diff --git a/src/Command/SetPasswordCommand.php b/src/Command/SetPasswordCommand.php index be94ef79..b4d18b6d 100644 --- a/src/Command/SetPasswordCommand.php +++ b/src/Command/SetPasswordCommand.php @@ -52,7 +52,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; use Symfony\Component\Console\Style\SymfonyStyle; use Symfony\Component\EventDispatcher\EventDispatcherInterface; -use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; class SetPasswordCommand extends Command { @@ -62,7 +62,7 @@ class SetPasswordCommand extends Command protected $encoder; protected $eventDispatcher; - public function __construct(EntityManagerInterface $entityManager, UserPasswordEncoderInterface $passwordEncoder, EventDispatcherInterface $eventDispatcher) + public function __construct(EntityManagerInterface $entityManager, UserPasswordHasherInterface $passwordEncoder, EventDispatcherInterface $eventDispatcher) { $this->entityManager = $entityManager; $this->encoder = $passwordEncoder; @@ -122,7 +122,7 @@ class SetPasswordCommand extends Command } //Encode password - $hash = $this->encoder->encodePassword($user, $new_password); + $hash = $this->encoder->hashPassword($user, $new_password); $user->setPassword($hash); //And save it to databae diff --git a/src/Controller/AdminPages/BaseAdminController.php b/src/Controller/AdminPages/BaseAdminController.php index 268eb170..8ce9bf5b 100644 --- a/src/Controller/AdminPages/BaseAdminController.php +++ b/src/Controller/AdminPages/BaseAdminController.php @@ -76,6 +76,7 @@ use Symfony\Component\HttpFoundation\File\UploadedFile; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; use Symfony\Component\Validator\ConstraintViolationList; use Symfony\Contracts\Translation\TranslatorInterface; @@ -106,7 +107,7 @@ abstract class BaseAdminController extends AbstractController protected $entityManager; - public function __construct(TranslatorInterface $translator, UserPasswordEncoderInterface $passwordEncoder, + public function __construct(TranslatorInterface $translator, UserPasswordHasherInterface $passwordEncoder, AttachmentSubmitHandler $attachmentSubmitHandler, EventCommentHelper $commentHelper, HistoryHelper $historyHelper, TimeTravel $timeTravel, DataTableFactory $dataTableFactory, EventDispatcherInterface $eventDispatcher, BarcodeExampleElementsGenerator $barcodeExampleGenerator, diff --git a/src/Controller/AdminPages/CurrencyController.php b/src/Controller/AdminPages/CurrencyController.php index f523eaba..4b9342df 100644 --- a/src/Controller/AdminPages/CurrencyController.php +++ b/src/Controller/AdminPages/CurrencyController.php @@ -66,6 +66,7 @@ use Symfony\Component\Form\FormInterface; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use Symfony\Component\Routing\Annotation\Route; use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; use Symfony\Contracts\Translation\TranslatorInterface; @@ -88,7 +89,7 @@ class CurrencyController extends BaseAdminController public function __construct( TranslatorInterface $translator, - UserPasswordEncoderInterface $passwordEncoder, + UserPasswordHasherInterface $passwordEncoder, AttachmentSubmitHandler $attachmentSubmitHandler, EventCommentHelper $commentHelper, HistoryHelper $historyHelper, diff --git a/src/Controller/UserController.php b/src/Controller/UserController.php index 30610cc2..bfb8e479 100644 --- a/src/Controller/UserController.php +++ b/src/Controller/UserController.php @@ -82,7 +82,7 @@ class UserController extends AdminPages\BaseAdminController { //Check if we editing a user and if we need to change the password of it if ($entity instanceof User && !empty($form['new_password']->getData())) { - $password = $this->passwordEncoder->encodePassword($entity, $form['new_password']->getData()); + $password = $this->passwordEncoder->hashPassword($entity, $form['new_password']->getData()); $entity->setPassword($password); //By default the user must change the password afterwards $entity->setNeedPwChange(true); @@ -134,7 +134,7 @@ class UserController extends AdminPages\BaseAdminController protected function additionalActionNew(FormInterface $form, AbstractNamedDBElement $entity): bool { if ($entity instanceof User && !empty($form['new_password']->getData())) { - $password = $this->passwordEncoder->encodePassword($entity, $form['new_password']->getData()); + $password = $this->passwordEncoder->hashPassword($entity, $form['new_password']->getData()); $entity->setPassword($password); //By default the user must change the password afterwards $entity->setNeedPwChange(true); diff --git a/src/Controller/UserSettingsController.php b/src/Controller/UserSettingsController.php index 623e4061..0dd2e301 100644 --- a/src/Controller/UserSettingsController.php +++ b/src/Controller/UserSettingsController.php @@ -61,6 +61,7 @@ use Symfony\Component\Form\Extension\Core\Type\SubmitType; use Symfony\Component\Form\Extension\Core\Type\TextType; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use