dayspring-tech · jwong-dayspring · Mar 3, 2025 · Feb 17, 2024 · Feb 17, 2024 · Feb 17, 2024
diff --git a/.github/workflows/symfony.yml b/.github/workflows/symfony.yml
@@ -13,15 +13,35 @@ jobs:
         php:
 #          - '7.2'
 #          - '7.3'
-          - '7.4'
+#          - '7.4'
           - '8.0'
           - '8.1'
-        composer:
-          - ''
-          - '--prefer-lowest'
+          - '8.2'
+          - '8.3'
+          - '8.4'
+        symfony_version:
+          - '5.4.*'
+          - '6.0.*'
+          - '6.1.*'
+          - '6.2.*'
+          - '6.3.*'
+          - '6.4.*'
+        exclude:
+          # symfony 6.1+ requires PHP 8.1+
+          - php: '8.0'
+            symfony_version: '6.1.*'
+          - php: '8.0'
+            symfony_version: '6.2.*'
+          - php: '8.0'
+            symfony_version: '6.3.*'
+          - php: '8.0'
+            symfony_version: '6.4.*'
+#        deps:
+#          - 'highest'
+#          - 'lowest'
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Use PHP
         uses: shivammathur/setup-php@v2
@@ -39,23 +59,27 @@ jobs:
 
       - name: cache dependencies
         id: angular-dependencies
-        uses: actions/cache@v3
+        uses: actions/cache@v4
         with:
           path: ${{ steps.composer-cache.outputs.dir }}
           key: ${{ runner.os }}-${{ matrix.php }}-${{ matrix.composer }}-composer-${{ hashFiles('**/composer.lock') }}
           restore-keys: |
             ${{ runner.os }}-${{ matrix.php }}-${{ matrix.composer }}-composer-
 
+      - name: Set Symfony minor version
+        run: |
+          sed -i 's|\("symfony/.*"\): ".*^6\.0"|\1: "${{ matrix.symfony_version }}"|' composer.json
+        working-directory: ./
+
       - name: Validate composer.json and composer.lock
         run: composer validate
         working-directory: ./
 
       - name: Install dependencies
-        env:
-          COMPOSER_AUTH: ${{ secrets.COMPOSER_AUTH }}
-          COMPOSER_FLAGS: ${{ matrix.composer }}
-        run: composer update ${COMPOSER_FLAGS} --prefer-source      
-        working-directory: ./
+        uses: ramsey/composer-install@v3
+        with:
+#          dependency-versions: '${{ matrix.deps }}'
+          working-directory: ./
 
       - name: Start MySQL
         run: |

diff --git a/Controller/ForgotResetController.php b/Controller/ForgotResetController.php
@@ -5,46 +5,34 @@
 use Dayspring\LoginBundle\Entity\ChangePasswordEntity;
 use Dayspring\LoginBundle\Form\Type\ChangePasswordType;
 use Dayspring\LoginBundle\Form\Type\ResetPasswordType;
+use Symfony\Component\HttpFoundation\RequestStack;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
 use Symfony\Component\Routing\Annotation\Route;
 use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
-use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
 use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\Form\Extension\Core\Type\EmailType;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Session\SessionInterface;
 use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
-use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
+use Symfony\Component\Security\Core\Exception\UserNotFoundException;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
 use Symfony\Component\Mailer\Exception\TransportExceptionInterface;
 use Symfony\Component\Mailer\MailerInterface;
 use Symfony\Component\Mime\Email;
 
 class ForgotResetController extends AbstractController
 {
-    protected $userProvider;
-    protected $authenticationManager;
-    protected $session;
-    protected $tokenStorage;
-    protected $userPasswordEncoder;
-    protected $mailer;
 
     public function __construct(
-        AuthenticationManagerInterface $authenticationManager,
-        UserProviderInterface $userProvider,
-        SessionInterface $session,
-        MailerInterface $mailer,
-        TokenStorageInterface $tokenStorage,
-        UserPasswordEncoderInterface $userPasswordEncoder
+        protected UserProviderInterface $userProvider,
+        protected RequestStack $requestStack,
+        protected MailerInterface $mailer,
+        protected TokenStorageInterface $tokenStorage,
+        protected UserPasswordHasherInterface $userPasswordHasher
     ) {
-        $this->authenticationManager = $authenticationManager;
-        $this->mailer = $mailer;
-        $this->session = $session;
-        $this->tokenStorage = $tokenStorage;
-        $this->userPasswordEncoder = $userPasswordEncoder;
-        $this->userProvider = $userProvider;
     }
 
     /**
@@ -54,7 +42,7 @@ public function forgotPasswordAction(Request $request)
     {
         $genericMsg = 'Your request has been sent. If an account was found, an email has been sent. Please check your email for further instructions.';
 
