new: [user:registration] Added user self-registration feature
parent
43fbdc63f6
commit
370ae3438e
|
@ -1,5 +1,6 @@
|
|||
<?php
|
||||
use Cake\ORM\TableRegistry;
|
||||
use Authentication\PasswordHasher\DefaultPasswordHasher;
|
||||
|
||||
require_once(ROOT . DS . 'libraries' . DS . 'default' . DS . 'InboxProcessors' . DS . 'GenericInboxProcessor.php');
|
||||
|
||||
|
@ -42,13 +43,25 @@ class RegistrationProcessor extends UserInboxProcessor implements GenericInboxPr
|
|||
'message' => 'E-mail must be valid'
|
||||
])
|
||||
->notEmpty('first_name', 'A first name must be provided')
|
||||
->notEmpty('last_name', 'A last name must be provided');
|
||||
->notEmpty('last_name', 'A last name must be provided')
|
||||
->add('password', 'password_complexity', [
|
||||
'rule' => function($value, $context) {
|
||||
if (!preg_match('/^((?=.*\d)|(?=.*\W+))(?![\n])(?=.*[A-Z])(?=.*[a-z]).*$|.{16,}/s', $value) || strlen($value) < 12) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
},
|
||||
'message' => __('Invalid password. Passwords have to be either 16 character long or 12 character long with 3/4 special groups.')
|
||||
]);
|
||||
}
|
||||
|
||||
public function create($requestData) {
|
||||
$this->validateRequestData($requestData);
|
||||
$requestData['data']['password'] = (new DefaultPasswordHasher())->hash($requestData['data']['password']);
|
||||
$requestData['title'] = __('User account creation requested for {0}', $requestData['data']['email']);
|
||||
return parent::create($requestData);
|
||||
$creationResponse = parent::create($requestData);
|
||||
$creationResponse['message'] = __('User account creation requested. Please wait for an admin to approve your account.');
|
||||
return $creationResponse;
|
||||
}
|
||||
|
||||
public function getViewVariables($request)
|
||||
|
@ -72,6 +85,11 @@ class RegistrationProcessor extends UserInboxProcessor implements GenericInboxPr
|
|||
'username' => !empty($request['data']['username']) ? $request['data']['username'] : '',
|
||||
'role_id' => !empty($request['data']['role_id']) ? $request['data']['role_id'] : '',
|
||||
'disabled' => !empty($request['data']['disabled']) ? $request['data']['disabled'] : '',
|
||||
|
||||
'email' => !empty($request['data']['email']) ? $request['data']['email'] : '',
|
||||
'first_name' => !empty($request['data']['first_name']) ? $request['data']['first_name'] : '',
|
||||
'last_name' => !empty($request['data']['last_name']) ? $request['data']['last_name'] : '',
|
||||
'position' => !empty($request['data']['position']) ? $request['data']['position'] : '',
|
||||
]);
|
||||
return [
|
||||
'dropdownData' => $dropdownData,
|
||||
|
@ -82,6 +100,7 @@ class RegistrationProcessor extends UserInboxProcessor implements GenericInboxPr
|
|||
|
||||
public function process($id, $requestData, $inboxRequest)
|
||||
{
|
||||
$hashedPassword = $inboxRequest['data']['password'];
|
||||
if ($requestData['individual_id'] == -1) {
|
||||
$individual = $this->Users->Individuals->newEntity([
|
||||
'uuid' => $requestData['uuid'],
|
||||
|
@ -101,6 +120,7 @@ class RegistrationProcessor extends UserInboxProcessor implements GenericInboxPr
|
|||
'role_id' => $requestData['role_id'],
|
||||
'disabled' => $requestData['disabled'],
|
||||
]);
|
||||
