@ -1,9 +1,6 @@ security: encoders: - Wallabag\CoreBundle\Entity\User: - algorithm: sha1 - encode_as_base64: false - iterations: 1 + FOS\UserBundle\Model\UserInterface: sha512 role_hierarchy: ROLE_ADMIN: ROLE_USER @@ -18,11 +15,15 @@ security: # the main part of the security, where you can set up firewalls # for specific sections of your app firewalls: - wsse_secured: - pattern: /api/.* - wsse: true - stateless: true - anonymous: true + oauth_token: + pattern: ^/oauth/v2/token + security: false + api: + pattern: /api/.* + fos_oauth: true + stateless: true + anonymous: false + login_firewall: pattern: ^/login$ anonymous: ~ @@ -45,9 +46,9 @@ security: target: / access_control: - - { path: ^/api/salt, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } + - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/forgot-password, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: /(unread|starred|archive).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/, roles: ROLE_USER } diff --git a/app/config/services.yml b/app/config/services.yml index 965bc319..ff6a582b 100644 --- a/app/config/services.yml +++ b/app/config/services.yml @@ -1,9 +1,4 @@ -# Learn more about services, parameters and containers at -# http://symfony.com/doc/current/book/service_container.html parameters: - security.authentication.provider.dao.class: Wallabag\CoreBundle\Security\Authentication\Provider\WallabagAuthenticationProvider - security.encoder.digest.class: Wallabag\CoreBundle\Security\Authentication\Encoder\WallabagPasswordEncoder - security.validator.user_password.class: Wallabag\CoreBundle\Security\Validator\WallabagUserPasswordValidator lexik_form_filter.get_filter.doctrine_orm.class: Wallabag\CoreBundle\Event\Subscriber\CustomDoctrineORMSubscriber services: -- cgit v1.2.3 From cd1298d6dfc8a811f3808a85bf73f7686c29a0a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Tue, 29 Sep 2015 14:52:46 +0200 Subject: allow API documentation for anonymous --- app/config/config.yml | 4 +++- app/config/security.yml | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) (limited to 'app') diff --git a/app/config/config.yml b/app/config/config.yml index adf68d6c..3c63ded3 100644 --- a/app/config/config.yml +++ b/app/config/config.yml @@ -110,7 +110,9 @@ fos_rest: routing_loader: default_format: json -nelmio_api_doc: ~ +nelmio_api_doc: + sandbox: + enabled: false nelmio_cors: defaults: diff --git a/app/config/security.yml b/app/config/security.yml index 6533a430..79a07c48 100644 --- a/app/config/security.yml +++ b/app/config/security.yml @@ -22,7 +22,7 @@ security: pattern: /api/.* fos_oauth: true stateless: true - anonymous: false + anonymous: true login_firewall: pattern: ^/login$ -- cgit v1.2.3 From 1210dae10589515d6f3824c75639342c5e1d52dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Fri, 2 Oct 2015 14:51:41 +0200 Subject: remove old implementation for login/register/recover --- app/AppKernel.php | 1 + app/config/config.yml | 2 +- app/config/routing.yml | 23 ++++++++++++++--------- app/config/security.yml | 4 ++-- 4 files changed, 18 insertions(+), 12 deletions(-) (limited to 'app') diff --git a/app/AppKernel.php b/app/AppKernel.php index 6f8c3a6d..6315fcde 100644 --- a/app/AppKernel.php +++ b/app/AppKernel.php @@ -27,6 +27,7 @@ class AppKernel extends Kernel new Bazinga\Bundle\HateoasBundle\BazingaHateoasBundle(), new Lexik\Bundle\FormFilterBundle\LexikFormFilterBundle(), new FOS\OAuthServerBundle\FOSOAuthServerBundle(), + new Wallabag\UserBundle\WallabagUserBundle(), ); if (in_array($this->getEnvironment(), array('dev', 'test'))) { diff --git a/app/config/config.yml b/app/config/config.yml index 3c63ded3..a4d18c6d 100644 --- a/app/config/config.yml +++ b/app/config/config.yml @@ -158,7 +158,7 @@ liip_theme: fos_user: db_driver: orm firewall_name: main - user_class: Wallabag\CoreBundle\Entity\User + user_class: Wallabag\UserBundle\Entity\User registration: