Verify user process

.gitattributes

@@ -3,12 +3,12 @@
 /_iam/tests export-ignore
 /tools export-ignore
 
-.gitattributes
-.gitignore
-.env.test
-deploy.php
-ecs.php
-phpunit.xml.dist
-psalm.xml
-psalm-baseline.xml
-rector.php
+.gitattributes export-ignore
+.gitignore export-ignore
+.env.test export-ignore
+deploy.php export-ignore
+ecs.php export-ignore
+phpunit.xml.dist export-ignore
+psalm.xml.dist export-ignore
+psalm-baseline.xml export-ignore
+rector.php export-ignore

.gitignore

@@ -7,6 +7,7 @@ Dockerfile
 docker-compose.yml
 docker-compose.override.yml
 /docker
+psalm.xml
 
 ###> symfony/framework-bundle ###
 /.env.local

composer.json

@@ -38,6 +38,7 @@
         "symfony/uid": "6.3.*",
         "symfony/validator": "6.3.*",
         "symfony/yaml": "6.3.*",
+        "symfonycasts/verify-email-bundle": "^1.14",
         "twig/cssinliner-extra": "^3.7",
         "twig/extra-bundle": "^2.12 || ^3.0",
         "twig/inky-extra": "^3.7",

config/bundles.php

@@ -15,4 +15,5 @@
     Sentry\SentryBundle\SentryBundle::class => ['prod' => true],
     Symfony\Bundle\MonologBundle\MonologBundle::class => ['all' => true],
     League\Bundle\OAuth2ServerBundle\LeagueOAuth2ServerBundle::class => ['all' => true],
+    SymfonyCasts\Bundle\VerifyEmail\SymfonyCastsVerifyEmailBundle::class => ['all' => true],
 ];

config/packages/security.yaml

@@ -60,6 +60,7 @@ security:
         - { path: ^/token, role: PUBLIC_ACCESS }
         - { path: ^/.well-known, roles: PUBLIC_ACCESS }
         - { path: ^/register, roles: PUBLIC_ACCESS }
+        - { path: ^/verify, roles: PUBLIC_ACCESS }
         - { path: ^/api, role: ROLE_OAUTH2_EMAIL }
         - { path: ^/, role: ROLE_USER }
 

migrations/Version20231110152632.php

@@ -0,0 +1,31 @@
+<?php
+
+declare(strict_types=1);
+
+namespace DoctrineMigrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Doctrine\Migrations\AbstractMigration;
+
+/**
+ * Auto-generated Migration: Please modify to your needs!
+ */
+final class Version20231110152632 extends AbstractMigration
+{
+    public function getDescription(): string
+    {
+        return 'User: isVerified property.';
+    }
+
+    public function up(Schema $schema): void
+    {
+        // this up() migration is auto-generated, please modify it to your needs
+        $this->addSql('ALTER TABLE users ADD is_verified TINYINT(1) NOT NULL');
+    }
+
+    public function down(Schema $schema): void
+    {
+        // this down() migration is auto-generated, please modify it to your needs
+        $this->addSql('ALTER TABLE users DROP is_verified');
+    }
+}

