[API] reseting password with validation#12391
Merged
Merged
Conversation
Contributor
arti0090
commented
Mar 1, 2021
| Q | A |
|---|---|
| Branch? | master |
| Bug fix? | no |
| New feature? | yes |
| BC breaks? | no |
| Deprecations? | no |
| License | MIT |
Contributor
Author
|
I have intentionally left comments with some changes (that tested on apiplatform v2.6) that will work when endpoint will be PATCH /request-reset-password/{token} At the moment it does not work. We first need support for that version. There should be also no issue with removing these comments as my last commit is pushed 2149e87 |
5 tasks
AdamKasp
reviewed
Mar 3, 2021
AdamKasp
reviewed
Mar 3, 2021
lchrusciel
reviewed
Mar 3, 2021
bb0a61d to
50384fb
Compare
50384fb to
c0a15e0
Compare
lchrusciel
reviewed
Mar 3, 2021
AdamKasp
approved these changes
Mar 4, 2021
Co-authored-by: Adam Kasperczak <[email protected]>
lchrusciel
approved these changes
Mar 4, 2021
| use Webmozart\Assert\Assert; | ||
|
|
||
| /** @experimental */ | ||
| final class ConfirmResetPasswordValidator extends ConstraintValidator |
Contributor
There was a problem hiding this comment.
Missing spec for this class
| $userRepository->findOneBy(['passwordResetToken' => 'TOKEN'])->willReturn($shopUser); | ||
| $metadata->getParameter('resetting')->willReturn(['token' => ['ttl' => 'P5D']]); | ||
|
|
||
| $shopUser->isPasswordRequestNonExpired(Argument::that(function(\DateInterval $dateInterval ) { |
Contributor
There was a problem hiding this comment.
Suggested change
| $shopUser->isPasswordRequestNonExpired(Argument::that(function(\DateInterval $dateInterval ) { | |
| $shopUser->isPasswordRequestNonExpired(Argument::that(function(\DateInterval $dateInterval) { |
Same below
GSadee
approved these changes
Mar 4, 2021
| /** | ||
| * @When /^I follow link on (my) email to reset my password$/ | ||
| */ | ||
| public function iFollowLinkOnMyEmailToResetPassword(UserInterface $user): void |
Member
There was a problem hiding this comment.
Suggested change
| public function iFollowLinkOnMyEmailToResetPassword(UserInterface $user): void | |
| public function iFollowLinkOnMyEmailToResetPassword(ShopUserInterface $user): void |
?
Comment on lines
+33
to
+41
| public function getResetPasswordToken(): string | ||
| { | ||
| return $this->resetPasswordToken; | ||
| } | ||
|
|
||
| public function setResetPasswordToken(string $token): void | ||
| { | ||
| $this->resetPasswordToken = $token; | ||
| } |
Member
There was a problem hiding this comment.
Are these methods needed as $resetPasswordToken has public access?
| } | ||
|
|
||
| if ($command->getResetPasswordToken() !== $user->getPasswordResetToken()) { | ||
| throw new \InvalidArgumentException('Password reset token do not match.'); |
Member
There was a problem hiding this comment.
Suggested change
| throw new \InvalidArgumentException('Password reset token do not match.'); | |
| throw new \InvalidArgumentException('Password reset token does not match.'); |
| throw new \InvalidArgumentException('Password reset token do not match.'); | ||
| } | ||
|
|
||
| $user->setPlainPassword($command->newPassword); |
Member
There was a problem hiding this comment.
Do you check somewhere the new password with the password confirmation?
| <attribute name="messenger">input</attribute> | ||
|
|
||
| <collectionOperations> | ||
| <collectionOperation name="shop_password_reset_request"> |
Member
There was a problem hiding this comment.
Suggested change
| <collectionOperation name="shop_password_reset_request"> | |
| <collectionOperation name="shop_request_reset_password"> |
| </collectionOperations> | ||
|
|
||
| <itemOperations> | ||
| <itemOperation name="shop_password_reset"> |
Member
There was a problem hiding this comment.
Suggested change
| <itemOperation name="shop_password_reset"> | |
| <itemOperation name="shop_reset_password"> |
| <attribute name="groups">shop:reset_password:update</attribute> | ||
| </attribute> | ||
| <attribute name="openapi_context"> | ||
| <attribute name="summary">Password reset</attribute> |
Member
There was a problem hiding this comment.
Suggested change
| <attribute name="summary">Password reset</attribute> | |
| <attribute name="summary">Resets password</attribute> |
to be consistent with other endpoints
| <attribute name="groups">shop:reset_password:create</attribute> | ||
| </attribute> | ||
| <attribute name="openapi_context"> | ||
| <attribute name="summary">Request password reset</attribute> |
Member
There was a problem hiding this comment.
Suggested change
| <attribute name="summary">Request password reset</attribute> | |
| <attribute name="summary">Requests password reset</attribute> |
Member
|
Thank you, @arti0090! 🎉 |
GSadee
added a commit
that referenced
this pull request
Mar 4, 2021
…ord PR (arti0090) This PR was merged into the 1.10-dev branch. Discussion ---------- | Q | A | --------------- | ----- | Branch? | master | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | License | MIT Continuation of #12391 Commits ------- 08adcf3 add missing specs and make fixes to reset password PR
GSadee
added a commit
that referenced
this pull request
Mar 5, 2021
This PR was merged into the 1.10-dev branch. Discussion ---------- | Q | A | --------------- | ----- | Branch? | master | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Related tickets | | License | MIT Continuation of #12391 <!-- - Bug fixes must be submitted against the 1.7 or 1.8 branch (the lowest possible) - Features and deprecations must be submitted against the master branch - Make sure that the correct base branch is set To be sure you are not breaking any Backward Compatibilities, check the documentation: https://docs.sylius.com/en/latest/book/organization/backward-compatibility-promise.html --> Commits ------- 2fdd995 [API] Adjust reset password requests
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.