Loading app/config/packages/security.yaml +2 −11 Original line number Diff line number Diff line Loading @@ -46,22 +46,13 @@ security: - { path: ^/api/doc, roles: PUBLIC_ACCESS } - { path: ^/api/register, roles: PUBLIC_ACCESS } - { path: ^/api/register/send, roles: ROLE_USER } - { path: ^/api/register/check, roles: ROLE_USER } - { path: ^/api/password/reset/check, roles: PUBLIC_ACCESS } - { path: ^/api/password/reset, roles: ROLE_USER } - { path: ^/api/password/send, roles: PUBLIC_ACCESS } - { path: ^/api/profile/recovery, roles: PUBLIC_ACCESS } - { path: ^/api/profile/recovery/check, roles: PUBLIC_ACCESS } - { path: ^/api/profile/reset/email, roles: ROLE_USER } - { path: ^/api/profile/reset/field, roles: ROLE_USER } - { path: ^/api/profile/change, roles: ROLE_USER } - { path: ^/api/profile, roles: ROLE_USER } - { path: ^/api, roles: ROLE_CONFIRMED } - { path: ^/api, roles: ROLE_USER } # - { path: ^/admin, roles: ROLE_ADMIN } # - { path: ^/profile, roles: ROLE_USER } when@test: security: Loading app/src/Controller/AuthController.php +67 −9 Original line number Diff line number Diff line Loading @@ -4,12 +4,15 @@ namespace App\Controller; use App\Service\Action\ActionServiceInterface; use App\Service\Dto\Classes\ChangePasswordDto; use App\Service\Dto\Classes\LoginDto; use App\Service\Dto\Classes\RecoveryDto; use App\Service\Dto\Classes\RegisterCodeDto; use App\Service\Dto\Classes\RegisterDto; use App\Service\Dto\Classes\ResetPasswordCodeDto; use App\Service\Response\Classes\Response; use App\Service\Response\Classes\TokenResponse; use Nelmio\ApiDocBundle\Annotation\Model; use Nelmio\ApiDocBundle\Annotation\Security; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\DependencyInjection\Attribute\Autowire; use Symfony\Component\HttpFoundation\JsonResponse; Loading @@ -18,19 +21,37 @@ use OpenApi\Attributes as OA; #[Route('/api', name: 'api_')] #[OA\Tag(name: 'Авторизация')] class AuthController extends AbstractController { #[Route('/login', name: 'get_token', methods: ['POST'])] #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: LoginDto::class)) )] #[OA\Response( response: 200, description: 'Ответ', content: new OA\JsonContent( ref: new Model(type: Response::class, groups: ["message"]) ref: new Model(type: TokenResponse::class, groups: ["message", "data"]) ) )] class AuthController extends AbstractController #[Security(name: null)] public function getToken() { // Заглушка для Swagger } #[Route('/register', name: 'register', methods: ['POST'])] #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: RegisterDto::class)) )] #[OA\Response( response: 200, description: 'Ответ', content: new OA\JsonContent( ref: new Model(type: Response::class, groups: ["message"]) ) )] #[Security(name: null)] public function register( #[Autowire(service: 'action.register')] ActionServiceInterface $actionService Loading @@ -39,7 +60,14 @@ class AuthController extends AbstractController return $actionService->getResponse(); } #[Route('/register/send', name: 'register_send', methods: ['GET'])] #[Route('/email/send', name: 'email_send', methods: ['GET'])] #[OA\Response( response: 200, description: 'Ответ', content: new OA\JsonContent( ref: new Model(type: Response::class, groups: ["message"]) ) )] public function sendRegisterCode( #[Autowire(service: 'action.register.send')] ActionServiceInterface $actionService, Loading @@ -48,10 +76,17 @@ class AuthController extends AbstractController return $actionService->getResponse(); } #[Route('/register/check', name: 'register_check', methods: ['POST'])] #[Route('/email/check', name: 'email_check', methods: ['POST'])] #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: RegisterCodeDto::class)) )] #[OA\Response( response: 200, description: 'Ответ', content: new