lm-commons / lmcuser Goto Github PK

Travis-CI is no longer free for OpenSource CI
Another solution/provider is needed.
Look into using GitHub Actions?

Move over the ZfcUser Wiki and update for LmcUser.

Hi!

Since version 3.3.3 I get an error on opening login page

Datei:
D:\Projects\3lal\infoscreen\vendor\laminas\laminas-servicemanager\src\ServiceManager.php:601
Meldung:
Unable to resolve service "Laminas\Hydrator\ClassMethodsHydrator" to a factory; are you certain you provided it during configuration?
Stack trace:
#0 D:\Projects\3lal\infoscreen\vendor\laminas\laminas-servicemanager\src\ServiceManager.php(677): Laminas\ServiceManager\ServiceManager->getFactory('Laminas\\Hydrato...')
#1 D:\Projects\3lal\infoscreen\vendor\laminas\laminas-servicemanager\src\ServiceManager.php(225): Laminas\ServiceManager\ServiceManager->doCreate('Laminas\\Hydrato...')
#2 D:\Projects\3lal\infoscreen\vendor\lm-commons\lmc-user\src\LmcUser\Factory\UserHydrator.php(19): Laminas\ServiceManager\ServiceManager->get('lmcuser_base_hy...')
#3 D:\Projects\3lal\infoscreen\vendor\laminas\laminas-servicemanager\src\ServiceManager.php(678): LmcUser\Factory\UserHydrator->__invoke(Object(Laminas\ServiceManager\ServiceManager), 'lmcuser_user_hy...', NULL)
#4 D:\Projects\3lal\infoscreen\vendor\laminas\laminas-servicemanager\src\ServiceManager.php(225): Laminas\ServiceManager\ServiceManager->doCreate('lmcuser_user_hy...')
#5 D:\Projects\3lal\infoscreen\vendor\lm-commons\lmc-user\src\LmcUser\Factory\Form\Register.php(18): Laminas\ServiceManager\ServiceManager->get('lmcuser_registe...')
#6 D:\Projects\3lal\infoscreen\vendor\laminas\laminas-servicemanager\src\ServiceManager.php(678): LmcUser\Factory\Form\Register->__invoke(Object(Laminas\ServiceManager\ServiceManager), 'lmcuser_registe...', Object(LmcUserDoctrineORM\Options\ModuleOptions))
#7 D:\Projects\3lal\infoscreen\vendor\laminas\laminas-servicemanager\src\ServiceManager.php(225): Laminas\ServiceManager\ServiceManager->doCreate('lmcuser_registe...')
#8 D:\Projects\3lal\infoscreen\vendor\lm-commons\lmc-user\src\LmcUser\Factory\Controller\UserControllerFactory.php(27): Laminas\ServiceManager\ServiceManager->get('lmcuser_registe...')

I've tried it with different version of laminas-servicemanager (3.5.1, 3.6.1, 3.6.2) without success. Any ideas what's missing?
With version 3.3.2 it's working. But I need session storage fix...

Best regards,
Alex

Need to change the directory structure from PSR-0 to PSR-4. @visto9259, please add a task list which in your experience needs to be fulfilled. I remember you mentioning about breaking of tests. Thanks!

Hi!

Is there any documentation available how to implement a two factor authentication?
It's mentioned in the wiki on the concepts page, but I'm not sure how to configure adapters to redirect to second page where user has to enter sms or otp code.

Thx in advance!

Hi,

I wanted to ask what you people think about changing the Interopt Container with the Psr container and the change of directory structure from src/LmcUser/* to src/*. Thanks!

Add type declarations for parameters and return values
Validate and fix invalid PHPDoc Annotations

Hello everyone,

I ran into an issue using multiple auth adapters and their $this->isSatisfied() function.
In File src/LmcUser/Authentication/Adapter/AbstractAdapter.php on line 24 the Storage is initialized using the current class name:
$this->setStorage(new Storage\Session(get_class($this)));

If I use multiple classes, e.g Db.php and a custom Ldap.php the class_name differs. If authentication is satisfied using Ldap (first adapter), Db should be skipped. But as the class_name differs a new storage is created an authentication fails.

