-
Notifications
You must be signed in to change notification settings - Fork 25
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: introduce TokenGenerator (#140)
- Loading branch information
1 parent
802f703
commit cb2a4e5
Showing
10 changed files
with
113 additions
and
19 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
# Use custom token generator | ||
|
||
By default, this bundle works uses [`bin2hex`](https://www.php.net/bin2hex) combined with | ||
[`random_bytes`](https://www.php.net/random_bytes) to generate the token, but you're free to create your own | ||
TokenGenerator to create your token. | ||
|
||
## Create your custom token generator | ||
|
||
Supposing you want to generate your own token, you'll have to create a service that will implement | ||
`CoopTilleuls\ForgotPasswordBundle\TokenGenerator\TokenGeneratorInterface`: | ||
|
||
```php | ||
// src/TokenGenerator/FooTokenGenerator.php | ||
namespace App\TokenGenerator; | ||
|
||
use CoopTilleuls\ForgotPasswordBundle\TokenGenerator\TokenGeneratorInterface; | ||
|
||
final class FooTokenGenerator implements TokenGeneratorInterface | ||
{ | ||
public function generate(): string | ||
{ | ||
// generate your own token and return it as string | ||
} | ||
} | ||
``` | ||
|
||
## Update configuration | ||
|
||
Update your configuration to set your service as default one to use by this bundle: | ||
|
||
```yaml | ||
# config/packages/coop_tilleuls_forgot_password.yaml | ||
coop_tilleuls_forgot_password: | ||
# ... | ||
token_generator: 'App\TokenGenerator\FooTokenGenerator' | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -17,15 +17,14 @@ | |
use CoopTilleuls\ForgotPasswordBundle\Provider\Provider; | ||
use CoopTilleuls\ForgotPasswordBundle\Provider\ProviderChainInterface; | ||
use CoopTilleuls\ForgotPasswordBundle\Provider\ProviderInterface; | ||
use RandomLib\Factory; | ||
use SecurityLib\Strength; | ||
use CoopTilleuls\ForgotPasswordBundle\TokenGenerator\TokenGeneratorInterface; | ||
|
||
/** | ||
* @author Vincent CHALAMON <[email protected]> | ||
*/ | ||
class PasswordTokenManager | ||
{ | ||
public function __construct(private readonly ProviderChainInterface $providerChain) | ||
public function __construct(private readonly ProviderChainInterface $providerChain, private readonly TokenGeneratorInterface $tokenGenerator) | ||
{ | ||
} | ||
|
||
|
@@ -49,18 +48,7 @@ public function createPasswordToken($user, ?\DateTime $expiresAt = null, ?Provid | |
|
||
/** @var AbstractPasswordToken $passwordToken */ | ||
$passwordToken = new $tokenClass(); | ||
|
||
if (version_compare(\PHP_VERSION, '7.0', '>')) { | ||
$passwordToken->setToken(bin2hex(random_bytes(25))); | ||
} else { | ||
$factory = new Factory(); | ||
$generator = $factory->getGenerator(new Strength(Strength::MEDIUM)); | ||
|
||
$passwordToken->setToken( | ||
$generator->generateString(50, '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') | ||
); | ||
} | ||
|
||
$passwordToken->setToken($this->tokenGenerator->generate()); | ||
$passwordToken->setUser($user); | ||
$passwordToken->setExpiresAt($expiresAt); | ||
$provider->getManager()->persist($passwordToken); | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
<?php | ||
|
||
/* | ||
* This file is part of the CoopTilleulsForgotPasswordBundle package. | ||
* | ||
* (c) Vincent CHALAMON <[email protected]> | ||
* | ||
* For the full copyright and license information, please view the LICENSE | ||
* file that was distributed with this source code. | ||
*/ | ||
|
||
declare(strict_types=1); | ||
|
||
namespace CoopTilleuls\ForgotPasswordBundle\TokenGenerator\Bridge; | ||
|
||
use CoopTilleuls\ForgotPasswordBundle\TokenGenerator\TokenGeneratorInterface; | ||
|
||
final class Bin2HexTokenGenerator implements TokenGeneratorInterface | ||
{ | ||
public function generate(): string | ||
{ | ||
return bin2hex(random_bytes(25)); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
<?php | ||
|
||
/* | ||
* This file is part of the CoopTilleulsForgotPasswordBundle package. | ||
* | ||
* (c) Vincent CHALAMON <[email protected]> | ||
* | ||
* For the full copyright and license information, please view the LICENSE | ||
* file that was distributed with this source code. | ||
*/ | ||
|
||
declare(strict_types=1); | ||
|
||
namespace CoopTilleuls\ForgotPasswordBundle\TokenGenerator; | ||
|
||
/** | ||
* @author Vincent CHALAMON <[email protected]> | ||
*/ | ||
interface TokenGeneratorInterface | ||
{ | ||
public function generate(): string; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters