From 60e36dc7df5c271cd51ab27b4853a844828f4117 Mon Sep 17 00:00:00 2001 From: Ilya Vasilenko Date: Tue, 2 Jul 2024 11:20:47 +0500 Subject: [PATCH 1/2] roles & swagger --- app/config/packages/security.yaml | 13 +--- app/src/Controller/AuthController.php | 76 ++++++++++++++++--- app/src/Controller/ProfileController.php | 5 +- app/src/Entity/User.php | 5 +- app/src/Service/Dto/Classes/LoginDto.php | 12 +++ app/src/Service/Dto/Classes/TokenDto.php | 12 +++ .../Response/Classes/TokenResponse.php | 11 ++- 7 files changed, 105 insertions(+), 29 deletions(-) create mode 100644 app/src/Service/Dto/Classes/LoginDto.php create mode 100644 app/src/Service/Dto/Classes/TokenDto.php diff --git a/app/config/packages/security.yaml b/app/config/packages/security.yaml index ffde54b..b456202 100644 --- a/app/config/packages/security.yaml +++ b/app/config/packages/security.yaml @@ -46,22 +46,13 @@ security: - { path: ^/api/doc, roles: PUBLIC_ACCESS } - { path: ^/api/register, roles: PUBLIC_ACCESS } - - { path: ^/api/register/send, roles: ROLE_USER } - - { path: ^/api/register/check, roles: ROLE_USER } - - { path: ^/api/password/reset/check, roles: PUBLIC_ACCESS } - - { path: ^/api/password/reset, roles: ROLE_USER } - { path: ^/api/password/send, roles: PUBLIC_ACCESS } - - { path: ^/api/profile/recovery, roles: PUBLIC_ACCESS } - { path: ^/api/profile/recovery/check, roles: PUBLIC_ACCESS } - - { path: ^/api/profile/reset/email, roles: ROLE_USER } - - { path: ^/api/profile/reset/field, roles: ROLE_USER } - - { path: ^/api/profile/change, roles: ROLE_USER } - - { path: ^/api/profile, roles: ROLE_USER } - - { path: ^/api, roles: ROLE_CONFIRMED } + + - { path: ^/api, roles: ROLE_USER } # - { path: ^/admin, roles: ROLE_ADMIN } - # - { path: ^/profile, roles: ROLE_USER } when@test: security: diff --git a/app/src/Controller/AuthController.php b/app/src/Controller/AuthController.php index cc257a8..7805307 100644 --- a/app/src/Controller/AuthController.php +++ b/app/src/Controller/AuthController.php @@ -4,12 +4,15 @@ namespace App\Controller; use App\Service\Action\ActionServiceInterface; use App\Service\Dto\Classes\ChangePasswordDto; +use App\Service\Dto\Classes\LoginDto; use App\Service\Dto\Classes\RecoveryDto; use App\Service\Dto\Classes\RegisterCodeDto; use App\Service\Dto\Classes\RegisterDto; use App\Service\Dto\Classes\ResetPasswordCodeDto; use App\Service\Response\Classes\Response; +use App\Service\Response\Classes\TokenResponse; use Nelmio\ApiDocBundle\Annotation\Model; +use Nelmio\ApiDocBundle\Annotation\Security; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\DependencyInjection\Attribute\Autowire; use Symfony\Component\HttpFoundation\JsonResponse; @@ -18,19 +21,37 @@ use OpenApi\Attributes as OA; #[Route('/api', name: 'api_')] #[OA\Tag(name: 'Авторизация')] -#[OA\Response( - response: 200, - description: 'Ответ', - content: new OA\JsonContent( - ref: new Model(type: Response::class, groups: ["message"]) - ) -)] class AuthController extends AbstractController { + #[Route('/login', name: 'get_token', methods: ['POST'])] + #[OA\RequestBody( + content: new OA\JsonContent(ref: new Model(type: LoginDto::class)) + )] + #[OA\Response( + response: 200, + description: 'Ответ', + content: new OA\JsonContent( + ref: new Model(type: TokenResponse::class, groups: ["message", "data"]) + ) + )] + #[Security(name: null)] + public function getToken() + { + // Заглушка для Swagger + } + #[Route('/register', name: 'register', methods: ['POST'])] #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: RegisterDto::class)) )] + #[OA\Response( + response: 200, + description: 'Ответ', + content: new OA\JsonContent( + ref: new Model(type: Response::class, groups: ["message"]) + ) + )] + #[Security(name: null)] public function register( #[Autowire(service: 'action.register')] ActionServiceInterface $actionService @@ -39,7 +60,14 @@ class AuthController extends AbstractController return $actionService->getResponse(); } - #[Route('/register/send', name: 'register_send', methods: ['GET'])] + #[Route('/email/send', name: 'email_send', methods: ['GET'])] + #[OA\Response( + response: 200, + description: 'Ответ', + content: new OA\JsonContent( + ref: new Model(type: Response::class, groups: ["message"]) + ) + )] public function sendRegisterCode( #[Autowire(service: 'action.register.send')] ActionServiceInterface $actionService, @@ -48,10 +76,17 @@ class AuthController extends AbstractController return $actionService->getResponse(); } - #[Route('/register/check', name: 'register_check', methods: ['POST'])] + #[Route('/email/check', name: 