new: [user:registration] Added user self-registration feature

pull/73/head
Sami Mokaddem 2021-10-20 22:29:23 +02:00
parent 43fbdc63f6
commit 370ae3438e
No known key found for this signature in database
GPG Key ID: 164C473F627A06FA
8 changed files with 244 additions and 159 deletions

View File

@ -1,5 +1,6 @@
<?php
use Cake\ORM\TableRegistry;
use Authentication\PasswordHasher\DefaultPasswordHasher;
require_once(ROOT . DS . 'libraries' . DS . 'default' . DS . 'InboxProcessors' . DS . 'GenericInboxProcessor.php');
@ -42,13 +43,25 @@ class RegistrationProcessor extends UserInboxProcessor implements GenericInboxPr
'message' => 'E-mail must be valid'
])
->notEmpty('first_name', 'A first name must be provided')
->notEmpty('last_name', 'A last name must be provided');
->notEmpty('last_name', 'A last name must be provided')
->add('password', 'password_complexity', [
'rule' => function($value, $context) {
if (!preg_match('/^((?=.*\d)|(?=.*\W+))(?![\n])(?=.*[A-Z])(?=.*[a-z]).*$|.{16,}/s', $value) || strlen($value) < 12) {
return false;
}
return true;
},
'message' => __('Invalid password. Passwords have to be either 16 character long or 12 character long with 3/4 special groups.')
]);
}
public function create($requestData) {
$this->validateRequestData($requestData);
$requestData['data']['password'] = (new DefaultPasswordHasher())->hash($requestData['data']['password']);
$requestData['title'] = __('User account creation requested for {0}', $requestData['data']['email']);
return parent::create($requestData);
$creationResponse = parent::create($requestData);
$creationResponse['message'] = __('User account creation requested. Please wait for an admin to approve your account.');
return $creationResponse;
}
public function getViewVariables($request)
@ -72,6 +85,11 @@ class RegistrationProcessor extends UserInboxProcessor implements GenericInboxPr
'username' => !empty($request['data']['username']) ? $request['data']['username'] : '',
'role_id' => !empty($request['data']['role_id']) ? $request['data']['role_id'] : '',
'disabled' => !empty($request['data']['disabled']) ? $request['data']['disabled'] : '',
'email' => !empty($request['data']['email']) ? $request['data']['email'] : '',
'first_name' => !empty($request['data']['first_name']) ? $request['data']['first_name'] : '',
'last_name' => !empty($request['data']['last_name']) ? $request['data']['last_name'] : '',
'position' => !empty($request['data']['position']) ? $request['data']['position'] : '',
]);
return [
'dropdownData' => $dropdownData,
@ -82,6 +100,7 @@ class RegistrationProcessor extends UserInboxProcessor implements GenericInboxPr
public function process($id, $requestData, $inboxRequest)
{
$hashedPassword = $inboxRequest['data']['password'];
if ($requestData['individual_id'] == -1) {
$individual = $this->Users->Individuals->newEntity([
'uuid' => $requestData['uuid'],
@ -101,6 +120,7 @@ class RegistrationProcessor extends UserInboxProcessor implements GenericInboxPr
'role_id' => $requestData['role_id'],
'disabled' => $requestData['disabled'],
]);
$user->set('password', $hashedPassword, ['setter' => false]); // ignore default password hashing as it has already been hashed
$user = $this->Users->save($user);
if ($user !== false) {

