marek/haushalt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init

Browse Source
This commit is contained in:
Marek
2026-03-24 00:04:55 +01:00
commit c5229e48ed
4225 changed files with 511461 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

220
backend/vendor/symfony/doctrine-bridge/Security/RememberMe/DoctrineTokenProvider.php vendored Normal file
View File

@@ -0,0 +1,220 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Bridge\Doctrine\Security\RememberMe;
use Doctrine\DBAL\Connection;
use Doctrine\DBAL\ParameterType;
use Doctrine\DBAL\Schema\Name\Identifier;
use Doctrine\DBAL\Schema\Name\UnqualifiedName;
use Doctrine\DBAL\Schema\PrimaryKeyConstraint;
use Doctrine\DBAL\Schema\Schema;
use Doctrine\DBAL\Types\Types;
use Symfony\Component\Security\Core\Authentication\RememberMe\PersistentToken;
use Symfony\Component\Security\Core\Authentication\RememberMe\PersistentTokenInterface;
use Symfony\Component\Security\Core\Authentication\RememberMe\TokenProviderInterface;
use Symfony\Component\Security\Core\Authentication\RememberMe\TokenVerifierInterface;
use Symfony\Component\Security\Core\Exception\TokenNotFoundException;
/**
* This class provides storage for the tokens that is set in "remember-me"
* cookies. This way no password secrets will be stored in the cookies on
* the client machine, and thus the security is improved.
*
* This depends only on doctrine in order to get a database connection
* and to do the conversion of the datetime column.
*
* In order to use this class, you need the following table in your database:
*
* CREATE TABLE `rememberme_token` (
* `series` char(88) UNIQUE PRIMARY KEY NOT NULL,
* `value` char(88) NOT NULL,
* `lastUsed` datetime NOT NULL,
* `class` varchar(100) DEFAULT '' NOT NULL,
* `username` varchar(200) NOT NULL
* );
*
* (the `class` column is for BC with tables created with before Symfony 8)
*/
final class DoctrineTokenProvider implements TokenProviderInterface, TokenVerifierInterface
{
public function __construct(
private readonly Connection $conn,
) {
}
public function loadTokenBySeries(string $series): PersistentTokenInterface
{
$sql = 'SELECT class, username, value, lastUsed FROM rememberme_token WHERE series=:series';
$paramValues = ['series' => $series];
$paramTypes = ['series' => ParameterType::STRING];
$stmt = $this->conn->executeQuery($sql, $paramValues, $paramTypes);
// fetching numeric because column name casing depends on platform, eg. Oracle converts all not quoted names to uppercase
$row = $stmt->fetchNumeric() ?: throw new TokenNotFoundException('No token found.');
[$class, $username, $value, $last_used] = $row;
if (method_exists(PersistentToken::class, 'getClass')) {
return new PersistentToken($class, $username, $series, $value, new \DateTimeImmutable($last_used), false);
}
return new PersistentToken($username, $series, $value, new \DateTimeImmutable($last_used));
}
public function deleteTokenBySeries(string $series): void
{
$sql = 'DELETE FROM rememberme_token WHERE series=:series';
$paramValues = ['series' => $series];
$paramTypes = ['series' => ParameterType::STRING];
$this->conn->executeStatement($sql, $paramValues, $paramTypes);
}
public function updateToken(string $series, #[\SensitiveParameter] string $tokenValue, \DateTimeInterface $lastUsed): void
{
$sql = 'UPDATE rememberme_token SET value=:value, lastUsed=:lastUsed WHERE series=:series';
$paramValues = [
'value' => $tokenValue,
'lastUsed' => \DateTimeImmutable::createFromInterface($lastUsed),
'series' => $series,
];
$paramTypes = [
'value' => ParameterType::STRING,
'lastUsed' => Types::DATETIME_IMMUTABLE,
'series' => ParameterType::STRING,
];
$updated = $this->conn->executeStatement($sql, $paramValues, $paramTypes);
if ($updated < 1) {
throw new TokenNotFoundException('No token found.');
}
}
public function createNewToken(PersistentTokenInterface $token): void
{
$sql = 'INSERT INTO rememberme_token (class, username, series, value, lastUsed) VALUES (:class, :username, :series, :value, :lastUsed)';
