Assassymfony
/
fukafukashita
4
0
Fork 0
Code Issues Pull Requests Packages Projects 1 Releases Wiki Activity
Labels Milestones
New Pull Request

login_check #22

Merged
aurian.jault merged 2 commits from login_check into master 10 months ago
Conversation 0 Commits 2 Files Changed 3
3 changed files with 15 additions and 26 deletions
Show Stats Download Patch File Download Diff File

30
src/Controller/ProfilController.php
Unescape View File

@ -25,11 +25,10 @@ class ProfilController extends AbstractController
$this->denyAccessUnlessGranted('IS_AUTHENTICATED'); $this->denyAccessUnlessGranted('IS_AUTHENTICATED');
return $this->redirectToRoute('profil_show', ['id' => $this->getUser()->getId()]); return $this->redirectToRoute('profil_show', ['id' => $this->getUser()->getId()]);
} }
#[Route('/profil/{id}', name: 'profil_show', requirements: ['page' => '\d+'])] #[Route('/profil/{id}', name: 'profil_show', requirements: ['id' => '\d+'])]
public function profil(int $id): Response public function profil(int $id): Response
{ {
$connected = $this->isGranted('ROLE_USER'); $connected = $this->isGranted('ROLE_USER');
// $connected = $this->isGranted('ROLE_USER') != false;
$profil = $this->mgr->find(Profil::class, $id); $profil = $this->mgr->find(Profil::class, $id);
$posts = $profil->getPosts(); $posts = $profil->getPosts();
@ -46,11 +45,7 @@ class ProfilController extends AbstractController
#[Route('/profil/post/follow', name: 'profil_post_follow')] #[Route('/profil/post/follow', name: 'profil_post_follow')]
public function postProfilfollow(): Response public function postProfilfollow(): Response
{ {
try{
$this->denyAccessUnlessGranted('IS_AUTHENTICATED'); $this->denyAccessUnlessGranted('IS_AUTHENTICATED');
}catch (\Exception $e){
return $this->redirectToRoute('app_login');
}
$profil = $this->getUser(); $profil = $this->getUser();
$posts = $this->postRepository->getPostFromFollowed($profil); $posts = $this->postRepository->getPostFromFollowed($profil);
return $this->render('post/all.html.twig', [ return $this->render('post/all.html.twig', [
@ -62,11 +57,7 @@ class ProfilController extends AbstractController
#[Route('/profil/{id}/unfollow', name: 'profil_unfollow', requirements: ['page' => '\d+'])] #[Route('/profil/{id}/unfollow', name: 'profil_unfollow', requirements: ['page' => '\d+'])]
public function unfollowProfil(int $id): Response public function unfollowProfil(int $id): Response
{ {
try{
$this->denyAccessUnlessGranted('IS_AUTHENTICATED'); $this->denyAccessUnlessGranted('IS_AUTHENTICATED');
}catch (\Exception $e){
return $this->redirectToRoute('app_login');
}
$profil = $this->mgr->find(Profil::class, $id); $profil = $this->mgr->find(Profil::class, $id);
if ($profil instanceof Profil) { if ($profil instanceof Profil) {
$profil->removeFollower($this->getUser()); $profil->removeFollower($this->getUser());
@ -127,11 +118,7 @@ class ProfilController extends AbstractController
#[Route('/profil/{id}/follow', name: 'profil_follow', requirements: ['page' => '\d+'])] #[Route('/profil/{id}/follow', name: 'profil_follow', requirements: ['page' => '\d+'])]
public function followProfil(int $id): Response public function followProfil(int $id): Response
{ {
try{
$this->denyAccessUnlessGranted('IS_AUTHENTICATED'); $this->denyAccessUnlessGranted('IS_AUTHENTICATED');
}catch (\Exception $e){
return $this->redirectToRoute('app_login');
}
$profil = $this->mgr->find(Profil::class, $id); $profil = $this->mgr->find(Profil::class, $id);
if ($profil instanceof Profil) { if ($profil instanceof Profil) {
@ -148,22 +135,25 @@ class ProfilController extends AbstractController
} }
} }
#[Route('/profil/{id}/delete', name: 'profil_delete', methods: ['POST'], requirements: ['id' => '\d+'])] #[Route('/profil/delete', name: 'profil_delete', methods: ['POST'])]
public function delete(int $id, Request $request): Response public function delete(Request $request): Response
{ {
$profil = $this->mgr->find(Profil::class, $id); $profil = $this->mgr->find(Profil::class, $this->getUser()->getId());
if (!$profil) { if (!$profil) {
throw $this->createNotFoundException('The profile does not exist'); throw $this->createNotFoundException('The profile does not exist');
} }
if ($this->isCsrfTokenValid('delete' . $profil->getId(), $request->request->get('_token'))) { if ($this->getUser()->getId() === $profil->getId())
{
$this->container->get('security.token_storage')->setToken(null);
//$this->getUser()->eraseCredentials();
$this->mgr->remove($profil); $this->mgr->remove($profil);
$this->mgr->flush(); $this->mgr->flush();
$this->addFlash('success', 'Profile deleted successfully'); return $this->redirectToRoute('app_logout');
} }
return $this->redirectToRoute('app_login'); return $this->redirectToRoute('app_logout');
} }

1
src/Form/ProfilType.php
Unescape View File

@ -16,7 +16,6 @@ class ProfilType extends AbstractType
->add('name') ->add('name')
->add('description') ->add('description')
// ->add('password') // ->add('password')
; ;
} }

4
templates/profil/edit.html.twig
Unescape View File

@ -18,8 +18,8 @@
<button type="submit" class="btn btn-primary follow-button">Save</button> <button type="submit" class="btn btn-primary follow-button">Save</button>
{{ form_end(form) }} {{ form_end(form) }}
<form method="post" action="{{ path('profil_delete', {id: profil.id}) }}" onsubmit="return confirm('Are you sure you want to delete this profile?');"> <form method="post" action="{{ path('profil_delete') }}" onsubmit="return confirm('Are you sure you want to delete this profile?');">
<input type="hidden" name="_token" value="{{ csrf_token('delete' ~ profil.id) }}"> <input type="hidden" name="_token" value="{{ csrf_token('delete') }}">
<button class="btn btn-danger delete-button">Delete Profile</button> <button class="btn btn-danger delete-button">Delete Profile</button>
</form> </form>
</div> </div>

Write Preview
Loading…
Cancel
Save