-        $form = $this->createFormBuilder(array())
+        $form = $this->createFormBuilder([])
             ->add('email', EmailType::class)
             ->getForm();
         if ($request->getMethod() == "POST") {
@@ -69,9 +57,7 @@ public function forgotPasswordAction(Request $request)
                     $user->generateResetToken();
 
                     $subject = "Reset Password";
-                    $data = array(
-                        'user' => $user
-                    );
+                    $data = ['user' => $user];
                     $fromAddress = $this->getParameter('login_bundle.from_address');
                     $fromDisplayName = $this->getParameter('login_bundle.from_display_name');
 
@@ -93,7 +79,7 @@ public function forgotPasswordAction(Request $request)
 
                     $this->mailer->send($message);
                 }
-            } catch (UsernameNotFoundException $e) {
+            } catch (UserNotFoundException $e) {
                 // do not throw an error for UsernameNotFoundException
             }
 
@@ -105,9 +91,7 @@ public function forgotPasswordAction(Request $request)
 
         }
 
-        return $this->render('@DayspringLogin/ForgotReset/forgotPassword.html.twig', array(
-            'form' => $form->createView(),
-        ));
+        return $this->render('@DayspringLogin/ForgotReset/forgotPassword.html.twig', ['form' => $form->createView()]);
     }
 
     /**
@@ -123,8 +107,7 @@ public function resetPasswordAction(Request $request, $resetToken)
                 if ($form->isValid()) {
                     $data = $form->getData();
 
-                    $encoded = $this->userPasswordEncoder->encodePassword($user, $data->getPassword());
-//                    $encoded = $this->userPasswordEncoder->hashPassword($user, $data->getPassword());
+                    $encoded = $this->userPasswordHasher->hashPassword($user, $data->getPassword());
                     $user->setPassword($encoded);
                     $user->save();
 
@@ -138,9 +121,7 @@ public function resetPasswordAction(Request $request, $resetToken)
                     return $this->redirect($this->generateUrl('_login'));
                 }
             }
-            return $this->render('@DayspringLogin/ForgotReset/resetPassword.html.twig', array(
-                'form' => $form->createView()
-            ));
+            return $this->render('@DayspringLogin/ForgotReset/resetPassword.html.twig', ['form' => $form->createView()]);
         } else {
             throw new AccessDeniedHttpException("No User found with this reset token.");
         }
@@ -159,27 +140,24 @@ public function changePasswordAction(Request $request)
             if ($form->isValid()) {
                 $data = $form->getData();
 
-                $encoded = $this->userPasswordEncoder->encodePassword($currentUser, $data->getNewPassword());
-//                $encoded = $this->userPasswordEncoder->hashPassword($currentUser, $data->getNewPassword());
+                $encoded = $this->userPasswordHasher->hashPassword($currentUser, $data->getNewPassword());
                 $currentUser->setPassword($encoded);
                 $currentUser->save();
 
-                $token = new UsernamePasswordToken(
-                    $currentUser,
-                    $data->getNewPassword(),
-                    "secured_area",
-                    $currentUser->getRoles()
-                );
-                $token = $this->authenticationManager->authenticate($token);
-                $this->tokenStorage->setToken($token);
+//                $token = new UsernamePasswordToken(
+//                    $currentUser,
+//                    $data->getNewPassword(),
+//                    "secured_area",
+//                    $currentUser->getRoles()
+//                );
+//                $token = $this->authenticationManager->authenticate($token);
+//                $this->tokenStorage->setToken($token);
 
-                $this->session->getFlashBag()->add('success', 'New password has been saved.');
+                $this->requestStack->getSession()->getFlashBag()->add('success', 'New password has been saved.');
 
                 return $this->redirect($this->generateUrl("account_dashboard"));
             }
         }
-        return $this->render('@DayspringLogin/ForgotReset/changePassword.html.twig', array(
-            'form' => $form->createView()
-        ));
+        return $this->render('@DayspringLogin/ForgotReset/changePassword.html.twig', ['form' => $form->createView()]);
     }
 }
diff --git a/Controller/SecurityController.php b/Controller/SecurityController.php
@@ -20,12 +20,12 @@ public function __construct(AuthenticationUtils $authenticationUtils)
      */
     public function loginAction()
     {
-        return $this->render('@DayspringLogin/Security/login.html.twig', array(
+        return $this->render('@DayspringLogin/Security/login.html.twig', [
             // last username entered by the user (if any)
             'last_username' => $this->authenticationUtils->getLastUsername(),
             // last authentication error (if any)
             'error' => $this->authenticationUtils->getLastAuthenticationError(),
-        ));
+        ]);
     }
 
     /**

diff --git a/Controller/UserAccountController.php b/Controller/UserAccountController.php
@@ -35,7 +35,7 @@ public function usersAction()
     {
         $users = $this->userProvider->getUsers();
 
-        return $this->render('@DayspringLogin/UserAccount/list.html.twig', array('users' => $users));
+        return $this->render('@DayspringLogin/UserAccount/list.html.twig', ['users' => $users]);
     }
 