OA\JsonContent( ref: new Model(type: Response::class, groups: ["message"]) ) )] public function checkRegisterCode( #[Autowire(service: 'action.register.code')] ActionServiceInterface $actionService Loading @@ -64,6 +99,13 @@ class AuthController extends AbstractController #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: ChangePasswordDto::class)) )] #[OA\Response( response: 200, description: 'Ответ', content: new OA\JsonContent( ref: new Model(type: Response::class, groups: ["message"]) ) )] public function resetPassword( #[Autowire(service: 'action.reset.password.change')] ActionServiceInterface $actionService Loading @@ -76,6 +118,14 @@ class AuthController extends AbstractController #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: RecoveryDto::class)) )] #[OA\Response( response: 200, description: 'Ответ', content: new OA\JsonContent( ref: new Model(type: Response::class, groups: ["message"]) ) )] #[Security(name: null)] public function sendResetPassword( #[Autowire(service: 'action.reset.password.send')] ActionServiceInterface $actionService Loading @@ -88,6 +138,14 @@ class AuthController extends AbstractController #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: ResetPasswordCodeDto::class)) )] #[OA\Response( response: 200, description: 'Ответ', content: new OA\JsonContent( ref: new Model(type: Response::class, groups: ["message"]) ) )] #[Security(name: null)] public function resetCheckPassword( #[Autowire(service: 'action.reset.password.code')] ActionServiceInterface $actionService Loading app/src/Controller/ProfileController.php +4 −1 Original line number Diff line number Diff line Loading @@ -13,6 +13,7 @@ use App\Service\Response\Classes\QuestsResponse; use App\Service\Response\Classes\Response; use App\Service\Response\Classes\ReviewsResponse; use Nelmio\ApiDocBundle\Annotation\Model; use Nelmio\ApiDocBundle\Annotation\Security; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\DependencyInjection\Attribute\Autowire; use Symfony\Component\HttpFoundation\JsonResponse; Loading Loading @@ -114,6 +115,7 @@ class ProfileController extends AbstractController ref: new Model(type: Response::class, groups: ["message"]) ) )] #[Security(name: null)] public function recoveryProfile( #[Autowire(service: 'action.recovery.send')] ActionServiceInterface $actionService, Loading @@ -133,6 +135,7 @@ class ProfileController extends AbstractController ref: new Model(type: Response::class, groups: ["message"]) ) )] #[Security(name: null)] public function recoveryCodeProfile( #[Autowire(service: 'action.recovery.code')] ActionServiceInterface $actionService, Loading Loading @@ -160,7 +163,7 @@ class ProfileController extends AbstractController return $actionService->getResponse(); } #[Route('/profile/reset/email', name: 'profile_reset_email', methods: ['GET'])] #[Route('/profile/email/reset', name: 'profile_email_reset', methods: ['GET'])] #[OA\Response( response: 200, description: 'Ответ', Loading app/src/Entity/User.php +1 −4 Original line number Diff line number Diff line Loading @@ -149,13 +149,10 @@ class User implements UserInterface, PasswordAuthenticatedUserInterface { $roles = $this->roles; // guarantee every user at least has ROLE_USER $roles[] = 'ROLE_USER'; if ($this->isDeleted()) { $roles[] = 'ROLE_DELETED'; } else if ($this->isConfirm()) { $roles[] = 'ROLE_CONFIRMED'; } else { $roles[] = 'ROLE_NOT_CONFIRMED'; $roles[] = 'ROLE_USER'; } return array_unique($roles); Loading app/src/Service/Dto/Classes/LoginDto.php 0 → 100644 +12 −0 Original line number Diff line number Diff line <?php namespace App\Service\Dto\Classes; use App\Service\Dto\BaseDto; class LoginDto extends BaseDto { public ?string $email = null; public ?string $password = null; } No newline at end of file Loading