psalm-baseline.xml

@@ -4,9 +4,6 @@
     <UndefinedInterfaceMethod>
       <code>searchModule</code>
     </UndefinedInterfaceMethod>
-    <UnusedClass>
-      <code>SearchModuleController</code>
-    </UnusedClass>
   </file>
   <file src="src/Adapter/PackagistModuleFinder/PackagistModuleFinder.php">
     <MixedArgument>
@@ -19,26 +16,11 @@
       <code>$decodedResponse</code>
       <code>$itemsFromResponse</code>
     </MixedAssignment>
-    <UnusedClass>
-      <code>PackagistModuleFinder</code>
-    </UnusedClass>
-  </file>
-  <file src="src/Application/PackagistItem.php">
-    <PossiblyUnusedMethod>
-      <code>getDescription</code>
-      <code>getDownloads</code>
-      <code>getName</code>
-      <code>getRepository</code>
-      <code>getUrl</code>
-    </PossiblyUnusedMethod>
   </file>
   <file src="src/Application/PackagistItemCollection.php">
     <InvalidArgument>
       <code><![CDATA[$this->items]]></code>
     </InvalidArgument>
-    <PossiblyUnusedMethod>
-      <code>count</code>
-    </PossiblyUnusedMethod>
   </file>
   <file src="src/Command/OauthGenerateKeyCommand.php">
     <MixedArgument>
@@ -53,6 +35,13 @@
       <code><![CDATA[$adminUser->getEmail()]]></code>
     </PossiblyNullOperand>
   </file>
+  <file src="src/Controller/RegistrationController.php">
+    <PossiblyNullArgument>
+      <code><![CDATA[$user->getEmail()]]></code>
+      <code><![CDATA[$user->getEmail()]]></code>
+      <code><![CDATA[$user->getEmail()]]></code>
+    </PossiblyNullArgument>
+  </file>
   <file src="src/Controller/Security/LogoutController.php">
     <MissingReturnType>
       <code>logout</code>
@@ -94,26 +83,10 @@
       <code><![CDATA[$this->getIdentifier()]]></code>
     </MixedArgument>
   </file>
-  <file src="src/Entity/OAuth2ClientProfile.php">
-    <PossiblyUnusedMethod>
-      <code>getClient</code>
-      <code>getDescription</code>
-      <code>getId</code>
-      <code>setClient</code>
-      <code>setDescription</code>
-      <code>setName</code>
-    </PossiblyUnusedMethod>
-  </file>
   <file src="src/Entity/OAuth2UserConsent.php">
     <PossiblyNullPropertyAssignmentValue>
       <code>$scopes</code>
     </PossiblyNullPropertyAssignmentValue>
-    <PossiblyUnusedMethod>
-      <code>getCreated</code>
-      <code>getExpires</code>
-      <code>getId</code>
-      <code>getIpAddress</code>
-    </PossiblyUnusedMethod>
   </file>
   <file src="src/Entity/User.php">
     <InvalidNullableReturnType>
@@ -134,12 +107,6 @@
     <PossiblyNullReference>
       <code>toRfc4122</code>
     </PossiblyNullReference>
-    <PossiblyUnusedMethod>
-      <code>getId</code>
-      <code>getSalt</code>
-      <code>getUuid</code>
-      <code>removeOAuth2UserConsent</code>
-    </PossiblyUnusedMethod>
     <RedundantConditionGivenDocblockType>
       <code><![CDATA[! $this->oAuth2UserConsents->contains($oAuth2UserConsent)]]></code>
     </RedundantConditionGivenDocblockType>
@@ -157,9 +124,6 @@
     <UndefinedInterfaceMethod>
       <code>getFirewallConfig</code>
     </UndefinedInterfaceMethod>
-    <UnusedClass>
-      <code>AuthorizationCodeSubscriber</code>
-    </UnusedClass>
   </file>
   <file src="src/Form/RegistrationFormType.php">
     <MissingTemplateParam>

psalm.xml → psalm.xml.dist

@@ -6,7 +6,7 @@
     xmlns="https://getpsalm.org/schema/config"
     xsi:schemaLocation="https://getpsalm.org/schema/config vendor/vimeo/psalm/config.xsd"
     findUnusedBaselineEntry="true"
-    findUnusedCode="true"
+    findUnusedCode="false"
     errorBaseline="psalm-baseline.xml"
 >
     <projectFiles>

src/Controller/RegistrationController.php

@@ -17,18 +17,23 @@
 
 use App\Entity\User;
 use App\Form\RegistrationFormType;
+use App\Repository\UserRepository;
 use Doctrine\ORM\EntityManagerInterface;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Mailer\MailerInterface;
+use Symfony\Component\Mime\Email;
 use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
 use Symfony\Component\Routing\Annotation\Route;
 use Symfony\Component\Uid\UuidV4;
+use SymfonyCasts\Bundle\VerifyEmail\Exception\VerifyEmailExceptionInterface;
+use SymfonyCasts\Bundle\VerifyEmail\VerifyEmailHelperInterface;
 
 class RegistrationController extends AbstractController
 {
     #[Route('/register', name: 'app_register')]
-    public function register(Request $request, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager): Response
+    public function register(Request $request, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager, VerifyEmailHelperInterface $verifyEmailHelper, MailerInterface $mailer): Response
     {
         $user = new User();
         $form = $this->createForm(RegistrationFormType::class, $user);
@@ -47,14 +52,74 @@ public function register(Request $request, UserPasswordHasherInterface $userPass
 