View File

@ -1,99 +1,88 @@
<?php
$formUser = $this->element('genericElements/Form/genericForm', [
'entity' => $userEntity,
'ajax' => false,
'raw' => true,
'data' => [
'description' => __('Create user account'),
'model' => 'User',
'fields' => [
[
'field' => 'individual_id',
'type' => 'dropdown',
'label' => __('Associated individual'),
'options' => $dropdownData['individual'],
],
[
'field' => 'username',
'autocomplete' => 'off',
],
[
'field' => 'role_id',
'type' => 'dropdown',
'label' => __('Role'),
'options' => $dropdownData['role']
],
[
'field' => 'disabled',
'type' => 'checkbox',
'label' => 'Disable'
]
$combinedForm = $this->element('genericElements/Form/genericForm', [
'entity' => $userEntity,
'ajax' => false,
'raw' => true,
'data' => [
'description' => __('Create user account'),
'model' => 'User',
'fields' => [
[
'field' => 'individual_id',
'type' => 'dropdown',
'label' => __('Associated individual'),
'options' => $dropdownData['individual'],
],
'submit' => [
'action' => $this->request->getParam('action')
]
]
]);
$formIndividual = $this->element('genericElements/Form/genericForm', [
'entity' => $individualEntity,
'ajax' => false,
'raw' => true,
'data' => [
'description' => __('Create individual'),
'model' => 'Individual',
'fields' => [
[
'field' => 'email',
'autocomplete' => 'off'
],
[
'field' => 'uuid',
'label' => 'UUID',
'type' => 'uuid',
'autocomplete' => 'off'
],
[
'field' => 'first_name',
'autocomplete' => 'off'
],
[
'field' => 'last_name',
'autocomplete' => 'off'
],
[
'field' => 'position',
'autocomplete' => 'off'
],
[
'field' => 'username',
'autocomplete' => 'off',
],
[
'field' => 'role_id',
'type' => 'dropdown',
'label' => __('Role'),
'options' => $dropdownData['role']
],
[
'field' => 'disabled',
'type' => 'checkbox',
'label' => 'Disable'
],
'submit' => [
'action' => $this->request->getParam('action')
]
]
]);
echo $this->Bootstrap->modal([
'title' => __('Register user'),
'size' => 'lg',
'type' => 'confirm',
'bodyHtml' => sprintf('<div class="user-container">%s</div><div class="individual-container">%s</div>',
$formUser,
$formIndividual
),
'confirmText' => __('Create user'),
'confirmFunction' => 'submitRegistration'
]);
sprintf('<div class="pb-2 fs-4">%s</div>', __('Create individual')),
[
'field' => 'email',
'autocomplete' => 'off'
],
[
'field' => 'uuid',
'label' => 'UUID',
'type' => 'uuid',
'autocomplete' => 'off'
],
[
'field' => 'first_name',
'autocomplete' => 'off'
],
[
'field' => 'last_name',
'autocomplete' => 'off'
],
[
'field' => 'position',
'autocomplete' => 'off'
],
],
'submit' => [
'action' => $this->request->getParam('action')
]
]
]);
echo $this->Bootstrap->modal([
'title' => __('Register user'),
'size' => 'lg',
'type' => 'confirm',
'bodyHtml' => sprintf(
'<div class="form-container">%s</div>',
$combinedForm
),
'confirmText' => __('Create user'),
'confirmFunction' => 'submitRegistration'
]);
?>
</div>
<script>
function submitRegistration(modalObject, tmpApi) {
const $forms = modalObject.$modal.find('form')
const url = $forms[0].action
const data1 = getFormData($forms[0])
const data2 = getFormData($forms[1])
const data = {...data1, ...data2}
return tmpApi.postData(url, data)
const $form = modalObject.$modal.find('form')
tmpApi.postForm($form[0]).then(() => {
const url = '/inbox/index'
const $container = $('div[id^="table-container-"]')
const randomValue = $container.attr('id').split('-')[2]
UI.reload(url, $(`#table-container-${randomValue}`), $(`#table-container-${randomValue} table.table`))
})
}
$(document).ready(function() {
@ -107,7 +96,7 @@
})
function getFormData(form) {
return Object.values(form).reduce((obj,field) => {
return Object.values(form).reduce((obj, field) => {
if (field.type === 'checkbox') {
obj[field.name] = field.checked;
} else {
@ -119,7 +108,8 @@
</script>
<style>
div.individual-container > div, div.user-container > div {
font-size: 1.5rem;
}
div.individual-container>div,
div.user-container>div {
font-size: 1.5rem;
}
</style>

View File

@ -254,7 +254,7 @@ class ACLComponent extends Component
*/
public function setPublicInterfaces(): void
{
$this->Authentication->allowUnauthenticated(['login']);
$this->Authentication->allowUnauthenticated(['login', 'register']);
}
private function checkAccessInternal($controller, $action, $soft): bool

View File

@ -6,6 +6,8 @@ use Cake\Utility\Hash;
use Cake\Utility\Text;
use Cake\ORM\TableRegistry;
use \Cake\Database\Expression\QueryExpression;
use Cake\Http\Exception\UnauthorizedException;
use Cake\Core\Configure;
class UsersController extends AppController
{
@ -160,19 +162,27 @@ class UsersController extends AppController
public function register()
{
$this->InboxProcessors = TableRegistry::getTableLocator()->get('InboxProcessors');
$processor = $this->InboxProcessors->getProcessor('User', 'Registration');
$data = [
'origin' => '127.0.0.1',
'comment' => 'Hi there!, please create an account',
'data' => [
'username' => 'foobar',
'email' => 'foobar@admin.test',
'first_name' => 'foo',
'last_name' => 'bar',
],
];
$processorResult = $processor->create($data);
return $processor->genHTTPReply($this, $processorResult, ['controller' => 'Inbox', 'action' => 'index']);
if (empty(Configure::read('Cerebrate')['security.registration.self-registration'])) {
throw new UnauthorizedException(__('User self-registration is not open.'));
}
if ($this->request->is('post')) {
$data = $this->request->getData();
$this->InboxProcessors = TableRegistry::getTableLocator()->get('InboxProcessors');
$processor = $this->InboxProcessors->getProcessor('User', 'Registration');
$data = [
'origin' => $this->request->clientIp(),
'comment' => '-no comment-',
'data' => [
'username' => $data['username'],
'email' => $data['email'],
'first_name' => $data['first_name'],
'last_name' => $data['last_name'],
'password' => $data['password'],
],
];
$processorResult = $processor->create($data);
return $processor->genHTTPReply($this, $processorResult, ['controller' => 'Inbox', 'action' => 'index']);
}
$this->viewBuilder()->setLayout('login');
}
}

