thisfro/pflaenz.li-Symfony
Archived
1
0
Fork 0
Code Issues 4 Pull requests 1 Projects Releases 3 Wiki Activity

Verify CAPTCHA

Browse source
This commit is contained in:
Jannis Portmann 2022-01-18 17:50:54 +01:00
parent 946b30b486
commit 9b3c970bba
7 changed files with 132 additions and 58 deletions
Download patch file Download diff file Expand all files Collapse all files

48
src/Controller/RegistrationController.php
View file

@ -6,6 +6,7 @@ use App\Entity\User;
use App\Form\RegistrationFormType;
use App\Security\AppAuthenticator;
use App\Security\EmailVerifier;
use App\Service\CaptchaVerifier;
use App\Repository\UserRepository;
use Symfony\Bridge\Twig\Mime\TemplatedEmail;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
@ -26,36 +27,41 @@ class RegistrationController extends AbstractController
}
#[Route('/register', name: 'app_register')]
public function register(Request $request, UserPasswordHasherInterface $passwordEncoder): Response
public function register(Request $request, UserPasswordHasherInterface $passwordEncoder, CaptchaVerifier $captchaVerifier): Response
{
$user = new User();
$form = $this->createForm(RegistrationFormType::class, $user);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$user->setUrlId(uniqid());
// encode the plain password
$user->setPassword(
$passwordEncoder->hashPassword(
$user,
$form->get('plainPassword')->getData()
)
);
if ($captchaVerifier->isVerified($form->get('captcha_solution')->getData(), $this->getParameter('captcha.secret'), $this->getParameter('captcha.sitekey')) == true) {
$user->setUrlId(uniqid());
// encode the plain password
$user->setPassword(
$passwordEncoder->hashPassword(
$user,
$form->get('plainPassword')->getData()
)
);
$entityManager = $this->getDoctrine()->getManager();
$entityManager->persist($user);
$entityManager->flush();
$entityManager = $this->getDoctrine()->getManager();
$entityManager->persist($user);
$entityManager->flush();
// generate a signed url and email it to the user
$this->emailVerifier->sendEmailConfirmation('app_verify_email', $user,
(new TemplatedEmail())
->from(new Address('no-reply@pflaenz.li', 'Pflänzli no-reply'))
->to($user->getEmail())
->subject('Please Confirm your Email')
->htmlTemplate('registration/confirmation_email.html.twig')
);
// generate a signed url and email it to the user
$this->emailVerifier->sendEmailConfirmation('app_verify_email', $user,
(new TemplatedEmail())
->from(new Address('no-reply@pflaenz.li', 'Pflänzli no-reply'))
->to($user->getEmail())
->subject('Please Confirm your Email')
->htmlTemplate('registration/confirmation_email.html.twig')
);
return $this->render('registration/created.html.twig');
return $this->render('registration/created.html.twig');
}
else {
$this->addFlash('error', 'CAPTCHA failed');
}
}
return $this->render('registration/register.html.twig', [

37
src/Form/RegistrationFormType.php
View file

@ -6,12 +6,16 @@ use App\Entity\User;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Extension\Core\Type\CheckboxType;
use Symfony\Component\Form\Extension\Core\Type\EmailType;
use Symfony\Component\Form\Extension\Core\Type\HiddenType;
use Symfony\Component\Form\Extension\Core\Type\NumberType;
use Symfony\Component\Form\Extension\Core\Type\PasswordType;
use Symfony\Component\Form\Extension\Core\Type\SubmitType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolver;
use Symfony\Component\Validator\Constraints\IsTrue;
use Symfony\Component\Validator\Constraints\Length;
use Symfony\Component\Validator\Constraints\NotBlank;
use Symfony\Component\Validator\Constraints\NotNull;
class RegistrationFormType extends AbstractType
{
@ -20,19 +24,14 @@ class RegistrationFormType extends AbstractType
$builder
->add('email', EmailType::class)
->add('username')
->add('zipcode')
->add('agreeTerms', CheckboxType::class, [
'mapped' => false,
'constraints' => [
new IsTrue([
'message' => 'You should agree to our terms.',
]),
],
->add('zipcode', NumberType::class, [
'label' => 'ZIP'
])
->add('plainPassword', PasswordType::class, [
// instead of being set onto the object directly,
// this is read and encoded in the controller
'mapped' => false,
'label' => 'Password',
'constraints' => [
new NotBlank([
'message' => 'Please enter a password',
@ -45,6 +44,28 @@ class RegistrationFormType extends AbstractType
]),
],
])
->add('agreeTerms', CheckboxType::class, [
'mapped' => false,
'constraints' => [
new IsTrue([
'message' => 'You need to agree to our terms.',
]),
],
])
->add('submit', SubmitType::class, [
'label' => 'Register',
'attr' => [
'class' => 'btn-lg btn-primary',
],
])
->add('captcha_solution', HiddenType::class, [
'mapped' => false,
'constraints' => [
new NotNull([
'message' => 'Please wait for the CAPTCHA to complete',
]),
],
])
;
}

33
src/Service/CaptchaVerifier.php Normal file
View file

@ -0,0 +1,33 @@
<?php
namespace App\Service;
class CaptchaVerifier
{
public function isVerified(string $solution, string $secret, string $sitekey)
{
$url = "https://api.friendlycaptcha.com/api/v1/siteverify";
$data = array(
'solution' => $solution,
'secret'=> $secret,
'sitekey'=> $sitekey,
);
$options = array(
'http' => array(
'method' => 'POST',
'content' => json_encode( $data ),
'header'=> "Content-Type: application/json\r\n" .
"Accept: application/json\r\n"
)
);
$context = stream_context_create( $options );
$result = file_get_contents( $url, false, $context );
$response = json_decode( $result );
$isVerified = $response->success;
return $isVerified;
}
}