Merge pull request #587 from systemli/feat/locale_listener

feat(l10n): Remove URL-based localized routes, store locale in session

config/packages/security.yaml

@@ -133,17 +133,14 @@ security:
     # Note: Only the *first* access control that matches will be used
     access_control:
       - { path: "^/$", roles: PUBLIC_ACCESS }
+      - { path: "^/init", roles: PUBLIC_ACCESS }
       - { path: "^/login", roles: PUBLIC_ACCESS }
+      - { path: "^/recovery", roles: PUBLIC_ACCESS }
+      - { path: "^/register", roles: PUBLIC_ACCESS }
       - { path: "^/logout", roles: PUBLIC_ACCESS }
       - { path: "^/2fa", roles: IS_AUTHENTICATED_2FA_IN_PROGRESS }
-      - { path: "^/[a-z]{2,3}/init", roles: PUBLIC_ACCESS }
-      - { path: "^/[a-z]{2,3}/login", roles: PUBLIC_ACCESS }
-      - { path: "^/[a-z]{2,3}/recovery", roles: PUBLIC_ACCESS }
-      - { path: "^/[a-z]{2,3}/register", roles: PUBLIC_ACCESS }
-      - { path: "^/[a-z]{2,3}/$", roles: PUBLIC_ACCESS }
-      - { path: "^/[a-z]{2,3}/2fa", roles: IS_AUTHENTICATED_2FA_IN_PROGRESS }
-      - { path: "^/[a-z]{2,3}/start", roles: ROLE_USER }
-      - { path: "^/[a-z]{2,3}/voucher", roles: ROLE_USER, allow_if: "!is_granted('ROLE_SUSPICIOUS')"}
-      - { path: "^/[a-z]{2,3}/alias", roles: ROLE_USER, allow_if: "!is_granted('ROLE_SPAM')"}
-      - { path: "^/[a-z]{2,3}/account", roles: ROLE_USER, allow_if: "!is_granted('ROLE_SPAM')"}
+      - { path: "^/start", roles: ROLE_USER }
+      - { path: "^/voucher", roles: ROLE_USER, allow_if: "!is_granted('ROLE_SUSPICIOUS')"}
+      - { path: "^/alias", roles: ROLE_USER, allow_if: "!is_granted('ROLE_SPAM')"}
+      - { path: "^/account", roles: ROLE_USER, allow_if: "!is_granted('ROLE_SPAM')"}
       - { path: "^/admin", roles: ROLE_DOMAIN_ADMIN }

config/routes/scheb_2fa.yaml

@@ -1,19 +1,7 @@
 2fa_login:
-    path: /{_locale}/2fa
-    defaults:
-        _controller: "scheb_two_factor.form_controller::form"
-    requirements:
-        _locale: '%locales%'
-
-2fa_login_check:
-    path: /{_locale}/2fa_check
-    requirements:
-        _locale: '%locales%'
-
-2fa_login_fallback:
     path: /2fa
     defaults:
         _controller: "scheb_two_factor.form_controller::form"
 
-2fa_login_check_fallback:
+2fa_login_check:
     path: /2fa_check

config/services.yaml

@@ -63,6 +63,10 @@ services:
         arguments:
             $mailCrypt: "%env(MAIL_CRYPT)%"
 
+    App\Command\UsersRegistrationMailCommand:
+        arguments:
+            $defaultLocale: "%kernel.default_locale%"
+
     App\Command\UsersRemoveCommand:
         arguments:
             $mailLocation: "%env(DOVECOT_MAIL_LOCATION)%"
@@ -80,6 +84,11 @@ services:
         tags:
             - { name: kernel.event_subscriber }
 
+    App\EventListener\LocaleListener:
+        arguments:
+            $defaultLocale: "%locale%"
+            $supportedLocales: "%supported_locales%"
+
     App\Handler\:
         resource: '../src/Handler/*'
         public: true
@@ -133,15 +142,18 @@ services:
 