'email_check', methods: ['POST'])] #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: RegisterCodeDto::class)) )] + #[OA\Response( + response: 200, + description: 'Ответ', + content: new OA\JsonContent( + ref: new Model(type: Response::class, groups: ["message"]) + ) + )] public function checkRegisterCode( #[Autowire(service: 'action.register.code')] ActionServiceInterface $actionService @@ -64,6 +99,13 @@ class AuthController extends AbstractController #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: ChangePasswordDto::class)) )] + #[OA\Response( + response: 200, + description: 'Ответ', + content: new OA\JsonContent( + ref: new Model(type: Response::class, groups: ["message"]) + ) + )] public function resetPassword( #[Autowire(service: 'action.reset.password.change')] ActionServiceInterface $actionService @@ -76,6 +118,14 @@ class AuthController extends AbstractController #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: RecoveryDto::class)) )] + #[OA\Response( + response: 200, + description: 'Ответ', + content: new OA\JsonContent( + ref: new Model(type: Response::class, groups: ["message"]) + ) + )] + #[Security(name: null)] public function sendResetPassword( #[Autowire(service: 'action.reset.password.send')] ActionServiceInterface $actionService @@ -88,6 +138,14 @@ class AuthController extends AbstractController #[OA\RequestBody( content: new OA\JsonContent(ref: new Model(type: ResetPasswordCodeDto::class)) )] + #[OA\Response( + response: 200, + description: 'Ответ', + content: new OA\JsonContent( + ref: new Model(type: Response::class, groups: ["message"]) + ) + )] + #[Security(name: null)] public function resetCheckPassword( #[Autowire(service: 'action.reset.password.code')] ActionServiceInterface $actionService diff --git a/app/src/Controller/ProfileController.php b/app/src/Controller/ProfileController.php index 8386604..d4a2e26 100644 --- a/app/src/Controller/ProfileController.php +++ b/app/src/Controller/ProfileController.php @@ -13,6 +13,7 @@ use App\Service\Response\Classes\QuestsResponse; use App\Service\Response\Classes\Response; use App\Service\Response\Classes\ReviewsResponse; use Nelmio\ApiDocBundle\Annotation\Model; +use Nelmio\ApiDocBundle\Annotation\Security; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\DependencyInjection\Attribute\Autowire; use Symfony\Component\HttpFoundation\JsonResponse; @@ -114,6 +115,7 @@ class ProfileController extends AbstractController ref: new Model(type: Response::class, groups: ["message"]) ) )] + #[Security(name: null)] public function recoveryProfile( #[Autowire(service: 'action.recovery.send')] ActionServiceInterface $actionService, @@ -133,6 +135,7 @@ class ProfileController extends AbstractController ref: new Model(type: Response::class, groups: ["message"]) ) )] + #[Security(name: null)] public function recoveryCodeProfile( #[Autowire(service: 'action.recovery.code')] ActionServiceInterface $actionService, @@ -160,7 +163,7 @@ class ProfileController extends AbstractController return $actionService->getResponse(); } - #[Route('/profile/reset/email', name: 'profile_reset_email', methods: ['GET'])] + #[Route('/profile/email/reset', name: 'profile_email_reset', methods: ['GET'])] #[OA\Response( response: 200, description: 'Ответ', diff --git a/app/src/Entity/User.php b/app/src/Entity/User.php index 89d0897..811175c 100644 --- a/app/src/Entity/User.php +++ b/app/src/Entity/User.php @@ -149,13 +149,10 @@ class User implements UserInterface, PasswordAuthenticatedUserInterface { $roles = $this->roles; // guarantee every user at least has ROLE_USER - $roles[] = 'ROLE_USER'; if ($this->isDeleted()) { $roles[] = 'ROLE_DELETED'; - } else if ($this->isConfirm()) { - $roles[] = 'ROLE_CONFIRMED'; } else { - $roles[] = 'ROLE_NOT_CONFIRMED'; + $roles[] = 'ROLE_USER'; } return array_unique($roles); diff --git a/app/src/Service/Dto/Classes/LoginDto.php b/app/src/Service/Dto/Classes/LoginDto.php new file mode 100644 index 0000000..e86800c --- /dev/null +++ b/app/src/Service/Dto/Classes/LoginDto.php @@ -0,0 +1,12 @@ +data = ['token' => $token]; + $dto = new TokenDto(); + $dto->token = $token; + $this->data = $dto; } } \ No newline at end of file -- GitLab From fe33ef9b0a251138ecd6cf87a2c27fb4f32a3824 Mon Sep 17 00:00:00 2001 From: Ilya Vasilenko Date: Tue, 2 Jul 2024 11:26:00 +0500 Subject: [PATCH 2/2] README --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index a6a08a1..aeae18f 100644 --- a/README.md +++ b/README.md @@ -60,6 +60,10 @@ +## Postman + +Импортировать в Postman `{URL}/api/doc.json` + ## Настройка Xdebug (PHPStorm)
Инструкция -- GitLab