app/config/packages/security.yaml +2 −11 Original line number Diff line number Diff line Loading @@ -46,22 +46,13 @@ security: - { path: ^/api/doc, roles: PUBLIC_ACCESS } - { path: ^/api/register, roles: PUBLIC_ACCESS } - { path: ^/api/register/send, roles: ROLE_USER } - { path: ^/api/register/check, roles: ROLE_USER } - { path: ^/api/password/reset/check, roles: PUBLIC_ACCESS } - { path: ^/api/password/reset, roles: ROLE_USER } - { path: ^/api/password/send, roles: PUBLIC_ACCESS } - { path: ^/api/profile/recovery, roles: PUBLIC_ACCESS } - { path: ^/api/profile/recovery/check, roles: PUBLIC_ACCESS } - { path: ^/api/profile/reset/email, roles: ROLE_USER } - { path: ^/api/profile/reset/field, roles: ROLE_USER } - { path: ^/api/profile/change, roles: ROLE_USER } - { path: ^/api/profile, roles: ROLE_USER } - { path: ^/api, roles: ROLE_CONFIRMED } - { path: ^/api, roles: ROLE_USER } # - { path: ^/admin, roles: ROLE_ADMIN } # - { path: ^/profile, roles: ROLE_USER } when@test: security: Loading
app/src/Controller/AuthController.php +67 −9 Original line number Diff line number Diff line Loading @@ -4,12 +4,15 @@ namespace App\Controller; use App\Service\Action\ActionServiceInterface; use App\Service\Dto\Classes\ChangePasswordDto; use App\Service\Dto\Classes\LoginDto; use App\Service\Dto\Classes\RecoveryDto; use App\Service\Dto\Classes\RegisterCodeDto; use App\Service\Dto\Classes\RegisterDto; use App\Service\Dto\Classes\ResetPasswordCodeDto; use App\Service\Response\Classes\Response; use App\Service\Response\Classes\TokenResponse; use Nelmio\ApiDocBundle\Annotation\Model; use Nelmio\ApiDocBundle\Annotation\Security; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\DependencyInjection\Attribute\Autowire; use Symfony\Component\HttpFoundation\JsonResponse; Loading @@ -18,19 +21,37 @@ use OpenApi\Attributes as OA; #[Route('/api', name: 'api_')] #[OA\Tag(name: 'Авторизация')] class AuthController extends AbstractController { #[Route('/login', name: 'get_token', methods: ['POST'])] #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: LoginDto::class)) )] #[OA\Response( response: 200, description: 'Ответ', content: new OA\JsonContent( ref: new Model(type: Response::class, groups: ["message"]) ref: new Model(type: TokenResponse::class, groups: ["message", "data"]) ) )] class AuthController extends AbstractController #[Security(name: null)] public function getToken() { // Заглушка для Swagger } #[Route('/register', name: 'register', methods: ['POST'])] #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: RegisterDto::class)) )] #[OA\Response( response: 200, description: 'Ответ', content: new OA\JsonContent( ref: new Model(type: Response::class, groups: ["message"]) ) )] #[Security(name: null)] public function register( #[Autowire(service: 'action.register')] ActionServiceInterface $actionService Loading @@ -39,7 +60,14 @@ class AuthController extends AbstractController return $actionService->getResponse(); } #[Route('/register/send', name: 'register_send', methods: ['GET'])] #[Route('/email/send', name: 'email_send', methods: ['GET'])] #[OA\Response( response: 200, description: 'Ответ', content: new OA\JsonContent( ref: new Model(type: Response::class, groups: ["message"]) ) )] public function sendRegisterCode( #[Autowire(service: 'action.register.send')] ActionServiceInterface $actionService, Loading @@ -48,10 +76,17 @@ class AuthController extends AbstractController return $actionService->getResponse(); } #[Route('/register/check', name: 'register_check', methods: ['POST'])] #[Route('/email/check', name: 'email_check', methods: ['POST'])] #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: RegisterCodeDto::class)) )] #[OA\Response( response: 200, description: 'Ответ', content: new