$user->set('password', $hashedPassword, ['setter' => false]); // ignore default password hashing as it has already been hashed
|
||||
$user = $this->Users->save($user);
|
||||
|
||||
if ($user !== false) {
|
||||
|
|
|
@ -1,99 +1,88 @@
|
|||
<?php
|
||||
$formUser = $this->element('genericElements/Form/genericForm', [
|
||||
'entity' => $userEntity,
|
||||
'ajax' => false,
|
||||
'raw' => true,
|
||||
'data' => [
|
||||
'description' => __('Create user account'),
|
||||
'model' => 'User',
|
||||
'fields' => [
|
||||
[
|
||||
'field' => 'individual_id',
|
||||
'type' => 'dropdown',
|
||||
'label' => __('Associated individual'),
|
||||
'options' => $dropdownData['individual'],
|
||||
],
|
||||
[
|
||||
'field' => 'username',
|
||||
'autocomplete' => 'off',
|
||||
],
|
||||
[
|
||||
'field' => 'role_id',
|
||||
'type' => 'dropdown',
|
||||
'label' => __('Role'),
|
||||
'options' => $dropdownData['role']
|
||||
],
|
||||
[
|
||||
'field' => 'disabled',
|
||||
'type' => 'checkbox',
|
||||
'label' => 'Disable'
|
||||
]
|
||||
$combinedForm = $this->element('genericElements/Form/genericForm', [
|
||||
'entity' => $userEntity,
|
||||
'ajax' => false,
|
||||
'raw' => true,
|
||||
'data' => [
|
||||
'description' => __('Create user account'),
|
||||
'model' => 'User',
|
||||
'fields' => [
|
||||
[
|
||||
'field' => 'individual_id',
|
||||
'type' => 'dropdown',
|
||||
'label' => __('Associated individual'),
|
||||
'options' => $dropdownData['individual'],
|
||||
],
|
||||
'submit' => [
|
||||
'action' => $this->request->getParam('action')
|
||||
]
|
||||
]
|
||||
]);
|
||||
|
||||
$formIndividual = $this->element('genericElements/Form/genericForm', [
|
||||
'entity' => $individualEntity,
|
||||
'ajax' => false,
|
||||
'raw' => true,
|
||||
'data' => [
|
||||
'description' => __('Create individual'),
|
||||
'model' => 'Individual',
|
||||
'fields' => [
|
||||
[
|
||||
'field' => 'email',
|
||||
'autocomplete' => 'off'
|
||||
],
|
||||
[
|
||||
'field' => 'uuid',
|
||||
'label' => 'UUID',
|
||||
'type' => 'uuid',
|
||||
'autocomplete' => 'off'
|
||||
],
|
||||
[
|
||||
'field' => 'first_name',
|
||||
'autocomplete' => 'off'
|
||||
],
|
||||
[
|
||||
'field' => 'last_name',
|
||||
'autocomplete' => 'off'
|
||||
],
|
||||
[
|
||||
'field' => 'position',
|
||||
'autocomplete' => 'off'
|
||||
],
|
||||
[
|
||||
'field' => 'username',
|
||||
'autocomplete' => 'off',
|
||||
],
|
||||
[
|
||||
'field' => 'role_id',
|
||||
'type' => 'dropdown',
|
||||
'label' => __('Role'),
|
||||
'options' => $dropdownData['role']
|
||||
],
|
||||
[
|
||||
'field' => 'disabled',
|
||||
'type' => 'checkbox',
|
||||
'label' => 'Disable'
|
||||
],
|
||||
'submit' => [
|
||||
'action' => $this->request->getParam('action')
|
||||
]
|
||||
]
|
||||
]);
|
||||
|
||||
echo $this->Bootstrap->modal([
|
||||
'title' => __('Register user'),
|
||||
'size' => 'lg',
|
||||
'type' => 'confirm',
|
||||
'bodyHtml' => sprintf('<div class="user-container">%s</div><div class="individual-container">%s</div>',
|
||||
$formUser,
|
||||
$formIndividual
|
||||
),
|
||||
'confirmText' => __('Create user'),
|
||||
'confirmFunction' => 'submitRegistration'
|
||||
]);
|
||||
sprintf('<div class="pb-2 fs-4">%s</div>', __('Create individual')),
|
||||
[
|
||||
'field' => 'email',
|
||||
'autocomplete' => 'off'
|
||||
],
|
||||
