new: [user:registration] Added user self-registration feature
parent
43fbdc63f6
commit
370ae3438e
|
@ -1,5 +1,6 @@
|
||||||
<?php
|
<?php
|
||||||
use Cake\ORM\TableRegistry;
|
use Cake\ORM\TableRegistry;
|
||||||
|
use Authentication\PasswordHasher\DefaultPasswordHasher;
|
||||||
|
|
||||||
require_once(ROOT . DS . 'libraries' . DS . 'default' . DS . 'InboxProcessors' . DS . 'GenericInboxProcessor.php');
|
require_once(ROOT . DS . 'libraries' . DS . 'default' . DS . 'InboxProcessors' . DS . 'GenericInboxProcessor.php');
|
||||||
|
|
||||||
|
@ -42,13 +43,25 @@ class RegistrationProcessor extends UserInboxProcessor implements GenericInboxPr
|
||||||
'message' => 'E-mail must be valid'
|
'message' => 'E-mail must be valid'
|
||||||
])
|
])
|
||||||
->notEmpty('first_name', 'A first name must be provided')
|
->notEmpty('first_name', 'A first name must be provided')
|
||||||
->notEmpty('last_name', 'A last name must be provided');
|
->notEmpty('last_name', 'A last name must be provided')
|
||||||
|
->add('password', 'password_complexity', [
|
||||||
|
'rule' => function($value, $context) {
|
||||||
|
if (!preg_match('/^((?=.*\d)|(?=.*\W+))(?![\n])(?=.*[A-Z])(?=.*[a-z]).*$|.{16,}/s', $value) || strlen($value) < 12) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
},
|
||||||
|
'message' => __('Invalid password. Passwords have to be either 16 character long or 12 character long with 3/4 special groups.')
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function create($requestData) {
|
public function create($requestData) {
|
||||||
$this->validateRequestData($requestData);
|
$this->validateRequestData($requestData);
|
||||||
|
$requestData['data']['password'] = (new DefaultPasswordHasher())->hash($requestData['data']['password']);
|
||||||
$requestData['title'] = __('User account creation requested for {0}', $requestData['data']['email']);
|
$requestData['title'] = __('User account creation requested for {0}', $requestData['data']['email']);
|
||||||
return parent::create($requestData);
|
$creationResponse = parent::create($requestData);
|
||||||
|
$creationResponse['message'] = __('User account creation requested. Please wait for an admin to approve your account.');
|
||||||
|
return $creationResponse;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getViewVariables($request)
|
public function getViewVariables($request)
|
||||||
|
@ -72,6 +85,11 @@ class RegistrationProcessor extends UserInboxProcessor implements GenericInboxPr
|
||||||
'username' => !empty($request['data']['username']) ? $request['data']['username'] : '',
|
'username' => !empty($request['data']['username']) ? $request['data']['username'] : '',
|
||||||
'role_id' => !empty($request['data']['role_id']) ? $request['data']['role_id'] : '',
|
'role_id' => !empty($request['data']['role_id']) ? $request['data']['role_id'] : '',
|
||||||
'disabled' => !empty($request['data']['disabled']) ? $request['data']['disabled'] : '',
|
'disabled' => !empty($request['data']['disabled']) ? $request['data']['disabled'] : '',
|
||||||
|
|
||||||
|
'email' => !empty($request['data']['email']) ? $request['data']['email'] : '',
|
||||||
|
