kikwik / user-bundle

一个超级简单的用户包,为symfony 4用户管理提供非常基础的辅助工具

维护者

详细信息

github.com/kikwik/user-bundle

源代码

问题

安装: 230

依赖: 0

建议者: 0

安全: 0

星标: 1

关注者: 2

分叉: 0

开放性问题: 0

类型:symfony-bundle

v2.0.1 2024-03-22 14:46 UTC

Requires

Requires (Dev)

MIT 6ba4e51e8388613ce2b684e23536b3c4f881a35e

  • Davide Scarpato <davide.woop@kikwik.it>

This package is auto-updated.

Last update: 2024-09-22 16:03:07 UTC

README

一个超级简单的用户包,为symfony 5.3和6.x用户管理提供非常基础的辅助工具。

安装

请确保已全局安装Composer,具体安装方法请参阅Composer文档中的安装章节

步骤 1:下载Bundle

打开命令行,进入项目目录,并执行以下命令以下载此Bundle的最新稳定版本

$ composer require kikwik/user-bundle

步骤 2:启用Bundle

然后,通过将其添加到项目config/bundles.php文件中注册的Bundle列表来启用此Bundle

// config/bundles.php

return [
    // ...
    Kikwik\UserBundle\KikwikUserBundle::class => ['all' => true],
];

步骤 3:创建用户

运行make:user命令

php bin/console make:user

让您的用户类继承自Kikwik\UserBundle\Model\BaseUser

namespace App\Entity;

use Doctrine\ORM\Mapping as ORM;
use Kikwik\UserBundle\Model\BaseUser;
use Symfony\Component\Security\Core\User\UserInterface;

/**
 * @ORM\Entity(repositoryClass="App\Repository\UserRepository")
 */
class User extends BaseUser implements UserInterface
{
    //...
}

创建config/packages/kikwik_user.yaml配置文件,设置用户类和用户唯一标识字段名

kikwik_user:
    user_class: App\Entity\User
    user_identifier_field: username
    user_email_field: email
    password_min_length: 8
    sender_email: '%env(SENDER_EMAIL)%'
    sender_name: '%env(SENDER_NAME)%'
    enable_admin: true  # default is true

并在.env文件中定义发送变量

###> kikwik/user-bundle ###
SENDER_EMAIL=no-reply@example.com
SENDER_NAME="My Company Name"
###< kikwik/user-bundle ###

特性

禁用用户访问

要激活isEnabled功能,请在config/packages/security.yaml中设置您的firewall的用户检查器选项

security:
    firewalls:
        main:
            pattern: ^/
            user_checker: Kikwik\UserBundle\Security\UserChecker

更改密码

要激活更改和忘记密码功能,请向config/routes/kikwik_user.yaml中添加路由

kikwik_user_bundle_password:
    resource: '@KikwikUserBundle/Resources/config/routes.xml'
    prefix: '/password'

忘记密码功能使用symfony/mailer组件,因此您必须在.env中配置它

MAILER_DSN=sendmail+smtp://

这将注册以下路由

* kikwik_user_password_change
* kikwik_user_password_request
* kikwik_user_password_reset

vendor/kikwik/user-bundle/src/Resources/translations/KikwikUserBundle.xx.yaml中的翻译文件复制到translations/KikwikUserBundle.xx.yaml,并至少更改request_password.email.sender的值

request_password:
    email:
        sender:  'no-reply@my-domain.ltd'
        subject: 'Istruzioni per reimpostare la password'
        content: |
            <p>
                Ciao {{ username }},<br/>
                Abbiamo ricevuto una richiesta per resettare la tua password,
                <a href="{{ reset_url }}">clicca qui per scegliere una nuova password</a><br/>
                oppure incolla in seguente link nella barra degli indirizzi del browser: <br/>{{ reset_url }}
            </p>

Behat

需要behat及其依赖项

$ composer require friends-of-behat/mink-extension friends-of-behat/mink-browserkit-driver friends-of-behat/symfony-extension doctrine/doctrine-fixtures-bundle robertfausk/behat-panther-extension drevops/behat-screenshot --dev

behat.yml.dist中配置behat扩展

default:
    suites:
        default:
            contexts:
                - DrevOps\BehatScreenshotExtension\Context\ScreenshotContext
                - App\Tests\Behat\DefaultContext

    extensions:
        FriendsOfBehat\SymfonyExtension:
            bootstrap: tests/bootstrap.php