[
|
||||
'field' => 'uuid',
|
||||
'label' => 'UUID',
|
||||
'type' => 'uuid',
|
||||
'autocomplete' => 'off'
|
||||
],
|
||||
[
|
||||
'field' => 'first_name',
|
||||
'autocomplete' => 'off'
|
||||
],
|
||||
[
|
||||
'field' => 'last_name',
|
||||
'autocomplete' => 'off'
|
||||
],
|
||||
[
|
||||
'field' => 'position',
|
||||
'autocomplete' => 'off'
|
||||
],
|
||||
],
|
||||
'submit' => [
|
||||
'action' => $this->request->getParam('action')
|
||||
]
|
||||
]
|
||||
]);
|
||||
|
||||
|
||||
echo $this->Bootstrap->modal([
|
||||
'title' => __('Register user'),
|
||||
'size' => 'lg',
|
||||
'type' => 'confirm',
|
||||
'bodyHtml' => sprintf(
|
||||
'<div class="form-container">%s</div>',
|
||||
$combinedForm
|
||||
),
|
||||
'confirmText' => __('Create user'),
|
||||
'confirmFunction' => 'submitRegistration'
|
||||
]);
|
||||
?>
|
||||
</div>
|
||||
|
||||
<script>
|
||||
function submitRegistration(modalObject, tmpApi) {
|
||||
const $forms = modalObject.$modal.find('form')
|
||||
const url = $forms[0].action
|
||||
const data1 = getFormData($forms[0])
|
||||
const data2 = getFormData($forms[1])
|
||||
const data = {...data1, ...data2}
|
||||
return tmpApi.postData(url, data)
|
||||
const $form = modalObject.$modal.find('form')
|
||||
tmpApi.postForm($form[0]).then(() => {
|
||||
const url = '/inbox/index'
|
||||
const $container = $('div[id^="table-container-"]')
|
||||
const randomValue = $container.attr('id').split('-')[2]
|
||||
UI.reload(url, $(`#table-container-${randomValue}`), $(`#table-container-${randomValue} table.table`))
|
||||
})
|
||||
}
|
||||
|
||||
$(document).ready(function() {
|
||||
|
@ -107,7 +96,7 @@
|
|||
})
|
||||
|
||||
function getFormData(form) {
|
||||
return Object.values(form).reduce((obj,field) => {
|
||||
return Object.values(form).reduce((obj, field) => {
|
||||
if (field.type === 'checkbox') {
|
||||
obj[field.name] = field.checked;
|
||||
} else {
|
||||
|
@ -119,7 +108,8 @@
|
|||
</script>
|
||||
|
||||
<style>
|
||||
div.individual-container > div, div.user-container > div {
|
||||
font-size: 1.5rem;
|
||||
}
|
||||
div.individual-container>div,
|
||||
div.user-container>div {
|
||||
font-size: 1.5rem;
|
||||
}
|
||||
</style>
|
|
@ -254,7 +254,7 @@ class ACLComponent extends Component
|
|||
*/
|
||||
public function setPublicInterfaces(): void
|
||||
{
|
||||
$this->Authentication->allowUnauthenticated(['login']);
|
||||
$this->Authentication->allowUnauthenticated(['login', 'register']);
|
||||
}
|
||||
|
||||
private function checkAccessInternal($controller, $action, $soft): bool
|
||||
|
|
|
@ -6,6 +6,8 @@ use Cake\Utility\Hash;
|
|||
use Cake\Utility\Text;
|
||||
use Cake\ORM\TableRegistry;
|
||||
use \Cake\Database\Expression\QueryExpression;
|
||||
use Cake\Http\Exception\UnauthorizedException;
|
||||
use Cake\Core\Configure;
|
||||
|
||||
class UsersController extends AppController
|
||||
{
|
||||
|
@ -160,19 +162,27 @@ class UsersController extends AppController
|
|||
|
||||
public function register()
|
||||
{
|
||||
$this->InboxProcessors = TableRegistry::getTableLocator()->get('InboxProcessors');
|
||||
$processor = $this->InboxProcessors->getProcessor('User', 'Registration');
|
||||
$data = [
|
||||
'origin' => '127.0.0.1',
|
||||
'comment' => 'Hi there!, please create an account',