'first_name' => !empty($request['data']['first_name']) ? $request['data']['first_name'] : '',
|
||||||
|
'last_name' => !empty($request['data']['last_name']) ? $request['data']['last_name'] : '',
|
||||||
|
'position' => !empty($request['data']['position']) ? $request['data']['position'] : '',
|
||||||
]);
|
]);
|
||||||
return [
|
return [
|
||||||
'dropdownData' => $dropdownData,
|
'dropdownData' => $dropdownData,
|
||||||
|
@ -82,6 +100,7 @@ class RegistrationProcessor extends UserInboxProcessor implements GenericInboxPr
|
||||||
|
|
||||||
public function process($id, $requestData, $inboxRequest)
|
public function process($id, $requestData, $inboxRequest)
|
||||||
{
|
{
|
||||||
|
$hashedPassword = $inboxRequest['data']['password'];
|
||||||
if ($requestData['individual_id'] == -1) {
|
if ($requestData['individual_id'] == -1) {
|
||||||
$individual = $this->Users->Individuals->newEntity([
|
$individual = $this->Users->Individuals->newEntity([
|
||||||
'uuid' => $requestData['uuid'],
|
'uuid' => $requestData['uuid'],
|
||||||
|
@ -101,6 +120,7 @@ class RegistrationProcessor extends UserInboxProcessor implements GenericInboxPr
|
||||||
'role_id' => $requestData['role_id'],
|
'role_id' => $requestData['role_id'],
|
||||||
'disabled' => $requestData['disabled'],
|
'disabled' => $requestData['disabled'],
|
||||||
]);
|
]);
|
||||||
|
$user->set('password', $hashedPassword, ['setter' => false]); // ignore default password hashing as it has already been hashed
|
||||||
$user = $this->Users->save($user);
|
$user = $this->Users->save($user);
|
||||||
|
|
||||||
if ($user !== false) {
|
if ($user !== false) {
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
$formUser = $this->element('genericElements/Form/genericForm', [
|
$combinedForm = $this->element('genericElements/Form/genericForm', [
|
||||||
'entity' => $userEntity,
|
'entity' => $userEntity,
|
||||||
'ajax' => false,
|
'ajax' => false,
|
||||||
'raw' => true,
|
'raw' => true,
|
||||||
|
@ -27,22 +27,9 @@
|
||||||
'field' => 'disabled',
|
'field' => 'disabled',
|
||||||
'type' => 'checkbox',
|
'type' => 'checkbox',
|
||||||
'label' => 'Disable'
|
'label' => 'Disable'
|
||||||
]
|
|
||||||
],
|
],
|
||||||
'submit' => [
|
|
||||||
'action' => $this->request->getParam('action')
|
|
||||||
]
|
|
||||||
]
|
|
||||||
]);
|
|
||||||
|
|
||||||
$formIndividual = $this->element('genericElements/Form/genericForm', [
|
sprintf('<div class="pb-2 fs-4">%s</div>', __('Create individual')),
|
||||||
'entity' => $individualEntity,
|
|
||||||
'ajax' => false,
|
|
||||||
'raw' => true,
|
|
||||||
'data' => [
|
|
||||||
'description' => __('Create individual'),
|
|
||||||
'model' => 'Individual',
|
|
||||||
'fields' => [
|
|
||||||
[
|
[
|
||||||
'field' => 'email',
|
'field' => 'email',
|
||||||
'autocomplete' => 'off'
|
'autocomplete' => 'off'
|
||||||
|
@ -72,13 +59,14 @@
|
||||||
]
|
]
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
|
||||||
echo $this->Bootstrap->modal([
|
echo $this->Bootstrap->modal([
|
||||||
'title' => __('Register user'),
|
'title' => __('Register user'),
|
||||||
'size' => 'lg',
|
'size' => 'lg',
|
||||||
'type' => 'confirm',
|
'type' => 'confirm',
|
||||||
