Finished authentication

Signed-off-by: Gergely POLONKAI (W00d5t0ck) <polesz@w00d5t0ck.info>

app/AppKernel.php

@@ -20,6 +20,7 @@ class AppKernel extends Kernel
             new JMS\DiExtraBundle\JMSDiExtraBundle($this),
             new JMS\SecurityExtraBundle\JMSSecurityExtraBundle(),
             new KekRozsak\FrontBundle\KekRozsakFrontBundle(),
+            new KekRozsak\SecurityBundle\KekRozsakSecurityBundle(),
         );
 
         if (in_array($this->getEnvironment(), array('dev', 'test'))) {

app/config/routing.yml

@@ -1,3 +1,7 @@
+KekRozsakSecurityBundle:
+    resource: "@KekRozsakSecurityBundle/Resources/config/routing.yml"
+    prefix:   /
+
 KekRozsakFrontBundle:
     resource: "@KekRozsakFrontBundle/Resources/config/routing.yml"
     prefix:   /

app/config/security.yml

@@ -5,17 +5,18 @@ jms_security_extra:
 security:
     encoders:
         Symfony\Component\Security\Core\User\User: plaintext
+        KekRozsak\FrontBundle\Entity\User:
+            id: kek_rozsak_security.encoder.crypt
 
     role_hierarchy:
         ROLE_ADMIN:       ROLE_USER
         ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
 
     providers:
-        in_memory:
-            memory:
-                users:
-                    user:  { password: userpass, roles: [ 'ROLE_USER' ] }
-                    admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
+        user_db:
+            entity:
+                class: KekRozsak\FrontBundle\Entity\User
+                property: username
 
     firewalls:
         dev:
@@ -23,21 +24,23 @@ security:
             security: false
 
         login:
-            pattern:  ^/demo/secured/login$
+            pattern:  ^/login$
             security: false
 
-        secured_area:
-            pattern:    ^/demo/secured/
+        members:
+            pattern:    ^/
             form_login:
-                check_path: /demo/secured/login_check
-                login_path: /demo/secured/login
+                check_path: /login_check
+                login_path: /login
             logout:
-                path:   /demo/secured/logout
-                target: /demo/
-            #anonymous: ~
-            #http_basic:
-            #    realm: "Secured Demo Area"
+                path:   /logout
+                target: /
+            anonymous: ~
 
     access_control:
+        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/cikk/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/, roles: [ IS_AUTHENTICATED_FULLY, IS_AUTHENTICATED_REMEMBERED ] }
         #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
         #- { path: ^/_internal/secure, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }

src/KekRozsak/FrontBundle/Controller/DefaultController.php

@@ -26,4 +26,9 @@ class DefaultController extends Controller
 			'article' => $article
 		));
 	}
+
+	public function forumMainAction()
+	{
+		return $this->forward('KekRozsakFrontBundle:Default:homepage');	
+	}
 }

src/KekRozsak/FrontBundle/Entity/Role.php

@@ -3,11 +3,12 @@
 namespace KekRozsak\FrontBundle\Entity;
 
 use Doctrine\ORM\Mapping as ORM;
+use Symfony\Component\Security\Core\Role\RoleInterface;
 
 /**
  * KekRozsak\FrontBundle\Entity\Role
  */
-class Role
+class Role implements RoleInterface
 {
     /**
      * @var integer $id
@@ -136,4 +137,9 @@ class Role
     {
         return $this->included_roles;
     }
-}
+
+    public function getRole()
+    {
+	return $this->name;
+    }
+}

src/KekRozsak/FrontBundle/Entity/User.php

@@ -3,11 +3,12 @@
 namespace KekRozsak\FrontBundle\Entity;
 
 use Doctrine\ORM\Mapping as ORM;
+use Symfony\Component\Security\Core\User\UserInterface;
 
 /**
  * KekRozsak\FrontBundle\Entity\User
  */
-class User
+class User implements UserInterface
 {
     /**
      * @var integer $id
@@ -188,6 +189,15 @@ class User
      */
     public function getRoles()
     {
-        return $this->roles;
+        return $this->roles->toArray();
     }
-}
+
+    public function eraseCredentials()
+    {
+    }
+
+    public function getSalt()
+    {
+	return $this->password;
+    }
+}

src/KekRozsak/FrontBundle/Resources/config/routing.yml

@@ -7,3 +7,8 @@ KekRozsakFrontBundle_article:
         pattern:  /cikk/{articleSlug}
         defaults:
                 _controller: KekRozsakFrontBundle:Default:article
+
+KekRozsakFrontBundle_forum_main:
+        pattern:  /forum
+        defaults:
+                _controller: KekRozsakFrontBundle:Default:forumMain

src/KekRozsak/SecurityBundle/Controller/DefaultController.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace KekRozsak\SecurityBundle\Controller;
+
+use Symfony\Bundle\FrameworkBundle\Controller\Controller;
+use Symfony\Component\Security\Core\SecurityContext;
+
+class DefaultController extends Controller
+{
+	public function loginAction()
+	{
+		$request = $this->getRequest();
+		$session = $request->getSession();
+
+		if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR))
+		{
+			$error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
+		}
+		else
+		{
+			$error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
+			$session->remove(SecurityContext::AUTHENTICATION_ERROR);
+		}
+
+		return $this->render('KekRozsakSecurityBundle:Default:login.html.twig', array(
+			'last_username' => $session->get(SecurityContext::LAST_USERNAME),
+			'error'         => $error,
+		));
+	}
+}