|
||||
'data' => [
|
||||
'username' => 'foobar',
|
||||
'email' => 'foobar@admin.test',
|
||||
'first_name' => 'foo',
|
||||
'last_name' => 'bar',
|
||||
],
|
||||
];
|
||||
$processorResult = $processor->create($data);
|
||||
return $processor->genHTTPReply($this, $processorResult, ['controller' => 'Inbox', 'action' => 'index']);
|
||||
if (empty(Configure::read('Cerebrate')['security.registration.self-registration'])) {
|
||||
throw new UnauthorizedException(__('User self-registration is not open.'));
|
||||
}
|
||||
if ($this->request->is('post')) {
|
||||
$data = $this->request->getData();
|
||||
$this->InboxProcessors = TableRegistry::getTableLocator()->get('InboxProcessors');
|
||||
$processor = $this->InboxProcessors->getProcessor('User', 'Registration');
|
||||
$data = [
|
||||
'origin' => $this->request->clientIp(),
|
||||
'comment' => '-no comment-',
|
||||
'data' => [
|
||||
'username' => $data['username'],
|
||||
'email' => $data['email'],
|
||||
'first_name' => $data['first_name'],
|
||||
'last_name' => $data['last_name'],
|
||||
'password' => $data['password'],
|
||||
],
|
||||
];
|
||||
$processorResult = $processor->create($data);
|
||||
return $processor->genHTTPReply($this, $processorResult, ['controller' => 'Inbox', 'action' => 'index']);
|
||||
}
|
||||
$this->viewBuilder()->setLayout('login');
|
||||
}
|
||||
}
|
||||
|
|
|
@ -240,6 +240,16 @@ class CerebrateSettingsProvider extends BaseSettingsProvider
|
|||
]
|
||||
],
|
||||
'Security' => [
|
||||
'Registration' => [
|
||||
'Registration' => [
|
||||
'security.registration.self-registration' => [
|
||||
'name' => __('Allow self-registration'),
|
||||
'type' => 'boolean',
|
||||
'description' => __('Enable the self-registration feature where user can request account creation. Admin can view the request and accept it in the application inbox.'),
|
||||
'default' => false,
|
||||
],
|
||||
]
|
||||
],
|
||||
'Development' => [
|
||||
'Debugging' => [
|
||||
'security.debug' => [
|
||||
|
|
|
@ -1,53 +1,58 @@
|
|||
<?php
|
||||
use Cake\Core\Configure;
|
||||
|
||||
echo '<div class="form-signin panel shadow position-absolute start-50 translate-middle">';
|
||||
echo sprintf(
|
||||
'<div class="text-center mb-4">%s</div>',
|
||||
$this->Html->image('logo-purple.png', [
|
||||
'alt' => __('Cerebrate logo'),
|
||||
'width' => 100, 'height' => 100,
|
||||
'style' => ['filter: drop-shadow(4px 4px 4px #924da666);']
|
||||
])
|
||||
);
|
||||
echo sprintf('<h4 class="text-uppercase fw-light mb-3">%s</h4>', __('Sign in'));
|
||||
$template = [
|
||||
'inputContainer' => '<div class="form-floating input {{type}}{{required}}">{{content}}</div>',
|
||||
'formGroup' => '{{input}}{{label}}',
|
||||
'submitContainer' => '<div class="submit d-grid">{{content}}</div>',
|
||||
];
|
||||
$this->Form->setTemplates($template);
|
||||
echo $this->Form->create(null, ['url' => ['controller' => 'users', 'action' => 'login']]);
|
||||
echo $this->Form->control('username', ['label' => 'Username', 'class' => 'form-control mb-2', 'placeholder' => __('Username')]);
|
||||
echo $this->Form->control('password', ['type' => 'password', 'label' => 'Password', 'class' => 'form-control mb-3', 'placeholder' => __('Password')]);
|
||||
echo $this->Form->control(__('Submit'), ['type' => 'submit', 'class' => 'btn btn-primary']);