My temporary workaround was to change this line to $this->setStorage(new Storage\Session('LmcUser')); and all AuthenticationAdapters are using the same storage.

This works for me, but is this the correct way ?

Best regards,
Alexander

Add functionality to allow the recovery of a forgotten password.

1. Add action to controller to render a password recovery page if the request is GET. If the request is a POST, create a unique token associated with the user id or email and send an email to the user with a link to reset the password. The link will route to action 2 below
2. Add action to controller to allow the user to enter an new password if the token is valid. Destroy token when done.
3. Add the views for action 1 and 2 above
4. Add adapter to handle the creation, deletion and validation of tokens
5. Add options (token expiration, etc.)

I have already implemented this in my application. I will pull in a generalized version

In the authenticateAction of the UserController, if the authentication fails, the code sets the flash messenger with the canned message: Authentication failed. Please try again.
The code is:

if (!$auth->isValid()) {
            $this->flashMessenger()->setNamespace('lmcuser-login-form')->addMessage($this->failedLoginMessage);
            $adapter->resetAdapters();
            return $this->redirect()->toUrl(
                $this->url()->fromRoute(static::ROUTE_LOGIN) .
                ($redirect ? '?redirect='. rawurlencode($redirect) : '')
            );
        }

where $this->failedLoginMessage is set to Authentication failed. Please try again. and thereby ignores any error messages that would have been available in $auth.

The use case that I have is that if a user is not in a valid state for login (eg disabled), then the error message should be 'A record with the supplied identity is not active.', if using the adapter provided with LmcUser.

I am surprised that no one has raised this issue before.

Hi!
I have found your "organisation" while I was rebuilding my own version of ZfcUser.
As you have already some other projects converted to Laminas and because I'm not a fan of several user modules which are only maintained by the creators themself I have deleted my "organisation"
and if you want I can contribute to yours.
You can have a look at https://github.com/LMTemp/LMFriends-mvc-user
there is everything I have changed to the ZfcUser.

Basically there are a few things which would be good to integrate into this project which I already have in my fork:

• convert arrays to new style
• use strict types
• change factories so they are compatible with servicemanager 3.0
• add csrf tokens again ()
• switch from tabs to spaces (and maybe vom /r/n to /n)
• use ::class where possible
• use null coalescing operator
• add parameter type declarations where possible

I would also suggest to add the ZfcUserDoctrineORM to this organisation - I have used it a lot and would like (need) to port it to laminas

What do you think about it?
Regards Alex

Current behaviour is that the redirection is done on login. Let's say I have n tabs, where I'm logged in, if I open all n of them after logout, I get a login screen with redirection parameter. If I log in in one of the tabs, I'll be redirected to the url in the parameter. All the other n-1 tabs will be redirected to the default url and the original url in the redirection parameter is "lost".

If this is interesting and useful to other people, I could start working on it.

Update composer.json to use Laminas Component Installer

I am using LmcUser + LmcRbacMvc with DoctrineOrmModule with MySQL

Composer.json

    "lm-commons/lmc-user": "^3.6",
    "lm-commons/lmc-admin": "^1.1",
    "doctrine/migrations": "^3.7",
    "lm-commons/lmc-rbac-mvc": "^3.3",
    "laminas/laminas-authentication": "^2.16",
    "doctrine/doctrine-orm-module": "^6.1",
    "doctrine/dbal": "^3.8"

It has following settings

  'user_entity_class' => \LmcUser\Entity\User::class,

Hello, i have implemented LmcUser in my company in the place of an old zfc user.

I managed to make nearly everything work. (Authentication, login session...)
It was until i tried to create an user account.

I received the very same error when trying to use the hydrator as i used to.
I tried to put the hydrator in my factories, in my config nothing works.

It seems to be related to the register form.

The problems seems similar to :

#15

Here is the exact error.