$paramValues = [
'class' => method_exists($token, 'getClass') ? $token->getClass(false) : '',
'username' => $token->getUserIdentifier(),
'series' => $token->getSeries(),
'value' => $token->getTokenValue(),
'lastUsed' => \DateTimeImmutable::createFromInterface($token->getLastUsed()),
];
$paramTypes = [
'class' => ParameterType::STRING,
'username' => ParameterType::STRING,
'series' => ParameterType::STRING,
'value' => ParameterType::STRING,
'lastUsed' => Types::DATETIME_IMMUTABLE,
];
$this->conn->executeStatement($sql, $paramValues, $paramTypes);
}
public function verifyToken(PersistentTokenInterface $token, #[\SensitiveParameter] string $tokenValue): bool
{
// Check if the token value matches the current persisted token
if (hash_equals($token->getTokenValue(), $tokenValue)) {
return true;
}
// Generate an alternative series id here by changing the suffix == to _
// this is needed to be able to store an older token value in the database
// which has a PRIMARY(series), and it works as long as series ids are
// generated using base64_encode(random_bytes(64)) which always outputs
// a == suffix, but if it should not work for some reason we abort
// for safety
$tmpSeries = preg_replace('{=+$}', '_', $token->getSeries());
if ($tmpSeries === $token->getSeries()) {
return false;
}
// Check if the previous token is present. If the given $tokenValue
// matches the previous token (and it is outdated by at most 60seconds)
// we also accept it as a valid value.
try {
$tmpToken = $this->loadTokenBySeries($tmpSeries);
} catch (TokenNotFoundException) {
return false;
}
if ($tmpToken->getLastUsed()->getTimestamp() + 60 < time()) {
return false;
}
return hash_equals($tmpToken->getTokenValue(), $tokenValue);
}
public function updateExistingToken(PersistentTokenInterface $token, #[\SensitiveParameter] string $tokenValue, \DateTimeInterface $lastUsed): void
{
if (!$token instanceof PersistentToken) {
return;
}
// Persist a copy of the previous token for authentication
// in verifyToken should the old token still be sent by the browser
// in a request concurrent to the one that did this token update
$tmpSeries = preg_replace('{=+$}', '_', $token->getSeries());
// if we cannot generate a unique series it is not worth trying further
if ($tmpSeries === $token->getSeries()) {
return;
}
$this->conn->beginTransaction();
try {
$this->deleteTokenBySeries($tmpSeries);
$lastUsed = \DateTime::createFromInterface($lastUsed);
if (method_exists(PersistentToken::class, 'getClass')) {
$persistentToken = new PersistentToken($token->getClass(false), $token->getUserIdentifier(), $tmpSeries, $token->getTokenValue(), $lastUsed, false);
} else {
$persistentToken = new PersistentToken($token->getUserIdentifier(), $tmpSeries, $token->getTokenValue(), $lastUsed);
}
$this->createNewToken($persistentToken);
$this->conn->commit();
} catch (\Exception $e) {
$this->conn->rollBack();
throw $e;
}
}
/**
* Adds the Table to the Schema if "remember me" uses this Connection.
*/
public function configureSchema(Schema $schema, Connection $forConnection, \Closure $isSameDatabase): void
{
if ($schema->hasTable('rememberme_token')) {
return;
}
if ($forConnection !== $this->conn && !$isSameDatabase($this->conn->executeStatement(...))) {
return;
}
$this->addTableToSchema($schema);
}
private function addTableToSchema(Schema $schema): void
{
$table = $schema->createTable('rememberme_token');
$table->addColumn('series', Types::STRING, ['length' => 88]);
$table->addColumn('value', Types::STRING, ['length' => 88]);
$table->addColumn('lastUsed', Types::DATETIME_IMMUTABLE);
$table->addColumn('class', Types::STRING, ['length' => 100, 'default' => '']);
$table->addColumn('username', Types::STRING, ['length' => 200]);
if (class_exists(PrimaryKeyConstraint::class)) {
$table->addPrimaryKeyConstraint(new PrimaryKeyConstraint(null, [new UnqualifiedName(Identifier::unquoted('series'))], true));
} else {
$table->setPrimaryKey(['series']);
}
}
}