|
||||
echo $this->Form->end();
|
||||
|
||||
if (!empty(Configure::read('keycloak'))) {
|
||||
echo sprintf('<div class="d-flex align-items-center my-3"><hr class="d-inline-block flex-grow-1"/><span class="mx-3 fw-light">%s</span><hr class="d-inline-block flex-grow-1"/></div>', __('Or'));
|
||||
echo $this->Form->create(null, [
|
||||
'url' => Cake\Routing\Router::url([
|
||||
'prefix' => false,
|
||||
'plugin' => 'ADmad/SocialAuth',
|
||||
'controller' => 'Auth',
|
||||
'action' => 'login',
|
||||
'provider' => 'keycloak',
|
||||
'?' => ['redirect' => $this->request->getQuery('redirect')]
|
||||
]),
|
||||
]);
|
||||
echo $this->Bootstrap->button([
|
||||
'type' => 'submit',
|
||||
'text' => __('Login with Keycloak'),
|
||||
'variant' => 'secondary',
|
||||
'class' => ['d-block', 'w-100'],
|
||||
'image' => [
|
||||
'path' => '/img/keycloak_logo.png',
|
||||
'alt' => 'Keycloak'
|
||||
]
|
||||
]);
|
||||
echo $this->Form->end();
|
||||
}
|
||||
echo '</div>';
|
||||
|
||||
use Cake\Core\Configure;
|
||||
?>
|
||||
|
||||
<div class="form-signin panel shadow position-absolute start-50 translate-middle">
|
||||
<?php
|
||||
echo sprintf(
|
||||
'<div class="text-center mb-4">%s</div>',
|
||||
$this->Html->image('logo-purple.png', [
|
||||
'alt' => __('Cerebrate logo'),
|
||||
'width' => 100, 'height' => 100,
|
||||
'style' => ['filter: drop-shadow(4px 4px 4px #924da666);']
|
||||
])
|
||||
);
|
||||
echo sprintf('<h4 class="text-uppercase fw-light mb-3">%s</h4>', __('Sign up'));
|
||||
$template = [
|
||||
'inputContainer' => '<div class="form-floating input {{type}}{{required}}">{{content}}</div>',
|
||||
'formGroup' => '{{input}}{{label}}',
|
||||
'submitContainer' => '<div class="submit d-grid">{{content}}</div>',
|
||||
];
|
||||
$this->Form->setTemplates($template);
|
||||
echo $this->Form->create(null, ['url' => ['controller' => 'users', 'action' => 'login']]);
|
||||
echo $this->Form->control('username', ['label' => 'Username', 'class' => 'form-control mb-2', 'placeholder' => __('Username')]);
|
||||
echo $this->Form->control('password', ['type' => 'password', 'label' => 'Password', 'class' => 'form-control mb-3', 'placeholder' => __('Password')]);
|
||||
echo $this->Form->control(__('Login'), ['type' => 'submit', 'class' => 'btn btn-primary']);
|
||||
echo $this->Form->end();
|
||||
if (!empty(Configure::read('Cerebrate')['security.registration.self-registration'])) {
|
||||
echo '<div class="text-end">';
|
||||
echo sprintf('<span class="text-secondary ms-auto" style="font-size: 0.8rem">%s <a href="/users/register" class="text-decoration-none link-primary fw-bold">%s</a></span>', __('Doesn\'t have an account?'), __('Sign up'));
|
||||
echo '</div>';
|
||||
}
|
||||
|
||||
if (!empty(Configure::read('keycloak'))) {
|
||||
echo sprintf('<div class="d-flex align-items-center my-2"><hr class="d-inline-block flex-grow-1"/><span class="mx-3 fw-light">%s</span><hr class="d-inline-block flex-grow-1"/></div>', __('Or'));
|
||||
echo $this->Form->create(null, [
|
||||
'url' => Cake\Routing\Router::url([
|
||||
'prefix' => false,
|
||||
'plugin' => 'ADmad/SocialAuth',
|
||||
'controller' => 'Auth',
|
||||
'action' => 'login',
|
||||
'provider' => 'keycloak',
|
||||
'?' => ['redirect' => $this->request->getQuery('redirect')]