form: type: wallabag_user_registration diff --git a/app/config/routing.yml b/app/config/routing.yml index dabb48fa..5fa28fba 100644 --- a/app/config/routing.yml +++ b/app/config/routing.yml @@ -1,3 +1,8 @@ +wallabag_user: + resource: "@WallabagUserBundle/Controller/" + type: annotation + prefix: / + wallabag_api: resource: "@WallabagApiBundle/Resources/config/routing.yml" prefix: / @@ -10,15 +15,15 @@ doc-api: resource: "@NelmioApiDocBundle/Resources/config/routing.yml" prefix: /api/doc -login: - pattern: /login - defaults: { _controller: WallabagCoreBundle:Security:login } - -login_check: - pattern: /login_check - -logout: - path: /logout +#login: +# pattern: /login +# defaults: { _controller: WallabagCoreBundle:Security:login } +# +#login_check: +# pattern: /login_check +# +#logout: +# path: /logout rest : type : rest diff --git a/app/config/security.yml b/app/config/security.yml index 79a07c48..d7d8c12b 100644 --- a/app/config/security.yml +++ b/app/config/security.yml @@ -8,7 +8,7 @@ security: providers: administrators: - entity: { class: WallabagCoreBundle:User, property: username } + entity: { class: WallabagUserBundle:User, property: username } fos_userbundle: id: fos_user.user_provider.username @@ -49,6 +49,6 @@ security: - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } - - { path: ^/forgot-password, roles: IS_AUTHENTICATED_ANONYMOUSLY } + - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: /(unread|starred|archive).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/, roles: ROLE_USER } -- cgit v1.2.3 From 0a878469d4038c36c84d1dd707265d880fa342e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Sat, 3 Oct 2015 06:29:55 +0200 Subject: move some files to UserBundle --- app/config/routing.yml | 10 ---------- 1 file changed, 10 deletions(-) (limited to 'app') diff --git a/app/config/routing.yml b/app/config/routing.yml index 5fa28fba..f0f8f4b6 100644 --- a/app/config/routing.yml +++ b/app/config/routing.yml @@ -15,16 +15,6 @@ doc-api: resource: "@NelmioApiDocBundle/Resources/config/routing.yml" prefix: /api/doc -#login: -# pattern: /login -# defaults: { _controller: WallabagCoreBundle:Security:login } -# -#login_check: -# pattern: /login_check -# -#logout: -# path: /logout - rest : type : rest resource : "routing_rest.yml" -- cgit v1.2.3 From 4c5e5441831430af2b8f49dbeb0c76da6993eceb Mon Sep 17 00:00:00 2001 From: Jeremy Benoist Date: Sat, 3 Oct 2015 13:30:12 +0200 Subject: Cleanup - remove unecessary routing for UserBundle - remove unused form type --- app/config/routing.yml | 5 ----- app/config/security.yml | 1 + 2 files changed, 1 insertion(+), 5 deletions(-) (limited to 'app') diff --git a/app/config/routing.yml b/app/config/routing.yml index f0f8f4b6..af3e32b1 100644 --- a/app/config/routing.yml +++ b/app/config/routing.yml @@ -1,8 +1,3 @@ -wallabag_user: - resource: "@WallabagUserBundle/Controller/" - type: annotation - prefix: / - wallabag_api: resource: "@WallabagApiBundle/Resources/config/routing.yml" prefix: / diff --git a/app/config/security.yml b/app/config/security.yml index d7d8c12b..576cfd25 100644 --- a/app/config/security.yml +++ b/app/config/security.yml @@ -18,6 +18,7 @@ security: oauth_token: pattern: ^/oauth/v2/token security: false + api: pattern: /api/.* fos_oauth: true -- cgit v1.2.3 From ec3ce598f6423fcccd88a4fdd77f817c50bc5ab6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Mon, 5 Oct 2015 22:16:18 +0200 Subject: material design for register/login/recover pages --- app/config/config.yml | 2 -- 1 file changed, 2 deletions(-) (limited to 'app') diff --git a/app/config/config.yml b/app/config/config.yml index a4d18c6d..0d893ecf 100644 --- a/app/config/config.yml +++ b/app/config/config.yml @@ -160,8 +160,6 @@ fos_user: firewall_name: main user_class: Wallabag\UserBundle\Entity\User registration: - form: - type: wallabag_user_registration confirmation: enabled: true -- cgit v1.2.3