        Robertfausk\Behat\PantherExtension: ~ # no configuration here

        Behat\MinkExtension:
            default_session: symfony
            symfony: ~
            show_cmd: firefox %s
            javascript_session: panther
            panther:
                options:
                    browser: 'chrome'

        DrevOps\BehatScreenshotExtension:
            dir: '%paths.base%/var/screenshots'
            fail: true
            fail_prefix: 'failed_'
            purge: true

将以下行添加到.env.test文件中

PANTHER_NO_HEADLESS=0
DATABASE_URL="mysql://user:password@127.0.0.1:3306/local_db_name"  # same string used in .env.dev
MAILER_DSN=null://null

config/packages/web_profiler.yaml中启用测试环境的profiler

when@test:
    framework:
        profiler: { collect: true }

在您的templates/security/login.html.twig模板中,将name="login-submit"赋予登录提交按钮

<button class="btn btn-lg btn-primary" type="submit" name="login-submit">
    Sign in
</button>

在主模板中显示闪存消息

{% for label, messages in app.flashes %}
    {% for message in messages %}
        <div class="alert alert-{{ label }}">
            {{ message|raw }}
        </div>
    {% endfor %}
{% endfor %}

在您的behat上下文中使用KikwikUserContextTrait,并在构造函数中自动注入这些服务

  • ContainerInterface $driverContainer
  • EntityManagerInterface $entityManager
  • UserPasswordHasherInterface $passwordHasher

最终覆盖getUserClassgetUserIdentifierField特性函数

declare(strict_types=1);

namespace App\Tests\Behat;

use Behat\Behat\Context\Context;
use Behat\MinkExtension\Context\MinkContext;
use Doctrine\Common\DataFixtures\Purger\ORMPurger;
use Doctrine\ORM\EntityManagerInterface;
use Kikwik\UserBundle\Behat\KikwikUserContextTrait;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\KernelInterface;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;

/**
 * This context class contains the definitions of the steps used by the demo
 * feature file. Learn how to get started with Behat and BDD on Behat's website.
 *
 * @see http://behat.org/en/latest/quick_start.html
 */
final class DefaultContext extends MinkContext implements Context
{
    use KikwikUserContextTrait;

    /** @var KernelInterface */
    private $kernel;

    /** @var Response|null */
    private $response;

    private ContainerInterface $driverContainer;
    private EntityManagerInterface $entityManager;
    private UserPasswordHasherInterface $passwordHasher;

    public function __construct(KernelInterface $kernel, ContainerInterface $driverContainer, EntityManagerInterface $entityManager, UserPasswordHasherInterface $passwordHasher)
    {
        $this->kernel = $kernel;
        $this->driverContainer = $driverContainer;
        $this->entityManager = $entityManager;
        $this->passwordHasher = $passwordHasher;
    }

    /**
     * @BeforeScenario
     */
    public function clearData()
    {
        $connection = $this->entityManager->getConnection();
        $connection->executeQuery('SET FOREIGN_KEY_CHECKS=0');

        $purger = new ORMPurger($this->entityManager);
        $purger->setPurgeMode(ORMPurger::PURGE_MODE_TRUNCATE);
        $purger->purge();

        $connection->executeQuery('SET FOREIGN_KEY_CHECKS=1');
    }

    protected function getUserClass()
    {
        return 'App\Entity\User';
    }
    
    protected function getUserIdentifierField()
    {
        return 'email';
    }
}

features/password-request-reset.feature中创建一个测试重置密码的功能文件

使用email作为userIdentifier的示例

Feature:
    In order to manage private access to site
    As a user
    I want to be able to reset password

    Background:
        Given There is a user "test@example.com" with password "change-me" and "ROLE_USER" roles

    Scenario: Change password should be protected
        When I go to "/password/change"
        Then the response status code should be 200
        And I should not see a "[data-test='change-password-form']" element

    Scenario: Change password
        When I am authenticated as "test@example.com" with password "change-me"
        And I go to "/password/change"
        Then I should see a "[data-test='change-password-form']" element
        When I fill in "change_password_form_newPassword_first" with "myNewPassword"
        And I fill in "change_password_form_newPassword_second" with "myNewPassword"
        And I press "change-password-submit"
        Then I should see a ".alert.alert-success.change_password" element
        When I go to "/logout"
        And I am authenticated as "test@example.com" with password "myNewPassword"
        Then I should not see "Credenziali non valide."