'bodyHtml' => sprintf('<div class="user-container">%s</div><div class="individual-container">%s</div>',
|
'bodyHtml' => sprintf(
|
||||||
$formUser,
|
'<div class="form-container">%s</div>',
|
||||||
$formIndividual
|
$combinedForm
|
||||||
),
|
),
|
||||||
'confirmText' => __('Create user'),
|
'confirmText' => __('Create user'),
|
||||||
'confirmFunction' => 'submitRegistration'
|
'confirmFunction' => 'submitRegistration'
|
||||||
|
@ -88,12 +76,13 @@
|
||||||
|
|
||||||
<script>
|
<script>
|
||||||
function submitRegistration(modalObject, tmpApi) {
|
function submitRegistration(modalObject, tmpApi) {
|
||||||
const $forms = modalObject.$modal.find('form')
|
const $form = modalObject.$modal.find('form')
|
||||||
const url = $forms[0].action
|
tmpApi.postForm($form[0]).then(() => {
|
||||||
const data1 = getFormData($forms[0])
|
const url = '/inbox/index'
|
||||||
const data2 = getFormData($forms[1])
|
const $container = $('div[id^="table-container-"]')
|
||||||
const data = {...data1, ...data2}
|
const randomValue = $container.attr('id').split('-')[2]
|
||||||
return tmpApi.postData(url, data)
|
UI.reload(url, $(`#table-container-${randomValue}`), $(`#table-container-${randomValue} table.table`))
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
$(document).ready(function() {
|
$(document).ready(function() {
|
||||||
|
@ -119,7 +108,8 @@
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
<style>
|
<style>
|
||||||
div.individual-container > div, div.user-container > div {
|
div.individual-container>div,
|
||||||
|
div.user-container>div {
|
||||||
font-size: 1.5rem;
|
font-size: 1.5rem;
|
||||||
}
|
}
|
||||||
</style>
|
</style>
|
|
@ -254,7 +254,7 @@ class ACLComponent extends Component
|
||||||
*/
|
*/
|
||||||
public function setPublicInterfaces(): void
|
public function setPublicInterfaces(): void
|
||||||
{
|
{
|
||||||
$this->Authentication->allowUnauthenticated(['login']);
|
$this->Authentication->allowUnauthenticated(['login', 'register']);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function checkAccessInternal($controller, $action, $soft): bool
|
private function checkAccessInternal($controller, $action, $soft): bool
|
||||||
|
|
|
@ -6,6 +6,8 @@ use Cake\Utility\Hash;
|
||||||
use Cake\Utility\Text;
|
use Cake\Utility\Text;
|
||||||
use Cake\ORM\TableRegistry;
|
use Cake\ORM\TableRegistry;
|
||||||
use \Cake\Database\Expression\QueryExpression;
|
use \Cake\Database\Expression\QueryExpression;
|
||||||
|
use Cake\Http\Exception\UnauthorizedException;
|
||||||
|
use Cake\Core\Configure;
|
||||||
|
|
||||||
class UsersController extends AppController
|
class UsersController extends AppController
|
||||||
{
|
{
|
||||||
|
@ -160,19 +162,27 @@ class UsersController extends AppController
|
||||||
|
|
||||||
public function register()
|
public function register()
|
||||||
{
|
{
|
||||||
|
if (empty(Configure::read('Cerebrate')['security.registration.self-registration'])) {
|
||||||
|
throw new UnauthorizedException(__('User self-registration is not open.'));
|
||||||
|
}
|
||||||
|
if ($this->request->is('post')) {
|
||||||
|
$data = $this->request->getData();
|
||||||
$this->InboxProcessors = TableRegistry::getTableLocator()->get('InboxProcessors');