src/KekRozsak/SecurityBundle/DependencyInjection/Configuration.php

@@ -0,0 +1,29 @@
+<?php
+
+namespace KekRozsak\SecurityBundle\DependencyInjection;
+
+use Symfony\Component\Config\Definition\Builder\TreeBuilder;
+use Symfony\Component\Config\Definition\ConfigurationInterface;
+
+/**
+ * This is the class that validates and merges configuration from your app/config files
+ *
+ * To learn more see {@link http://symfony.com/doc/current/cookbook/bundles/extension.html#cookbook-bundles-extension-config-class}
+ */
+class Configuration implements ConfigurationInterface
+{
+    /**
+     * {@inheritDoc}
+     */
+    public function getConfigTreeBuilder()
+    {
+        $treeBuilder = new TreeBuilder();
+        $rootNode = $treeBuilder->root('kek_rozsak_security');
+
+        // Here you should define the parameters that are allowed to
+        // configure your bundle. See the documentation linked above for
+        // more information on that topic.
+
+        return $treeBuilder;
+    }
+}

src/KekRozsak/SecurityBundle/DependencyInjection/KekRozsakSecurityExtension.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace KekRozsak\SecurityBundle\DependencyInjection;
+
+use Symfony\Component\DependencyInjection\ContainerBuilder;
+use Symfony\Component\Config\FileLocator;
+use Symfony\Component\HttpKernel\DependencyInjection\Extension;
+use Symfony\Component\DependencyInjection\Loader;
+
+/**
+ * This is the class that loads and manages your bundle configuration
+ *
+ * To learn more see {@link http://symfony.com/doc/current/cookbook/bundles/extension.html}
+ */
+class KekRozsakSecurityExtension extends Extension
+{
+    /**
+     * {@inheritDoc}
+     */
+    public function load(array $configs, ContainerBuilder $container)
+    {
+        $configuration = new Configuration();
+        $config = $this->processConfiguration($configuration, $configs);
+
+        $loader = new Loader\YamlFileLoader($container, new FileLocator(__DIR__.'/../Resources/config'));
+        $loader->load('services.yml');
+    }
+}

src/KekRozsak/SecurityBundle/KekRozsakSecurityBundle.php

@@ -0,0 +1,9 @@
+<?php
+
+namespace KekRozsak\SecurityBundle;
+
+use Symfony\Component\HttpKernel\Bundle\Bundle;
+
+class KekRozsakSecurityBundle extends Bundle
+{
+}

src/KekRozsak/SecurityBundle/Resources/config/routing.yml

@@ -0,0 +1,10 @@
+KekRozsakSecurityBundle_login:
+        pattern:  /login
+        defaults:
+                _controller: KekRozsakSecurityBundle:Default:login
+
+KekRozsakSecurityBundle_login_check:
+        pattern:  /login_check
+
+KekRozsakSecurityBundle_logout:
+        pattern:  /logout

src/KekRozsak/SecurityBundle/Resources/config/services.yml

@@ -0,0 +1,6 @@
+parameters:
+#        kek_rozsak_security.example.class: KekRozsak\SecurityBundle\Example
+
+services:
+        kek_rozsak_security.encoder.crypt:
+                class: KekRozsak\SecurityBundle\Service\CryptEncoder

src/KekRozsak/SecurityBundle/Resources/views/Default/login.html.twig

@@ -0,0 +1,13 @@
+{% extends '::main_template.html.twig' %}
+{% block title %}- Bejelentkezés{% endblock %}
+{% block content %}
+{% if error %}
+<div id="error-message">{{ error.message }}</div>
+{% endif %}
+
+<form action="{{ path('KekRozsakSecurityBundle_login_check') }}" method="post">
+	<input type="text" id="username" name="_username" value="{{ last_username }}" />
+	<input type="password" id="password" name="_password" />
+	<button type="submit">Bejelentkezés</button>
+</form>
+{% endblock content %}

src/KekRozsak/SecurityBundle/Service/CryptEncoder.php

@@ -0,0 +1,18 @@
+<?php
+namespace KekRozsak\SecurityBundle\Service;
+
+use Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface;
+
+class CryptEncoder implements PasswordEncoderInterface
+{
+	function encodePassword($raw, $salt)
+	{
+		return crypt($raw);
+	}
+
+	function isPasswordValid($encoded, $raw, $salt)
+	{
+		return (crypt($raw, $salt) == $encoded);
+	}
+}
+

src/KekRozsak/SecurityBundle/Tests/Controller/DefaultControllerTest.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace KekRozsak\SecurityBundle\Tests\Controller;
+
+use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
+
+class DefaultControllerTest extends WebTestCase
+{
+    public function testIndex()
+    {
+        $client = static::createClient();
+
+        $crawler = $client->request('GET', '/hello/Fabien');
+
+        $this->assertTrue($crawler->filter('html:contains("Hello Fabien")')->count() > 0);
+    }
+}