OA\JsonContent( ref: new Model(type: Response::class, groups: ["message"]) ) )] public function checkRegisterCode( #[Autowire(service: 'action.register.code')] ActionServiceInterface $actionService Loading @@ -64,6 +99,13 @@ class AuthController extends AbstractController #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: ChangePasswordDto::class)) )] #[OA\Response( response: 200, description: 'Ответ', content: new OA\JsonContent( ref: new Model(type: Response::class, groups: ["message"]) ) )] public function resetPassword( #[Autowire(service: 'action.reset.password.change')] ActionServiceInterface $actionService Loading @@ -76,6 +118,14 @@ class AuthController extends AbstractController #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: RecoveryDto::class)) )] #[OA\Response( response: 200, description: 'Ответ', content: new OA\JsonContent( ref: new Model(type: Response::class, groups: ["message"]) ) )] #[Security(name: null)] public function sendResetPassword( #[Autowire(service: 'action.reset.password.send')] ActionServiceInterface $actionService Loading @@ -88,6 +138,14 @@ class AuthController extends AbstractController #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: ResetPasswordCodeDto::class)) )] #[OA\Response( response: 200, description: 'Ответ', content: new OA\JsonContent( ref: new Model(type: Response::class, groups: ["message"]) ) )] #[Security(name: null)] public function resetCheckPassword( #[Autowire(service: 'action.reset.password.code')] ActionServiceInterface $actionService Loading
app/src/Controller/ProfileController.php +4 −1 Original line number Diff line number Diff line Loading @@ -13,6 +13,7 @@ use App\Service\Response\Classes\QuestsResponse; use App\Service\Response\Classes\Response; use App\Service\Response\Classes\ReviewsResponse; use Nelmio\ApiDocBundle\Annotation\Model; use Nelmio\ApiDocBundle\Annotation\Security; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\DependencyInjection\Attribute\Autowire; use Symfony\Component\HttpFoundation\JsonResponse; Loading Loading @@ -114,6 +115,7 @@ class ProfileController extends AbstractController ref: new Model(type: Response::class, groups: ["message"]) ) )] #[Security(name: null)] public function recoveryProfile( #[Autowire(service: 'action.recovery.send')] ActionServiceInterface $actionService, Loading @@ -133,6 +135,7 @@ class ProfileController extends AbstractController ref: new Model(type: Response::class, groups: ["message"]) ) )] #[Security(name: null)] public function recoveryCodeProfile( #[Autowire(service: 'action.recovery.code')] ActionServiceInterface $actionService, Loading Loading @@ -160,7 +163,7 @@ class ProfileController extends AbstractController return $actionService->getResponse(); } #[Route('/profile/reset/email', name: 'profile_reset_email', methods: ['GET'])] #[Route('/profile/email/reset', name: 'profile_email_reset', methods: ['GET'])] #[OA\Response( response: 200, description: 'Ответ', Loading
app/src/Entity/User.php +1 −4 Original line number Diff line number Diff line Loading @@ -149,13 +149,10 @@ class User implements UserInterface, PasswordAuthenticatedUserInterface { $roles = $this->roles; // guarantee every user at least has ROLE_USER $roles[] = 'ROLE_USER'; if ($this->isDeleted()) { $roles[] = 'ROLE_DELETED'; } else if ($this->isConfirm()) { $roles[] = 'ROLE_CONFIRMED'; } else { $roles[] = 'ROLE_NOT_CONFIRMED'; $roles[] = 'ROLE_USER'; } return array_unique($roles); Loading
app/src/Service/Dto/Classes/LoginDto.php 0 → 100644 +12 −0 Original line number Diff line number Diff line <?php namespace App\Service\Dto\Classes; use App\Service\Dto\BaseDto; class LoginDto extends BaseDto { public ?string $email = null; public ?string $password = null; } No newline at end of file