|
$this->InboxProcessors = TableRegistry::getTableLocator()->get('InboxProcessors');
|
||||||
$processor = $this->InboxProcessors->getProcessor('User', 'Registration');
|
$processor = $this->InboxProcessors->getProcessor('User', 'Registration');
|
||||||
$data = [
|
$data = [
|
||||||
'origin' => '127.0.0.1',
|
'origin' => $this->request->clientIp(),
|
||||||
'comment' => 'Hi there!, please create an account',
|
'comment' => '-no comment-',
|
||||||
'data' => [
|
'data' => [
|
||||||
'username' => 'foobar',
|
'username' => $data['username'],
|
||||||
'email' => 'foobar@admin.test',
|
'email' => $data['email'],
|
||||||
'first_name' => 'foo',
|
'first_name' => $data['first_name'],
|
||||||
'last_name' => 'bar',
|
'last_name' => $data['last_name'],
|
||||||
|
'password' => $data['password'],
|
||||||
],
|
],
|
||||||
];
|
];
|
||||||
$processorResult = $processor->create($data);
|
$processorResult = $processor->create($data);
|
||||||
return $processor->genHTTPReply($this, $processorResult, ['controller' => 'Inbox', 'action' => 'index']);
|
return $processor->genHTTPReply($this, $processorResult, ['controller' => 'Inbox', 'action' => 'index']);
|
||||||
}
|
}
|
||||||
|
$this->viewBuilder()->setLayout('login');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -240,6 +240,16 @@ class CerebrateSettingsProvider extends BaseSettingsProvider
|
||||||
]
|
]
|
||||||
],
|
],
|
||||||
'Security' => [
|
'Security' => [
|
||||||
|
'Registration' => [
|
||||||
|
'Registration' => [
|
||||||
|
'security.registration.self-registration' => [
|
||||||
|
'name' => __('Allow self-registration'),
|
||||||
|
'type' => 'boolean',
|
||||||
|
'description' => __('Enable the self-registration feature where user can request account creation. Admin can view the request and accept it in the application inbox.'),
|
||||||
|
'default' => false,
|
||||||
|
],
|
||||||
|
]
|
||||||
|
],
|
||||||
'Development' => [
|
'Development' => [
|
||||||
'Debugging' => [
|
'Debugging' => [
|
||||||
'security.debug' => [
|
'security.debug' => [
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
<?php
|
<?php
|
||||||
use Cake\Core\Configure;
|
use Cake\Core\Configure;
|
||||||
|
?>
|
||||||
|
|
||||||
echo '<div class="form-signin panel shadow position-absolute start-50 translate-middle">';
|
<div class="form-signin panel shadow position-absolute start-50 translate-middle">
|
||||||
|
<?php
|
||||||
echo sprintf(
|
echo sprintf(
|
||||||
'<div class="text-center mb-4">%s</div>',
|
'<div class="text-center mb-4">%s</div>',
|
||||||
$this->Html->image('logo-purple.png', [
|
$this->Html->image('logo-purple.png', [
|
||||||
|
@ -10,7 +12,7 @@
|
||||||
'style' => ['filter: drop-shadow(4px 4px 4px #924da666);']
|
'style' => ['filter: drop-shadow(4px 4px 4px #924da666);']
|
||||||
])
|
])
|
||||||
);
|
);
|
||||||
echo sprintf('<h4 class="text-uppercase fw-light mb-3">%s</h4>', __('Sign in'));
|
echo sprintf('<h4 class="text-uppercase fw-light mb-3">%s</h4>', __('Sign up'));
|
||||||
$template = [
|
$template = [
|
||||||
'inputContainer' => '<div class="form-floating input {{type}}{{required}}">{{content}}</div>',
|