     App\EventListener\AliasCreationListener:
         arguments:
-            $sendMail:     "%env(SEND_MAIL)%"
+            $sendMail: "%env(SEND_MAIL)%"
+            $defaultLocale: "%kernel.default_locale%"
 
     App\EventListener\RecoveryProcessListener:
         arguments:
-            $sendMail:     "%env(SEND_MAIL)%"
+            $sendMail: "%env(SEND_MAIL)%"
+            $defaultLocale: "%kernel.default_locale%"
 
     App\EventListener\RegistrationListener:
         arguments:
-            $sendMail:     "%env(SEND_MAIL)%"
+            $sendMail: "%env(SEND_MAIL)%"
+            $defaultLocale: "%kernel.default_locale%"
 
     App\Builder\MenuBuilder:
         arguments:

features/admin.feature

@@ -25,7 +25,7 @@ Feature: Admin
   @admin
   Scenario: Access to Admin Interface as Admin
     When I am on "/admin/dashboard"
-    Then I should be on "/en/login"
+    Then I should be on "/login"
     And the response status code should be 200
 
     When I am authenticated as "[email protected]"
@@ -218,4 +218,4 @@ Feature: Admin
     And I press "OK"
     Then I should be on "/admin/user/batch"
     And I press "Yes, execute"
-    Then I should be on "/en/login"
+    Then I should be on "/login"

features/init.feature

@@ -7,20 +7,20 @@ Feature: Initialization
   Scenario: Redirect to init site
     When I am on homepage
 
-    Then I should be on "/en/init"
+    Then I should be on "/init"
 
   @init
   Scenario: Input admin password
     When the following Domain exists:
       | name        |
       | example.org |
-    And I am on "/en/init/user"
+    And I am on "/init/user"
     And I fill in the following:
       | plain_password[plainPassword][first]  | P4ssW0rt!!!1 |
       | plain_password[plainPassword][second] | P4ssW0rt!!!1 |
     And I press "Submit"
 
-    Then I should be on "/en/"
+    Then I should be on "/"
 
     @init
     Scenario: No more redirect to init site
@@ -32,4 +32,4 @@ Feature: Initialization
         | postmaster@example.org | P4ssW0rt |
       And I am on homepage
 
-      Then I should be on "/en/"
+      Then I should be on "/"

features/language.feature

@@ -10,21 +10,29 @@ Feature: Language detection
       | postmaster@example.org | asdasd   | ROLE_ADMIN   |
 
   @language
-  Scenario: Language detection
-    And I am on "/"
-
+  Scenario: Default language
+    When I am on "/"
     Then I should see text matching "Welcome"
+    Then I am on "/?_locale=de"
+    Then I should see text matching "Willkommen"
+    Then I am on "/"
+    Then I should see text matching "Willkommen"
 
   @language
-  Scenario: Language detection
-    Given set the HTTP-Header "Accept-Language" to "de"
+  Scenario: Session language
+    When I am on "/?_locale=de"
+    Then I should see text matching "Willkommen"
     And I am on "/"
+    And I should see text matching "Willkommen"
 
+  @language
+  Scenario: Browser language detection
+    Given set the HTTP-Header "Accept-Language" to "de"
+    When I am on "/"
     Then I should see text matching "Willkommen"
 
   @language
-  Scenario: Missing language fallback
+  Scenario: Browser language fallback
     Given set the HTTP-Header "Accept-Language" to "afa"
-    And I am on "/"
-
+    When I am on "/"
     Then I should see text matching "Welcome"

features/login.feature

@@ -14,13 +14,13 @@ Feature: Login
 
   @login
   Scenario: Login as User
-    When I am on "/en/login"
+    When I am on "/login"
     And I fill in the following:
       | username | louis@example.org |
       | password | asdasd            |
     And I press "Sign in"
 
-    Then I should be on "/en/start"
+    Then I should be on "/start"
     And I should see text matching "Log out"
     And the response status code should not be 403
 
@@ -32,13 +32,13 @@ Feature: Login
       | password | asdasd            |
     And I press "Sign in"
 
-    Then I should be on "/en/start"
+    Then I should be on "/start"
     And I should see text matching "Log out"
     And the response status code should not be 403
 