|
||||
]),
|
||||
]);
|
||||
echo $this->Bootstrap->button([
|
||||
'type' => 'submit',
|
||||
'text' => __('Login with Keycloak'),
|
||||
'variant' => 'secondary',
|
||||
'class' => ['d-block', 'w-100'],
|
||||
'image' => [
|
||||
'path' => '/img/keycloak_logo.png',
|
||||
'alt' => 'Keycloak'
|
||||
]
|
||||
]);
|
||||
echo $this->Form->end();
|
||||
}
|
||||
?>
|
||||
</div>
|
|
@ -0,0 +1,42 @@
|
|||
<?php
|
||||
use Cake\Core\Configure;
|
||||
?>
|
||||
|
||||
<div class="form-signin panel shadow position-absolute start-50 translate-middle">
|
||||
<?php
|
||||
echo sprintf(
|
||||
'<div class="text-center mb-4">%s</div>',
|
||||
$this->Html->image('logo-purple.png', [
|
||||
'alt' => __('Cerebrate logo'),
|
||||
'width' => 100, 'height' => 100,
|
||||
'style' => ['filter: drop-shadow(4px 4px 4px #924da666);']
|
||||
])
|
||||
);
|
||||
echo sprintf('<h4 class="text-uppercase fw-light mb-3">%s</h4>', __('Sign in'));
|
||||
$template = [
|
||||
'inputContainer' => '<div class="input {{type}}{{required}}">{{content}}</div>',
|
||||
'formGroup' => '{{label}}{{input}}',
|
||||
'submitContainer' => '<div class="submit d-grid">{{content}}</div>',
|
||||
'label' => '<label class="fw-light fs-7" {{attrs}}>{{text}}</label>'
|
||||
];
|
||||
$this->Form->setTemplates($template);
|
||||
echo $this->Form->create(null, ['url' => ['controller' => 'users', 'action' => 'register']]);
|
||||
|
||||
echo $this->Form->control('username', ['label' => __('Username'), 'class' => 'form-control mb-2']);
|
||||
echo $this->Form->control('email', ['label' => __('E-mail Address'), 'class' => 'form-control mb-3']);
|
||||
|
||||
echo '<div class="row g-1 mb-3">';
|
||||
echo '<div class="col-md">';
|
||||
echo $this->Form->control('first_name', ['label' => __('First Name'), 'class' => 'form-control']);
|
||||
echo '</div>';
|
||||
echo '<div class="col-md">';
|
||||
echo $this->Form->control('last_name', ['label' => __('Last Name'), 'class' => 'form-control mb-2']);
|
||||
echo '</div>';
|
||||
echo '</div>';
|
||||
|
||||
echo $this->Form->control('password', ['type' => 'password', 'label' => __('Password'), 'class' => 'form-control mb-4']);
|
||||
|
||||
echo $this->Form->control(__('Sign up'), ['type' => 'submit', 'class' => 'btn btn-primary']);
|
||||
echo $this->Form->end();
|
||||
?>
|
||||
</div>
|
|
@ -168,3 +168,11 @@ input[type="checkbox"]:disabled.change-cursor {
|
|||
-webkit-mask-repeat: no-repeat;
|
||||
-webkit-mask-image: url("data:image/svg+xml,%3C%3Fxml version='1.0' encoding='UTF-8' standalone='no'%3F%3E%3Csvg xmlns='http://www.w3.org/2000/svg' height='223.995' width='383.98752' viewBox='0 0 383.98752 223.995' role='img'%3E%3Cpath d='m 367.9975,0 h -118.06 c -21.38,0 -32.09,25.85 -16.97,40.97 l 32.4,32.4 -73.37,73.38 -73.37,-73.37 c -12.5,-12.5 -32.76,-12.5 -45.25,0 l -68.69,68.69 c -6.25,6.25 -6.25,16.38 0,22.63 l 22.62,22.62 c 6.25,6.25 16.38,6.25 22.63,0 l 46.06,-46.07 73.37,73.37 c 12.5,12.5 32.76,12.5 45.25,0 l 96,-96 32.4,32.4 c 15.12,15.12 40.97,4.41 40.97,-16.97 V 16 c 0.01,-8.84 -7.15,-16 -15.99,-16 z' /%3E%3C/svg%3E%0A");
|
||||
}
|
||||
|
||||
.fs-7 {
|
||||
font-size: .875rem !important;
|
||||
}
|
||||
|
||||
.fs-8 {
|
||||
font-size: .7rem !important;
|
||||
}
|
Loading…
Reference in New Issue