<?php
CONTROLLER:PublicWebSite\Controller\User
FILE :my_site/vendor/laminas/laminas-servicemanager/src/ServiceManager.php (line: 588)

TRACE:
#0 my_site/vendor/laminas/laminas-servicemanager/src/ServiceManager.php(664): Laminas\ServiceManager\ServiceManager->getFactory('Laminas\\Hydrato...')
#1 my_site/vendor/laminas/laminas-servicemanager/src/ServiceManager.php(230): Laminas\ServiceManager\ServiceManager->doCreate('Laminas\\Hydrato...')
#2 my_site/vendor/lm-commons/lmc-user/src/LmcUser/Factory/UserHydrator.php(19): Laminas\ServiceManager\ServiceManager->get('lmcuser_base_hy...')
#3 my_site/vendor/laminas/laminas-servicemanager/src/ServiceManager.php(665): LmcUser\Factory\UserHydrator->__invoke(Object(Laminas\ServiceManager\ServiceManager), 'lmcuser_user_hy...', NULL)
#4 my_site/vendor/laminas/laminas-servicemanager/src/ServiceManager.php(230): Laminas\ServiceManager\ServiceManager->doCreate('lmcuser_user_hy...')
#5 my_site/vendor/lm-commons/lmc-user/src/LmcUser/Service/User.php(296): Laminas\ServiceManager\ServiceManager->get('lmcuser_registe...')
#6 my_site/module/PublicWebSite/src/PublicWebSite/Controller/UserController.php(181): LmcUser\Service\User->getFormHydrator()
#7 my_site/vendor/laminas/laminas-mvc/src/Controller/AbstractActionController.php(77): PublicWebSite\Controller\UserController->jsonRegisterAction()
#8 my_site/vendor/laminas/laminas-eventmanager/src/EventManager.php(331): Laminas\Mvc\Controller\AbstractActionController->onDispatch(Object(Laminas\Mvc\MvcEvent))
#9 my_site/vendor/laminas/laminas-eventmanager/src/EventManager.php(188): Laminas\EventManager\EventManager->triggerListeners(Object(Laminas\Mvc\MvcEvent), Object(Closure))
#10 my_site/vendor/laminas/laminas-mvc/src/Controller/AbstractController.php(105): Laminas\EventManager\EventManager->triggerEventUntil(Object(Closure), Object(Laminas\Mvc\MvcEvent))
#11 my_site/vendor/laminas/laminas-mvc/src/DispatchListener.php(138): Laminas\Mvc\Controller\AbstractController->dispatch(Object(Laminas\Http\PhpEnvironment\Request), Object(Laminas\Http\PhpEnvironment\Response))
#12 my_site/vendor/laminas/laminas-eventmanager/src/EventManager.php(331): Laminas\Mvc\DispatchListener->onDispatch(Object(Laminas\Mvc\MvcEvent))
#13 my_site/vendor/laminas/laminas-eventmanager/src/EventManager.php(188): Laminas\EventManager\EventManager->triggerListeners(Object(Laminas\Mvc\MvcEvent), Object(Closure))
#14 my_site/vendor/laminas/laminas-mvc/src/Application.php(331): Laminas\EventManager\EventManager->triggerEventUntil(Object(Closure), Object(Laminas\Mvc\MvcEvent))
#15 my_site/public/index.php(47): Laminas\Mvc\Application->run()
#16 {main}

 Exception:
Unable to resolve service "Laminas\Hydrator\ClassMethodsHydrator" to a factory; are you certain you provided it during configuration?

dependencies installed
"laminas/laminas-servicemanager": "^3.4", (3.6.4)
"lm-commons/lmc-user": "^3.3", (3.3.3)

Any idea how i could fix the problem?

Thank you very much for your help and nice work by the way.

Matthieu Antoniol

Hi!

i just had a look at your repo and it seems that the unit tests are not executed anymore:

`$ ./vendor/bin/phpunit --bootstrap=tests/bootstrap.php --configuration tests/phpunit.xml

PHPUnit 9.2.6 by Sebastian Bergmann and contributors.

Runtime: PHP 7.4.10 with Xdebug 2.9.6

Configuration: tests/phpunit.xml

Error: Incorrect whitelist config, no code coverage will be generated.