             $entityManager->persist($user);
             $entityManager->flush();
-            // do anything else you need here, like send an email
-            //TODO SEND VERIFY MAIL
 
-            return $this->redirectToRoute('app_index');
+            $signatureComponent = $verifyEmailHelper->generateSignature(
+                'app_verify_email',
+                (string) $user->getId(),
+                $user->getEmail(),
+                [
+                    'id' => (string) $user->getId(),
+                ]
+            );
+
+            $this->sendConfirmationEmail($mailer, $signatureComponent->getSignedUrl(), $user->getEmail());
+            $this->addFlash('info', 'Please check your mail and confirm your email address!');
+
+            return $this->redirectToRoute('app_login');
         }
 
         return $this->render('registration/register.html.twig', [
             'registrationForm' => $form->createView(),
         ]);
     }
+
+    #[Route('/verify', name: 'app_verify_email')]
+    public function verifyUserEmail(Request $request, VerifyEmailHelperInterface $verifyEmailHelper, UserRepository $userRepository, EntityManagerInterface $entityManager): Response
+    {
+        $user = $userRepository->find($request->query->get('id'));
+
+        if (! $user) {
+            throw $this->createNotFoundException();
+        }
+
+        try {
+            $verifyEmailHelper->validateEmailConfirmation(
+                $request->getUri(),
+                (string) $user->getId(),
+                $user->getEmail()
+            );
+        } catch (VerifyEmailExceptionInterface $e) {
+            $this->addFlash('error', $e->getReason());
+
+            return $this->redirectToRoute('app_register');
+        }
+
+        $user->setIsVerified(true);
+
+        $entityManager->flush();
+
+        $this->addFlash('success', 'Account verified! You can now login.');
+
+        return $this->redirectToRoute('app_login');
+    }
+
+    #[Route('/verify/resend', name: 'app_verify_resend_email')]
+    public function resendVerifyEmail(Request $request): Response
+    {
+        //TODO: add form with email field
+        return $this->render('registration/resend_verify_email.html.twig');
+    }
+
+    private function sendConfirmationEmail(MailerInterface $mailer, string $signedUrl, string $userEmail): void
+    {
+        $email = (new Email())
+            ->from('[email protected]')
+            ->to($userEmail)
+            ->priority(Email::PRIORITY_HIGH)
+            ->subject('Auth oe-modules.com: please confirm your registration')
+            ->text('Confirm your email at: ' . $signedUrl)
+            ->html('<p> Confirm your email at: ' . $signedUrl . '</p>');
+
+        $mailer->send($email);
+    }
 }

src/Entity/User.php

@@ -52,6 +52,9 @@ class User implements UserInterface, PasswordAuthenticatedUserInterface
     #[ORM\OneToMany(mappedBy: 'user', targetEntity: OAuth2UserConsent::class, orphanRemoval: true)]
     private Collection $oAuth2UserConsents;
 
+    #[ORM\Column]
+    private bool $isVerified = false;
+
     public function __construct()
     {
         $this->oAuth2UserConsents = new ArrayCollection();
@@ -173,4 +176,16 @@ public function removeOAuth2UserConsent(OAuth2UserConsent $oAuth2UserConsent): s
 
         return $this;
     }
+
+    public function isVerified(): bool
+    {
+        return $this->isVerified;
+    }
+
+    public function setIsVerified(bool $isVerified): static
+    {
+        $this->isVerified = $isVerified;
+
+        return $this;
+    }
 }