    Scenario: Request password should not be protected
        When I go to "/password/request"
        Then the response status code should be 200
        And I should see a "[data-test='request-password-form']" element

    Scenario: Login page has the forgot password link
        When I go to "/login"
        Then the response status code should be 200
        And I should see a "a[href='/password/request']" element

    Scenario: Request password
      # try a wrog login
        When I go to "/login"
        And I fill in "email" with "test@example.com"
        And I fill in "password" with "mySecretPassword"
        And I press "login-submit"
        Then I should see "Credenziali non valide."
      # request a new password
        When I go to "/password/request"
        Then I should see a "[data-test='request-password-form']" element
        When I fill in "request_password_form_userIdentifier" with "test@example.com"
        And I press "request-password-submit"
        Then I should see an ".alert.alert-success.request_password" element
      # check that email was sent
        And the reset password mail was sent to "test@example.com"
      # reset password
        When I follow the password reset link for user "test@example.com"
        Then I should see a "[data-test='change-password-form']" element
        When I fill in "change_password_form_newPassword_first" with "mySecretPassword"
        And I fill in "change_password_form_newPassword_second" with "mySecretPassword"
        And I press "reset-password-submit"
        Then I should see an ".alert.alert-success.reset_password" element
      # try the login
        When I go to "/login"
        And I fill in "email" with "test@example.com"
        And I fill in "password" with "mySecretPassword"
        And I press "login-submit"
        Then I should not see "Credenziali non valide."
    
    Scenario: Disabled users can't login
      # try login (should work)  
        When I am authenticated as "test@example.com" with password "change-me"
        And user "test@example.com" is disabled
        Then I go to "/logout"
      # try login again (should not work)
        When I go to "/login"
        And I fill in "email" with "test@example.com"
        And I fill in "password" with "change-me"
        And I press "login-submit"
        Then I should see "Credenziali non valide."

使用username作为userIdentifier的示例

Feature:
    In order to manage private access to site
    As a user
    I want to be able to reset password

    Background:
        Given There is a user "testUser" with email "test@example.com" and password "change-me" and "ROLE_USER" roles

    Scenario: Change password should be protected
        When I go to "/password/change"
        Then the response status code should be 200
        And I should not see a "[data-test='change-password-form']" element

    Scenario: Change password
      # auth with old password
        When I am authenticated as "testUser" with password "change-me"
      # change password
        And I go to "/password/change"
        Then I should see a "[data-test='change-password-form']" element
        When I fill in "change_password_form_newPassword_first" with "myNewPassword"
        And I fill in "change_password_form_newPassword_second" with "myNewPassword"
        And I press "change-password-submit"
        Then I should see a ".alert.alert-success.change_password" element
      # logout
        When I go to "/logout"
      # re-auth with new password
        And I am authenticated as "testUser" with password "myNewPassword"
        Then I should not see "Credenziali non valide."

    Scenario: Request password should not be protected
        When I go to "/password/request"
        Then the response status code should be 200
        And I should see a "[data-test='request-password-form']" element

    Scenario: Login page has the forgot password link
        When I go to "/login"
        Then the response status code should be 200
        And I should see a "a[href='/password/request']" element

    Scenario: Request password
      # try a wrog login
        When I go to "/login"
        And I fill in "username" with "testUser"
        And I fill in "password" with "mySecretPassword"
        And I press "login-submit"
        Then I should see "Credenziali non valide."
      # request a new password
        When I go to "/password/request"
        Then I should see a "[data-test='request-password-form']" element
        When I fill in "request_password_form_userIdentifier" with "testUser"
        And I press "request-password-submit"
        Then I should see an ".alert.alert-success.request_password" element
      # check that email was sent
        And the reset password mail was sent to "test@example.com"
      # reset password
        When I follow the password reset link for user "testUser"
        Then I should see a "[data-test='change-password-form']" element
        When I fill in "change_password_form_newPassword_first" with "mySecretPassword"
        And I fill in "change_password_form_newPassword_second" with "mySecretPassword"
        And I press "reset-password-submit"
        Then I should see an ".alert.alert-success.reset_password" element
      # try the login
        When I go to "/login"
        And I fill in "username" with "testUser"
        And I fill in "password" with "mySecretPassword"
        And I press "login-submit"
        Then I should not see "Credenziali non valide."
    
    Scenario: Disabled users can't login
      # try login (should work)  
        When I am authenticated as "testUser" with password "change-me"
        And user "testUser" is disabled
        Then I go to "/logout"
      # try login again (should not work)
        When I go to "/login"
        And I fill in "username" with "test@example.com"
        And I fill in "password" with "change-me"
        And I press "login-submit"
        Then I should see "Credenziali non valide."