'inputContainer' => '<div class="form-floating input {{type}}{{required}}">{{content}}</div>',
|
||||||
'formGroup' => '{{input}}{{label}}',
|
'formGroup' => '{{input}}{{label}}',
|
||||||
|
@ -20,11 +22,16 @@
|
||||||
echo $this->Form->create(null, ['url' => ['controller' => 'users', 'action' => 'login']]);
|
echo $this->Form->create(null, ['url' => ['controller' => 'users', 'action' => 'login']]);
|
||||||
echo $this->Form->control('username', ['label' => 'Username', 'class' => 'form-control mb-2', 'placeholder' => __('Username')]);
|
echo $this->Form->control('username', ['label' => 'Username', 'class' => 'form-control mb-2', 'placeholder' => __('Username')]);
|
||||||
echo $this->Form->control('password', ['type' => 'password', 'label' => 'Password', 'class' => 'form-control mb-3', 'placeholder' => __('Password')]);
|
echo $this->Form->control('password', ['type' => 'password', 'label' => 'Password', 'class' => 'form-control mb-3', 'placeholder' => __('Password')]);
|
||||||
echo $this->Form->control(__('Submit'), ['type' => 'submit', 'class' => 'btn btn-primary']);
|
echo $this->Form->control(__('Login'), ['type' => 'submit', 'class' => 'btn btn-primary']);
|
||||||
echo $this->Form->end();
|
echo $this->Form->end();
|
||||||
|
if (!empty(Configure::read('Cerebrate')['security.registration.self-registration'])) {
|
||||||
|
echo '<div class="text-end">';
|
||||||
|
echo sprintf('<span class="text-secondary ms-auto" style="font-size: 0.8rem">%s <a href="/users/register" class="text-decoration-none link-primary fw-bold">%s</a></span>', __('Doesn\'t have an account?'), __('Sign up'));
|
||||||
|
echo '</div>';
|
||||||
|
}
|
||||||
|
|
||||||
if (!empty(Configure::read('keycloak'))) {
|
if (!empty(Configure::read('keycloak'))) {
|
||||||
echo sprintf('<div class="d-flex align-items-center my-3"><hr class="d-inline-block flex-grow-1"/><span class="mx-3 fw-light">%s</span><hr class="d-inline-block flex-grow-1"/></div>', __('Or'));
|
echo sprintf('<div class="d-flex align-items-center my-2"><hr class="d-inline-block flex-grow-1"/><span class="mx-3 fw-light">%s</span><hr class="d-inline-block flex-grow-1"/></div>', __('Or'));
|
||||||
echo $this->Form->create(null, [
|
echo $this->Form->create(null, [
|
||||||
'url' => Cake\Routing\Router::url([
|
'url' => Cake\Routing\Router::url([
|
||||||
'prefix' => false,
|
'prefix' => false,
|
||||||
|
@ -47,7 +54,5 @@
|
||||||
]);
|
]);
|
||||||
echo $this->Form->end();
|
echo $this->Form->end();
|
||||||
}
|
}
|
||||||
echo '</div>';
|
|
||||||
|
|
||||||
?>
|
?>
|
||||||
</div>
|
</div>
|
|
@ -0,0 +1,42 @@
|
||||||
|
<?php
|
||||||
|
use Cake\Core\Configure;
|
||||||
|
?>
|
||||||
|
|
||||||
|
<div class="form-signin panel shadow position-absolute start-50 translate-middle">
|
||||||
|
<?php
|
||||||
|
echo sprintf(
|
||||||
|
'<div class="text-center mb-4">%s</div>',
|
||||||
|
$this->Html->image('logo-purple.png', [
|
||||||
|
'alt' => __('Cerebrate logo'),
|
||||||
|
'width' => 100, 'height' => 100,
|
||||||
|
'style' => ['filter: drop-shadow(4px 4px 4px #924da666);']
|
||||||
|
])
|
||||||
|
);
|
||||||
|
echo sprintf('<h4 class="text-uppercase fw-light mb-3">%s</h4>', __('Sign in'));