Symfony\Component\Routing\Annotation\Route; use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; use Symfony\Component\Security\Core\Validator\Constraints\UserPassword; @@ -199,7 +200,7 @@ class UserSettingsController extends AbstractController * * @return RedirectResponse|\Symfony\Component\HttpFoundation\Response */ - public function userSettings(Request $request, EntityManagerInterface $em, UserPasswordEncoderInterface $passwordEncoder, GoogleAuthenticator $googleAuthenticator, BackupCodeManager $backupCodeManager) + public function userSettings(Request $request, EntityManagerInterface $em, UserPasswordHasherInterface $passwordEncoder, GoogleAuthenticator $googleAuthenticator, BackupCodeManager $backupCodeManager) { /** @var User */ $user = $this->getUser(); @@ -284,7 +285,7 @@ class UserSettingsController extends AbstractController //Check if password if everything was correct, then save it to User and DB if (!$this->demo_mode && $pw_form->isSubmitted() && $pw_form->isValid()) { - $password = $passwordEncoder->encodePassword($user, $pw_form['new_password']->getData()); + $password = $passwordEncoder->hashPassword($user, $pw_form['new_password']->getData()); $user->setPassword($password); //After the change reset the password change needed setting diff --git a/src/DataFixtures/UserFixtures.php b/src/DataFixtures/UserFixtures.php index a91ca3c1..24c81b03 100644 --- a/src/DataFixtures/UserFixtures.php +++ b/src/DataFixtures/UserFixtures.php @@ -46,6 +46,7 @@ use App\Entity\UserSystem\User; use Doctrine\Bundle\FixturesBundle\Fixture; use Doctrine\ORM\EntityManagerInterface; use Doctrine\Persistence\ObjectManager; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; class UserFixtures extends Fixture @@ -53,7 +54,7 @@ class UserFixtures extends Fixture protected $encoder; protected $em; - public function __construct(UserPasswordEncoderInterface $encoder, EntityManagerInterface $entityManager) + public function __construct(UserPasswordHasherInterface $encoder, EntityManagerInterface $entityManager) { $this->em = $entityManager; $this->encoder = $encoder; @@ -65,12 +66,12 @@ class UserFixtures extends Fixture $anonymous->setName('anonymous'); $anonymous->setGroup($this->getReference(GroupFixtures::READONLY)); $anonymous->setNeedPwChange(false); - $anonymous->setPassword($this->encoder->encodePassword($anonymous, 'test')); + $anonymous->setPassword($this->encoder->hashPassword($anonymous, 'test')); $manager->persist($anonymous); $admin = new User(); $admin->setName('admin'); - $admin->setPassword($this->encoder->encodePassword($admin, 'test')); + $admin->setPassword($this->encoder->hashPassword($admin, 'test')); $admin->setNeedPwChange(false); $admin->setGroup($this->getReference(GroupFixtures::ADMINS)); $manager->persist($admin); @@ -79,14 +80,14 @@ class UserFixtures extends Fixture $user->setName('user'); $user->setNeedPwChange(false); $user->setFirstName('Test')->setLastName('User'); - $user->setPassword($this->encoder->encodePassword($user, 'test')); + $user->setPassword($this->encoder->hashPassword($user, 'test')); $user->setGroup($this->getReference(GroupFixtures::USERS)); $manager->persist($user); $noread = new User(); $noread->setName('noread'); $noread->setNeedPwChange(false); - $noread->setPassword($this->encoder->encodePassword($noread, 'test')); + $noread->setPassword($this->encoder->hashPassword($noread, 'test')); $manager->persist($noread); $manager->flush(); diff --git a/src/Entity/UserSystem/User.php b/src/Entity/UserSystem/User.php index 2a1178d1..3db3ff38 100644 --- a/src/Entity/UserSystem/User.php +++ b/src/Entity/UserSystem/User.php @@ -57,6 +57,7 @@ use App\Entity\PriceInformations\Currency; use App\Security\Interfaces\HasPermissionsInterface; use App\Validator\Constraints\Selectable; use App\Validator\Constraints\ValidPermission; +use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface; use function count; use DateTime; use Doctrine\Common\Collections\ArrayCollection; @@ -83,7 +84,7 @@ use Symfony\Component\Validator\Constraints as Assert; * @ORM\EntityListeners({"App\EntityListeners\TreeCacheInvalidationListener"}) * @UniqueEntity("name", message="validator.user.username_already_used") */ -class User extends AttachmentContainingDBElement implements UserInterface, HasPermissionsInterface, TwoFactorInterface, BackupCodeInterface, TrustedDeviceInterface, U2FTwoFactorInterface, PreferredProviderInterface +class User extends AttachmentContainingDBElement implements UserInterface, HasPermissionsInterface, TwoFactorInterface, BackupCodeInterface, TrustedDeviceInterface, U2FTwoFactorInterface, PreferredProviderInterface, PasswordAuthenticatedUserInterface { //use MasterAttachmentTrait; @@ -306,6 +307,11 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe return (string) $this->name; } + public function getUserIdentifier(): string + { + return $this->getUsername(); + } + /** * @see UserInterface */ diff --git a/src/EventSubscriber/UserSystem/PasswordChangeNeededSubscriber.php b/src/EventSubscriber/UserSystem/PasswordChangeNeededSubscriber.php index 1df033c8..9354ed25 100644 --- a/src/EventSubscriber/UserSystem/PasswordChangeNeededSubscriber.php +++ b/src/EventSubscriber/UserSystem/PasswordChangeNeededSubscriber.php @@ -96,7 +96,7 @@ final class PasswordChangeNeededSubscriber implements EventSubscriberInterface $user = $this->security->getUser(); $request = $event->getRequest(); - if (!