Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
Messi2019-05-17 14:41:58
symfony
Messi, 2019-05-17 14:41:58

Data validation in Symfony 3?

Hello! There is Symfony 3.4.

class LoginController extends Controller
{
    /**
     * Matches /login exactly
     *
     * @Route("/login", name="login")
     *
     * @param Request $request
     *
     * @return Response
     */
    public function loginAction(Request $request)
    {
        $email = $request->query->get('email');

        $password = $request->query->get('password');

        if (empty($email) || empty($password)) {
            return new Response(
                'Email or password can not be blank',
                Response::HTTP_UNAUTHORIZED,
                ['Content-type' => 'application/json',]
            );
        }

        /** @var EncoderFactory $factory */
        $factory = $this->get('security.encoder_factory');

        /** @var UserManager $user_manager */
        $user_manager = $this->get('fos_user.user_manager');

        /** @var User $user */
        $user = $user_manager->findUserByEmail($email);

        if (!$user) {
            return new Response(
                'Email doesnt exists',
                Response::HTTP_UNAUTHORIZED,
                ['Content-type' => 'application/json',]
            );
        }

        $encoder = $factory->getEncoder($user);

        $salt = $user->getSalt();

        if (!$encoder->isPasswordValid($user->getPassword(), $password, $salt)) {
            return new Response(
                'Email or Password not valid.',
                Response::HTTP_UNAUTHORIZED,
                ['Content-type' => 'application/json',]
            );
        }

        $token = new UsernamePasswordToken($user, null, 'main', $user->getRoles());

        $this->get('security.token_storage')->setToken($token);

        $this->get('session')->set('_security_main', serialize($token));

        $event = new InteractiveLoginEvent($request, $token);

        $this->get("event_dispatcher")->dispatch("security.interactive_login", $event);

        return new Response(
            'Welcome '. $user->getUsername(),
            Response::HTTP_OK,
            ['Content-type' => 'application/json']
        );
    }
}

Using POSTman I send a POST request with a password and an email. Everything works, but tell me, please, how to validate incoming email and password?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
E
Evgeny Samsonov, 2019-05-17
@FitTech

It is better to create an object in which to write the necessary validation using Assert
https://symfony.com/doc/current/validation.html
And another recommendation that does not apply to the question. Your controller is too fat :) It's worth thinking about taking it all out somewhere. It is also recommended not to receive services through container get, but to make them private and inject into a method or constructor

Similar questions
A
Alexey Kazin2016-01-27 09:57:15
Choosing a framework for a specific task? 4Reply
S
Steve2021-09-15 11:14:26
Error regarding OneToOne? 1Reply
V
Valery2013-07-01 16:02:46
How to add INSTR function to Doctrine2? 3Reply
A
Alexander Evgenievich2016-02-04 14:16:43
How to organize the correct directory structure in a Symfony2, NodeJS, AngularJS project? 3Reply
A
AlpineMilk2020-06-24 11:05:31
Codeception organizing testing of acceptance tests? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question