|
||||||
|
$template = [
|
||||||
|
'inputContainer' => '<div class="input {{type}}{{required}}">{{content}}</div>',
|
||||||
|
'formGroup' => '{{label}}{{input}}',
|
||||||
|
'submitContainer' => '<div class="submit d-grid">{{content}}</div>',
|
||||||
|
'label' => '<label class="fw-light fs-7" {{attrs}}>{{text}}</label>'
|
||||||
|
];
|
||||||
|
$this->Form->setTemplates($template);
|
||||||
|
echo $this->Form->create(null, ['url' => ['controller' => 'users', 'action' => 'register']]);
|
||||||
|
|
||||||
|
echo $this->Form->control('username', ['label' => __('Username'), 'class' => 'form-control mb-2']);
|
||||||
|
echo $this->Form->control('email', ['label' => __('E-mail Address'), 'class' => 'form-control mb-3']);
|
||||||
|
|
||||||
|
echo '<div class="row g-1 mb-3">';
|
||||||
|
echo '<div class="col-md">';
|
||||||
|
echo $this->Form->control('first_name', ['label' => __('First Name'), 'class' => 'form-control']);
|
||||||
|
echo '</div>';
|
||||||
|
echo '<div class="col-md">';
|
||||||
|
echo $this->Form->control('last_name', ['label' => __('Last Name'), 'class' => 'form-control mb-2']);
|
||||||
|
echo '</div>';
|
||||||
|
echo '</div>';
|
||||||
|
|
||||||
|
echo $this->Form->control('password', ['type' => 'password', 'label' => __('Password'), 'class' => 'form-control mb-4']);
|
||||||
|
|
||||||
|
echo $this->Form->control(__('Sign up'), ['type' => 'submit', 'class' => 'btn btn-primary']);
|
||||||
|
echo $this->Form->end();
|
||||||
|
?>
|
||||||
|
</div>
|
|
@ -168,3 +168,11 @@ input[type="checkbox"]:disabled.change-cursor {
|
||||||
-webkit-mask-repeat: no-repeat;
|
-webkit-mask-repeat: no-repeat;
|
||||||
-webkit-mask-image: url("data:image/svg+xml,%3C%3Fxml version='1.0' encoding='UTF-8' standalone='no'%3F%3E%3Csvg xmlns='http://www.w3.org/2000/svg' height='223.995' width='383.98752' viewBox='0 0 383.98752 223.995' role='img'%3E%3Cpath d='m 367.9975,0 h -118.06 c -21.38,0 -32.09,25.85 -16.97,40.97 l 32.4,32.4 -73.37,73.38 -73.37,-73.37 c -12.5,-12.5 -32.76,-12.5 -45.25,0 l -68.69,68.69 c -6.25,6.25 -6.25,16.38 0,22.63 l 22.62,22.62 c 6.25,6.25 16.38,6.25 22.63,0 l 46.06,-46.07 73.37,73.37 c 12.5,12.5 32.76,12.5 45.25,0 l 96,-96 32.4,32.4 c 15.12,15.12 40.97,4.41 40.97,-16.97 V 16 c 0.01,-8.84 -7.15,-16 -15.99,-16 z' /%3E%3C/svg%3E%0A");
|
-webkit-mask-image: url("data:image/svg+xml,%3C%3Fxml version='1.0' encoding='UTF-8' standalone='no'%3F%3E%3Csvg xmlns='http://www.w3.org/2000/svg' height='223.995' width='383.98752' viewBox='0 0 383.98752 223.995' role='img'%3E%3Cpath d='m 367.9975,0 h -118.06 c -21.38,0 -32.09,25.85 -16.97,40.97 l 32.4,32.4 -73.37,73.38 -73.37,-73.37 c -12.5,-12.5 -32.76,-12.5 -45.25,0 l -68.69,68.69 c -6.25,6.25 -6.25,16.38 0,22.63 l 22.62,22.62 c 6.25,6.25 16.38,6.25 22.63,0 l 46.06,-46.07 73.37,73.37 c 12.5,12.5 32.76,12.5 45.25,0 l 96,-96 32.4,32.4 c 15.12,15.12 40.97,4.41 40.97,-16.97 V 16 c 0.01,-8.84 -7.15,-16 -15.99,-16 z' /%3E%3C/svg%3E%0A");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.fs-7 {
|
||||||
|
font-size: .875rem !important;
|
||||||
|
}
|
||||||
|
|
||||||
|
.fs-8 {
|
||||||
|
font-size: .7rem !important;
|
||||||
|
}
|
Loading…
Reference in New Issue