$event->isMasterRequest()) { + if (!$event->isMainRequest()) { return; } if (!$user instanceof User) { diff --git a/src/Services/PasswordResetManager.php b/src/Services/PasswordResetManager.php index 59b207b1..9cddead8 100644 --- a/src/Services/PasswordResetManager.php +++ b/src/Services/PasswordResetManager.php @@ -47,6 +47,8 @@ use Doctrine\ORM\EntityManagerInterface; use Symfony\Bridge\Twig\Mime\TemplatedEmail; use Symfony\Component\Mailer\MailerInterface; use Symfony\Component\Mime\Address; +use Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactoryInterface; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface; use Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface; use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; @@ -61,12 +63,12 @@ class PasswordResetManager protected $userPasswordEncoder; public function __construct(MailerInterface $mailer, EntityManagerInterface $em, - TranslatorInterface $translator, UserPasswordEncoderInterface $userPasswordEncoder, - EncoderFactoryInterface $encoderFactory) + TranslatorInterface $translator, UserPasswordHasherInterface $userPasswordEncoder, + PasswordHasherFactoryInterface $encoderFactory) { $this->em = $em; $this->mailer = $mailer; - $this->passwordEncoder = $encoderFactory->getEncoder(User::class); + $this->passwordEncoder = $encoderFactory->getPasswordHasher(User::class); $this->translator = $translator; $this->userPasswordEncoder = $userPasswordEncoder; } @@ -83,7 +85,7 @@ class PasswordResetManager } $unencrypted_token = md5(random_bytes(32)); - $user->setPwResetToken($this->passwordEncoder->encodePassword($unencrypted_token, null)); + $user->setPwResetToken($this->passwordEncoder->hash($unencrypted_token, null)); //Determine the expiration datetime of $expiration_date = new \DateTime(); @@ -138,12 +140,12 @@ class PasswordResetManager } //Check if token is valid - if (!$this->passwordEncoder->isPasswordValid($user->getPwResetToken(), $token, null)) { + if (!$this->passwordEncoder->verify($user->getPwResetToken(), $token, null)) { return false; } //When everything was valid, apply the new password - $user->setPassword($this->userPasswordEncoder->encodePassword($user, $new_password)); + $user->setPassword($this->userPasswordEncoder->hashPassword($user, $new_password)); //Remove token $user->setPwResetToken(null); diff --git a/src/Validator/Constraints/BigDecimal/BigDecimalPositive.php b/src/Validator/Constraints/BigDecimal/BigDecimalPositive.php index 1f843966..f58552e4 100644 --- a/src/Validator/Constraints/BigDecimal/BigDecimalPositive.php +++ b/src/Validator/Constraints/BigDecimal/BigDecimalPositive.php @@ -31,7 +31,7 @@ use Symfony\Component\Validator\Constraints\NumberConstraintTrait; */ class BigDecimalPositive extends GreaterThan { - use NumberConstraintTrait; + use BigNumberConstraintTrait; public $message = 'This value should be positive.'; @@ -44,4 +44,5 @@ class BigDecimalPositive extends GreaterThan { return BigDecimalGreaterThanValidator::class; } + } diff --git a/src/Validator/Constraints/BigDecimal/BigDecimalPositiveOrZero.php b/src/Validator/Constraints/BigDecimal/BigDecimalPositiveOrZero.php index c73d86c4..3b6c6943 100644 --- a/src/Validator/Constraints/BigDecimal/BigDecimalPositiveOrZero.php +++ b/src/Validator/Constraints/BigDecimal/BigDecimalPositiveOrZero.php @@ -31,7 +31,7 @@ use Symfony\Component\Validator\Constraints\NumberConstraintTrait; */ class BigDecimalPositiveOrZero extends GreaterThanOrEqual { - use NumberConstraintTrait; + use BigNumberConstraintTrait; public $message = 'This value should be either positive or zero.'; diff --git a/src/Validator/Constraints/BigDecimal/BigNumberConstraintTrait.php b/src/Validator/Constraints/BigDecimal/BigNumberConstraintTrait.php new file mode 100644 index 00000000..c77ee317 --- /dev/null +++ b/src/Validator/Constraints/BigDecimal/BigNumberConstraintTrait.php @@ -0,0 +1,29 @@ +getDefaultOption() => $options]; + } + + if (isset($options['propertyPath'])) { + throw new ConstraintDefinitionException(sprintf('The "propertyPath" option of the "%s" constraint cannot be set.', static::class)); + } + + if (isset($options['value'])) { + throw new ConstraintDefinitionException(sprintf('The "value" option of the "%s" constraint cannot be set.', static::class)); + } + + $options['value'] = 0; + + return $options; + } +} \ No newline at end of file