167
backend/vendor/symfony/doctrine-bridge/Security/User/EntityUserProvider.php vendored Normal file
View File

@@ -0,0 +1,167 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Bridge\Doctrine\Security\User;
use Doctrine\Persistence\ManagerRegistry;
use Doctrine\Persistence\Mapping\ClassMetadata;
use Doctrine\Persistence\ObjectManager;
use Doctrine\Persistence\ObjectRepository;
use Doctrine\Persistence\Proxy;
use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
use Symfony\Component\Security\Core\Exception\UserNotFoundException;
use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
use Symfony\Component\Security\Core\User\PasswordUpgraderInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
/**
* Wrapper around a Doctrine ObjectManager.
*
* Provides provisioning for Doctrine entity users.
*
* @author Fabien Potencier <fabien@symfony.com>
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
*
* @template TUser of UserInterface
*
* @template-implements UserProviderInterface<TUser>
*/
class EntityUserProvider implements UserProviderInterface, PasswordUpgraderInterface
{
private string $class;
public function __construct(
private readonly ManagerRegistry $registry,
private readonly string $classOrAlias,
private readonly ?string $property = null,
private readonly ?string $managerName = null,
) {
}
/**
* @param ?array $attributes
*/
public function loadUserByIdentifier(string $identifier/* , ?array $attributes = null */): UserInterface
{
$repository = $this->getRepository();
if (null !== $this->property) {
$user = $repository->findOneBy([$this->property => $identifier]);
} else {
if (!$repository instanceof UserLoaderInterface) {
throw new \InvalidArgumentException(\sprintf('You must either make the "%s" entity Doctrine Repository ("%s") implement "Symfony\Bridge\Doctrine\Security\User\UserLoaderInterface" or set the "property" option in the corresponding entity provider configuration.', $this->classOrAlias, get_debug_type($repository)));
}
if (null === $attributes = \func_num_args() > 1 ? func_get_arg(1) : null) {
$user = $repository->loadUserByIdentifier($identifier);
} else {
$user = $repository->loadUserByIdentifier($identifier, $attributes);
}
}
if (null === $user) {
$e = new UserNotFoundException(\sprintf('User "%s" not found.', $identifier));
$e->setUserIdentifier($identifier);
throw $e;
}
return $user;
}
public function refreshUser(UserInterface $user): UserInterface
{
$class = $this->getClass();
if (!$user instanceof $class) {
throw new UnsupportedUserException(\sprintf('Instances of "%s" are not supported.', get_debug_type($user)));
}
$repository = $this->getRepository();
if ($repository instanceof UserProviderInterface) {
$refreshedUser = $repository->refreshUser($user);
} else {
// The user must be reloaded via the primary key as all other data
// might have changed without proper persistence in the database.
// That's the case when the user has been changed by a form with
// validation errors.
if (!$id = $this->getClassMetadata()->getIdentifierValues($user)) {
throw new \InvalidArgumentException('You cannot refresh a user from the EntityUserProvider that does not contain an identifier. The user object has to be serialized with its own identifier mapped by Doctrine.');
}
$refreshedUser = $repository->find($id);
if (null === $refreshedUser) {
$e = new UserNotFoundException('User with id '.json_encode($id).' not found.');
$e->setUserIdentifier(json_encode($id));
throw $e;
}
}
if ($refreshedUser instanceof Proxy && !$refreshedUser->__isInitialized()) {
$refreshedUser->__load();
} elseif (\PHP_VERSION_ID >= 80400 && ($r = new \ReflectionClass($refreshedUser))->isUninitializedLazyObject($refreshedUser)) {
$r->initializeLazyObject($refreshedUser);
}
return $refreshedUser;
}
public function supportsClass(string $class): bool
{
return $class === $this->getClass() || is_subclass_of($class, $this->getClass());
}
/**
* @final
*/
public function upgradePassword(PasswordAuthenticatedUserInterface $user, string $newHashedPassword): void
{
$class = $this->getClass();
if (!$user instanceof $class) {
throw new UnsupportedUserException(\sprintf('Instances of "%s" are not supported.', get_debug_type($user)));
}
$repository = $this->getRepository();
if ($repository instanceof PasswordUpgraderInterface) {
$repository->upgradePassword($user, $newHashedPassword);
}
}
private function getObjectManager(): ObjectManager
{
return $this->registry->getManager($this->managerName);
}
private function getRepository(): ObjectRepository
{
return $this->getObjectManager()->getRepository($this->classOrAlias);
}
private function getClass(): string
{
if (!isset($this->class)) {
$class = $this->classOrAlias;
if (str_contains($class, ':')) {
$class = $this->getClassMetadata()->getName();
}
$this->class = $class;
}
return $this->class;
}
private function getClassMetadata(): ClassMetadata
{
return $this->getObjectManager()->getClassMetadata($this->classOrAlias);
}
}

35
backend/vendor/symfony/doctrine-bridge/Security/User/UserLoaderInterface.php vendored Normal file
View File

@@ -0,0 +1,35 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Bridge\Doctrine\Security\User;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* Represents a class that loads UserInterface objects from Doctrine source for the authentication system.
*
* This interface is meant to facilitate the loading of a User from Doctrine source using a custom method.
* If you want to implement your own logic of retrieving the user from Doctrine your repository should implement this
* interface.
*
* @see UserInterface
*
* @author Michal Trojanowski <michal@kmt-studio.pl>
*/
interface UserLoaderInterface
{
/**
* Loads the user for the given user identifier (e.g. username or email).
*
* This method must return null if the user is not found.
*/
public function loadUserByIdentifier(string $identifier): ?UserInterface;
}