   @login
   Scenario: Login failures
-    When I am on "/en/login"
+    When I am on "/login"
     And I fill in the following:
       | username | louis@example.org |
       | password | test123           |
@@ -48,49 +48,49 @@ Feature: Login
 
   @login
   Scenario: Login as Admin
-    When I am on "/en/login"
+    When I am on "/login"
     And I fill in the following:
       | username | user@example.org |
       | password | asdasd           |
     And I press "Sign in"
 
-    Then I should be on "/en/start"
+    Then I should be on "/start"
     And the response status code should not be 403
 
   @login
   Scenario: Login as Support
-    When I am on "/en/login"
+    When I am on "/login"
     And I fill in the following:
       | username | support@example.org |
       | password | asdasd              |
     And I press "Sign in"
 
-    Then I should be on "/en/start"
+    Then I should be on "/start"
     And the response status code should not be 403
 
   @login
   Scenario: Login without domain
-    When I am on "/en/login"
+    When I am on "/login"
     And I fill in the following:
       | username | user   |
       | password | asdasd |
     And I press "Sign in"
 
-    Then I should be on "/en/start"
+    Then I should be on "/start"
     And the response status code should not be 403
 
   @login
   Scenario: Login with special characters in password
     When the following User exists:
       | email               | password | roles     |
       | special@example.org | paßwort  | ROLE_USER |
-    And I am on "/en/login"
+    And I am on "/login"
     And I fill in the following:
       | username | special@example.org |
       | password | paßwort             |
     And I press "Sign in"
 
-    Then I should be on "/en/start"
+    Then I should be on "/start"
     And the response status code should not be 403
 
   @logout
@@ -99,7 +99,7 @@ Feature: Login
     And I am on "/logout"
 
     When I am on "/admin/dashboard"
-    Then I should be on "/en/login"
+    Then I should be on "/login"
 
   @logout
   Scenario: Logout
@@ -110,13 +110,13 @@ Feature: Login
 
   @login
   Scenario: Login as Spam
-    When I am on "/en/login"
+    When I am on "/login"
     And I fill in the following:
       | username | spam@example.org |
       | password | asdasd              |
     And I press "Sign in"
 
-    Then I should be on "/en/start"
+    Then I should be on "/start"
     And the response status code should be 200
     And I should see text matching "E-mail access has been turned off"
 
@@ -125,41 +125,41 @@ Feature: Login
     When the following User exists:
       | email                 | password | roles     | totpConfirmed | totpSecret |
       | twofactor@example.org | asdasd   | ROLE_USER | 1             | secret     |
-    And I am on "/en/login"
+    And I am on "/login"
     And I fill in the following:
       | username | twofactor@example.org |
       | password | asdasd                |
     And I press "Sign in"
 
-    Then I should be on "/en/2fa"
+    Then I should be on "/2fa"
     And I should see text matching "Authentication code"
 
     And I fill in "_auth_code" with "invalid-token"
     And I press "Verify"
 
-    Then I should be on "/en/2fa"
+    Then I should be on "/2fa"
     And I should see text matching "The verification code is not valid."
 
     And I follow "Cancel login"
-    Then I should be on "/en/"
+    Then I should be on "/"
     And the response status code should be 200
 
   @login-2fa
   Scenario: Login works with two-factor backup code if two-factor auth is enabled
     When the following User exists:
       | email                 | password | roles     | totpConfirmed | totpSecret | totp_backup_codes |
       | twofactor@example.org | asdasd   | ROLE_USER | 1             | secret     | true              |
-    And I am on "/en/login"
+    And I am on "/login"
     And I fill in the following:
       | username | twofactor@example.org |
       | password | asdasd                |
     And I press "Sign in"
 
-    Then I should be on "/en/2fa"
+    Then I should be on "/2fa"
     And I should see text matching "Authentication code"
 
     And I enter TOTP backup code
     And I press "Verify"
 
-    Then I should be on "/en/start"
+    Then I should be on "/start"
     And the response status code should be 200