View File

@ -240,6 +240,16 @@ class CerebrateSettingsProvider extends BaseSettingsProvider
]
],
'Security' => [
'Registration' => [
'Registration' => [
'security.registration.self-registration' => [
'name' => __('Allow self-registration'),
'type' => 'boolean',
'description' => __('Enable the self-registration feature where user can request account creation. Admin can view the request and accept it in the application inbox.'),
'default' => false,
],
]
],
'Development' => [
'Debugging' => [
'security.debug' => [

View File

@ -1,53 +1,58 @@
<?php
use Cake\Core\Configure;
echo '<div class="form-signin panel shadow position-absolute start-50 translate-middle">';
echo sprintf(
'<div class="text-center mb-4">%s</div>',
$this->Html->image('logo-purple.png', [
'alt' => __('Cerebrate logo'),
'width' => 100, 'height' => 100,
'style' => ['filter: drop-shadow(4px 4px 4px #924da666);']
])
);
echo sprintf('<h4 class="text-uppercase fw-light mb-3">%s</h4>', __('Sign in'));
$template = [
'inputContainer' => '<div class="form-floating input {{type}}{{required}}">{{content}}</div>',
'formGroup' => '{{input}}{{label}}',
'submitContainer' => '<div class="submit d-grid">{{content}}</div>',
];
$this->Form->setTemplates($template);
echo $this->Form->create(null, ['url' => ['controller' => 'users', 'action' => 'login']]);
echo $this->Form->control('username', ['label' => 'Username', 'class' => 'form-control mb-2', 'placeholder' => __('Username')]);
echo $this->Form->control('password', ['type' => 'password', 'label' => 'Password', 'class' => 'form-control mb-3', 'placeholder' => __('Password')]);
echo $this->Form->control(__('Submit'), ['type' => 'submit', 'class' => 'btn btn-primary']);
echo $this->Form->end();
if (!empty(Configure::read('keycloak'))) {
echo sprintf('<div class="d-flex align-items-center my-3"><hr class="d-inline-block flex-grow-1"/><span class="mx-3 fw-light">%s</span><hr class="d-inline-block flex-grow-1"/></div>', __('Or'));
echo $this->Form->create(null, [
'url' => Cake\Routing\Router::url([
'prefix' => false,
'plugin' => 'ADmad/SocialAuth',
'controller' => 'Auth',
'action' => 'login',
'provider' => 'keycloak',
'?' => ['redirect' => $this->request->getQuery('redirect')]
]),
]);
echo $this->Bootstrap->button([
'type' => 'submit',
'text' => __('Login with Keycloak'),
'variant' => 'secondary',
'class' => ['d-block', 'w-100'],
'image' => [
'path' => '/img/keycloak_logo.png',
'alt' => 'Keycloak'
]
]);
echo $this->Form->end();
}
echo '</div>';
use Cake\Core\Configure;
?>
<div class="form-signin panel shadow position-absolute start-50 translate-middle">
<?php
echo sprintf(
'<div class="text-center mb-4">%s</div>',
$this->Html->image('logo-purple.png', [
'alt' => __('Cerebrate logo'),
'width' => 100, 'height' => 100,
'style' => ['filter: drop-shadow(4px 4px 4px #924da666);']
])
);
echo sprintf('<h4 class="text-uppercase fw-light mb-3">%s</h4>', __('Sign up'));
$template = [
'inputContainer' => '<div class="form-floating input {{type}}{{required}}">{{content}}</div>',
'formGroup' => '{{input}}{{label}}',
'submitContainer' => '<div class="submit d-grid">{{content}}</div>',
];
$this->Form->setTemplates($template);
echo $this->Form->create(null, ['url' => ['controller' => 'users', 'action' => 'login']]);
echo $this->Form->control('username', ['label' => 'Username', 'class' => 'form-control mb-2', 'placeholder' => __('Username')]);
echo $this->Form->control('password', ['type' => 'password', 'label' => 'Password', 'class' => 'form-control mb-3', 'placeholder' => __('Password')]);
echo $this->Form->control(__('Login'), ['type' => 'submit', 'class' => 'btn btn-primary']);
echo $this->Form->end();
if (!empty(Configure::read('Cerebrate')['security.registration.self-registration'])) {
echo '<div class="text-end">';
echo sprintf('<span class="text-secondary ms-auto" style="font-size: 0.8rem">%s <a href="/users/register" class="text-decoration-none link-primary fw-bold">%s</a></span>', __('Doesn\'t have an account?'), __('Sign up'));
echo '</div>';
}
if (!empty(Configure::read('keycloak'))) {
echo sprintf('<div class="d-flex align-items-center my-2"><hr class="d-inline-block flex-grow-1"/><span class="mx-3 fw-light">%s</span><hr class="d-inline-block flex-grow-1"/></div>', __('Or'));
echo $this->Form->create(null, [
'url' => Cake\Routing\Router::url([
'prefix' => false,
'plugin' => 'ADmad/SocialAuth',
'controller' => 'Auth',
'action' => 'login',
'provider' => 'keycloak',
'?' => ['redirect' => $this->request->getQuery('redirect')]
]),
]);
echo $this->Bootstrap->button([
'type' => 'submit',
'text' => __('Login with Keycloak'),
'variant' => 'secondary',
'class' => ['d-block', 'w-100'],
'image' => [
'path' => '/img/keycloak_logo.png',
'alt' => 'Keycloak'
]
]);
echo $this->Form->end();
}
?>
</div>