     /**
@@ -65,10 +65,7 @@ public function editUserAction(Request $request, $userId)
 
         return $this->render(
             '@DayspringLogin/UserAccount/edit.html.twig',
-            array(
-                'form' => $form->createView(),
-                'title' => $userId ? 'Edit User' : 'Create New User'
-            )
+            ['form' => $form->createView(), 'title' => $userId ? 'Edit User' : 'Create New User']
         );
     }
 }
diff --git a/DependencyInjection/Configuration.php b/DependencyInjection/Configuration.php
@@ -17,7 +17,7 @@ class Configuration implements ConfigurationInterface
      *
      * @SuppressWarnings(PHPMD.UnusedLocalVariable)
      */
-    public function getConfigTreeBuilder()
+    public function getConfigTreeBuilder(): \Symfony\Component\Config\Definition\Builder\TreeBuilder
     {
         $treeBuilder = new TreeBuilder('dayspring_login');
         $rootNode = $treeBuilder->getRootNode();

diff --git a/Entity/ChangePasswordEntity.php b/Entity/ChangePasswordEntity.php
@@ -19,11 +19,11 @@ class ChangePasswordEntity
     protected $newPassword;
 
     /**
-     * @SecurityAssert\UserPassword(
-     *     message = "Wrong value for your current password"
-     * )
      * @return mixed
      */
+    #[SecurityAssert\UserPassword(
+        message: 'Wrong value for your current password'
+    )]
     public function getPassword()
     {
         return $this->password;

diff --git a/Form/Type/ChangePasswordType.php b/Form/Type/ChangePasswordType.php
@@ -20,26 +20,13 @@ class ChangePasswordType extends AbstractType
     public function buildForm(FormBuilderInterface $builder, array $options)
     {
 
-        $builder->add('password', PasswordType::class, array(
-            'attr' => array('class' => 'password-field', 'style' => 'max-width:300px'),
-            'required' => true,
-            'label' => "Enter Your Current Password"
-        ));
+        $builder->add('password', PasswordType::class, ['attr' => ['class' => 'password-field', 'style' => 'max-width:300px'], 'required' => true, 'label' => "Enter Your Current Password"]);
 
-        $builder->add('newPassword', RepeatedType::class, array(
-            'type' => PasswordType::class,
-            'invalid_message' => 'The password fields must match.',
-            'required' => true,
-            'options' => array('attr' => array('class' => 'password-field', 'style' => 'max-width:300px')),
-            'first_options' => array('label' => 'New Password'),
-            'second_options' => array('label' => 'Repeat New Password'),
-        ));
+        $builder->add('newPassword', RepeatedType::class, ['type' => PasswordType::class, 'invalid_message' => 'The password fields must match.', 'required' => true, 'options' => ['attr' => ['class' => 'password-field', 'style' => 'max-width:300px']], 'first_options' => ['label' => 'New Password'], 'second_options' => ['label' => 'Repeat New Password']]);
     }
 
     public function configureOptions(OptionsResolver $resolver)
     {
-        $resolver->setDefaults(array(
-            'validation_groups' => array('Default', 'password'),
-        ));
+        $resolver->setDefaults(['validation_groups' => ['Default', 'password']]);
     }
 }
diff --git a/Form/Type/ResetPasswordType.php b/Form/Type/ResetPasswordType.php
@@ -20,20 +20,11 @@ class ResetPasswordType extends AbstractType
 
     public function buildForm(FormBuilderInterface $builder, array $options)
     {
-        $builder->add('password', RepeatedType::class, array(
-            'type' => PasswordType::class,
-            'invalid_message' => 'The password fields must match.',
-            'required' => true,
-            'options' => array('attr' => array('class' => 'password-field')),
-            'first_options' => array('label' => 'Password'),
-            'second_options' => array('label' => 'Repeat Password')
-        ));
+        $builder->add('password', RepeatedType::class, ['type' => PasswordType::class, 'invalid_message' => 'The password fields must match.', 'required' => true, 'options' => ['attr' => ['class' => 'password-field']], 'first_options' => ['label' => 'Password'], 'second_options' => ['label' => 'Repeat Password']]);
     }
 
     public function configureOptions(OptionsResolver $resolver)
     {
-        $resolver->setDefaults(array(
-            'validation_groups' => array('Default', 'password'),
-        ));
+        $resolver->setDefaults(['validation_groups' => ['Default', 'password']]);
     }
 }
diff --git a/Form/Type/UserType.php b/Form/Type/UserType.php
@@ -18,8 +18,6 @@ public function buildForm(FormBuilderInterface $builder, array $options)
 
     public function configureOptions(OptionsResolver $resolver)
     {
-        $resolver->setDefaults(array(
-            'data_class' => 'Dayspring\LoginBundle\Model\User',
-        ));
+        $resolver->setDefaults(['data_class' => \Dayspring\LoginBundle\Model\User::class]);
     }
 }