No tests executed!`

Regards Alex

Hello

WHAT I DID
tried to test project on PHP 8.2

WHAT I GET
Uncaught ErrorException: Creation of dynamic property LmcUser\Authentication\Adapter\AdapterChainEvent::$request is deprecated in /home/xxxxx/app/vendor/lm-commons/lmc-user/src/LmcUser/Authentication/Adapter/AdapterChainEvent.php:100

WHAT I NEED
absence of the errors on PHP 8.2

thanks

The description of the configuration options in the README.md file is incorrect. What the README file states as the default is not consistent with the comments in the config/lmcuser.global.php.dist file.

For example, it states that use_registration_form_captcha is true by default but it is false be default.

We need some scrubbing of this file to line it with default module options in src/Options/ModuleOptions.php and at the same time, make sure the comments in config/lmcuser.global.php.dist are also aligned.

Add the capability to redirect to any URI not just routes within the application.

There should be an option in lmc_user => [] to allow redirect to URI with a default to "not allowed".

I have done this in my application already and I can create a pull request for it. This allows me to use the login in my app to authenticate other webistes that are part of the same family of applications but running separate Laminas MVC.

I would like to have other people's thought on this feature before we add it to LmcUser.

In composer.json there is a definition of command test-coverage, which doesn't seem to be used anymore and perhaps could be deleted.
.travis.yml has a logic to fire this command depending on $TEST_COVERAGE variable, but it's not set anywhere. Also coverage is also done by the normal test command, too as it's defined in phpunit.xml.dist, the generated file clover.xml would just land in a different direction.

Version 4 Plan - Features and Enhancements Roadmap

This is to document the enhancements, features and other changes to bring to LmcUser in a forthcoming version 4.

Rationale

LmcUser is a port of ZF-Commons/ZfcUser to Laminas. ZfcUser was developed several years ago and was based on Zend Framework v2 and v3. The port of ZfcUser to Laminas did not bring significant improvements or new features to the package. New frameworks based on Laminas MVC, such as Laminas API Tools have, come along and the Laminas Components have also evolved. It is long overdue to give it a serious upgrade.

LmcRbacMvc has been installed more than 25K times according to Packagist which is a good indication that the package has its usefulness in web application. We are looking for users of the package to provide inputs into the development roadmap for Version 4.

Process

• Comment on this issue if you want to add an enhancement or a feature to be included in Version 4.
• Issues will be created for enhancements/features selected for inclusion in V4 and will be added to the development Backlog and will be labeled as v4
• Development toward V4 will be done on the 4.x branch.
• A GitHub project for LmcUser was created and issues to be added to the project so that progress can be managed
• Issues will be assigned to contributors

Selected Enhancements

• Use another provide for CI (#46)

Proposed enhancements

Should try to sync this change with the next major release

Hey,

Good day.

Any plans to have this run on Laminas version 3? Thanks.

Regards.
Jarrett

I just tried to overwrite the existing Hydrator (UserHydrator/ClassMethodsHydrator) in favor of the DoctrineObject Hydrator.
(I would like to add this to the LmcUser Doctrine module)

I found out that there is a factory for this but some objects just create new ClassMethodsHydrators instead of reusing the factory.
This leads to a big problem that the Hydrator can't be overwritten.
The second problem is that there is an invokable entry which refers, again, directly to the ClassMethodsHydrators

There are the following Hydrators:

• lmcuser_user_hydrator => \LmcUser\Factory\UserHydrator::class
• Module.php invokables: 'lmcuser_register_form_hydrator' => \Laminas\Hydrator\ClassMethodsHydrator::class
• Various creations with new ClassMethodsHydrator()

I think there should be only 2 hydrators - the register form hydrator and the User object hydrator.
Both should come from a factory so it can be overwritten.

I will make a PR and @matwright you can have a look and hopefully merge it :)
It should be BC!

What do you think?

Regards Alex

Besides #15 pull #13 also did a BC with user mapper factory, which isn't covered by tests so far.

The login view (login.phtml) does handle the redirect parameter properly such that, once the user is logged in, he is not redirected to the route specified in the redirect query param.

The issue is at line 11 in the view/lmc-user/user/login.phtml file:

<?php echo $this->partial('_form.phtml', ['form' => $form]); ?>

should be

<?php echo $this->partial('_form.phtml', ['form' => $form, 'redirect' => $this->redirect]); ?>