View File

@ -0,0 +1,42 @@
<?php
use Cake\Core\Configure;
?>
<div class="form-signin panel shadow position-absolute start-50 translate-middle">
<?php
echo sprintf(
'<div class="text-center mb-4">%s</div>',
$this->Html->image('logo-purple.png', [
'alt' => __('Cerebrate logo'),
'width' => 100, 'height' => 100,
'style' => ['filter: drop-shadow(4px 4px 4px #924da666);']
])
);
echo sprintf('<h4 class="text-uppercase fw-light mb-3">%s</h4>', __('Sign in'));
$template = [
'inputContainer' => '<div class="input {{type}}{{required}}">{{content}}</div>',
'formGroup' => '{{label}}{{input}}',
'submitContainer' => '<div class="submit d-grid">{{content}}</div>',
'label' => '<label class="fw-light fs-7" {{attrs}}>{{text}}</label>'
];
$this->Form->setTemplates($template);
echo $this->Form->create(null, ['url' => ['controller' => 'users', 'action' => 'register']]);
echo $this->Form->control('username', ['label' => __('Username'), 'class' => 'form-control mb-2']);
echo $this->Form->control('email', ['label' => __('E-mail Address'), 'class' => 'form-control mb-3']);
echo '<div class="row g-1 mb-3">';
echo '<div class="col-md">';
echo $this->Form->control('first_name', ['label' => __('First Name'), 'class' => 'form-control']);
echo '</div>';
echo '<div class="col-md">';
echo $this->Form->control('last_name', ['label' => __('Last Name'), 'class' => 'form-control mb-2']);
echo '</div>';
echo '</div>';
echo $this->Form->control('password', ['type' => 'password', 'label' => __('Password'), 'class' => 'form-control mb-4']);
echo $this->Form->control(__('Sign up'), ['type' => 'submit', 'class' => 'btn btn-primary']);
echo $this->Form->end();
?>
</div>

View File

@ -168,3 +168,11 @@ input[type="checkbox"]:disabled.change-cursor {
-webkit-mask-repeat: no-repeat;
-webkit-mask-image: url("data:image/svg+xml,%3C%3Fxml version='1.0' encoding='UTF-8' standalone='no'%3F%3E%3Csvg xmlns='http://www.w3.org/2000/svg' height='223.995' width='383.98752' viewBox='0 0 383.98752 223.995' role='img'%3E%3Cpath d='m 367.9975,0 h -118.06 c -21.38,0 -32.09,25.85 -16.97,40.97 l 32.4,32.4 -73.37,73.38 -73.37,-73.37 c -12.5,-12.5 -32.76,-12.5 -45.25,0 l -68.69,68.69 c -6.25,6.25 -6.25,16.38 0,22.63 l 22.62,22.62 c 6.25,6.25 16.38,6.25 22.63,0 l 46.06,-46.07 73.37,73.37 c 12.5,12.5 32.76,12.5 45.25,0 l 96,-96 32.4,32.4 c 15.12,15.12 40.97,4.41 40.97,-16.97 V 16 c 0.01,-8.84 -7.15,-16 -15.99,-16 z' /%3E%3C/svg%3E%0A");
}
.fs-7 {
font-size: .875rem !important;
}
.fs-8 {
font-size: .7rem !important;
}