Flow: Security/User Kickstart

Index.html

<f:layout name="Default" />

<f:section name="Content">
	<div class="content">
		<section class="body">
	        <f:form action="authenticate" method="post">
		        <fieldset>
	               <legend></legend>
	               <div class="row username">
	                       <label id="usernameLabel" for="username" class="placeholder"><span><f:translate package="TYPO3.Flow">Username</f:translate></span></label>
	                       <f:form.textfield name="__authentication[TYPO3][Flow][Security][Authentication][Token][UsernamePassword][username]" tabindex="1" />
	               </div>

	               <div class="row password">
	                       <label id="passwordLabel" for="password" class="placeholder"><span><f:translate package="TYPO3.Flow" id="authentication.password"/></span></label>
	                       <f:form.password  name="__authentication[TYPO3][Flow][Security][Authentication][Token][UsernamePassword][password]" tabindex="2" />
	               </div>

	               <f:form.submit value="{f:translate(id: 'authentication.login', package: 'TYPO3.Flow')}" />
		       	</fieldset>
			</f:form>
	    </section>
	</div>
</f:section>

LoginController.php

<?php
namespace Brain\Controller;

/*                                                                        *
 * This script belongs to the FLOW3 package "Brain".                      *
 *                                                                        *
 *                                                                        */

use TYPO3\Flow\Annotations as Flow;

/**
 * Standard controller for the Brain package 
 *
 * @Flow\Scope("singleton")
 */
class LoginController extends \TYPO3\Flow\Mvc\Controller\ActionController {
	/**
	 * @Flow\Inject
	 * @var \TYPO3\Flow\Security\Authentication\AuthenticationManagerInterface
	 */
	protected $authenticationManager;

	/**
	 * @var \TYPO3\Flow\Security\Cryptography\HashService
	 * @Flow\Inject
	 */
	protected $hashService;

	/**
	 * @Flow\Inject
	 * @var \TYPO3\Flow\Security\AccountRepository
	 */
	protected $accountRepository;

	/**
	 * @Flow\Inject
	 * @var \TYPO3\Flow\Security\AccountFactory
	 */
	protected $accountFactory;

	/**
	 *
	 *
	 * @return string
	 */
	public function indexAction() {
	}

	/**
	 * Authenticates an account by invoking the Provider based Authentication Manager.
	 *
	 * On successful authentication redirects to the list of posts, otherwise returns
	 * to the login screen.
	 *
	 * @return void
	 * @throws \TYPO3\Flow\Security\Exception\AuthenticationRequiredException
	 */
	public function authenticateAction() {
		try {
			$this->authenticationManager->authenticate();
			$this->redirect('index', 'Action');
		} catch (\TYPO3\Flow\Security\Exception\AuthenticationRequiredException $exception) {
			$this->addFlashMessage('Wrong username or password.');
			throw $exception;
		}
	}

	/**
	 *
	 * @return void
	 */
	public function logoutAction() {
		$this->authenticationManager->logout();
		$this->addFlashMessage('Successfully logged out.');
		$this->redirect('index', 'Post');
	}
}

?>

Policy.yaml

#                                                                        #
# Security policy for the TYPO3 package                                  #
#                                                                        #

resources:
  methods:
    Brain_ActionController: 'method(Brain\Controller\ActionController->.*Action())'

roles:
  Administrator: [ Editor ]
  Editor: []

acls:
  Administrator:
    methods:
      Brain_ActionController: GRANT

Settings.yaml

TYPO3:
  Flow:
    security:
      enable: TRUE
      authentication:
        providers:
          BrainProvider:
            provider: PersistedUsernamePasswordProvider
            entryPoint: 'WebRedirect'
            entryPointOptions:
              uri: brain/login

User.php

<?php
namespace Brain\Domain\Model;

/*                                                                        *
 * This script belongs to the FLOW3 package "Party".                      *
 *                                                                        *
 * It is free software; you can redistribute it and/or modify it under    *
 * the terms of the GNU Lesser General Public License, either version 3   *
 *  of the License, or (at your option) any later version.                *
 *                                                                        *
 * The TYPO3 project - inspiring people to share!                         *
 *                                                                        */

use Doctrine\ORM\Mapping as ORM;
use TYPO3\Flow\Annotations as Flow;

/**
 * A person
 *
 * @Flow\Entity
 */
class User extends \TYPO3\Party\Domain\Model\Person {
	/**
	 * @var \Doctrine\Common\Collections\Collection<\Brain\Domain\Model\Action>
	 * @ORM\OneToMany(mappedBy="owner")
	 */
	protected $actions;

	/**
	 * @var \Doctrine\Common\Collections\Collection<\TYPO3\Flow\Security\Account>
	 * @ORM\OneToMany(mappedBy="party", cascade={"persist"})
	 */
	protected $accounts;

	/**
	 * Constructor
	 *
	 * @return void
	 */
	public function __construct() {
		parent::__construct();
		$this->actions = new \Doctrine\Common\Collections\ArrayCollection();
	}

	public function getUsername() {
		return $this->getAccounts()->first()->getAccountIdentifier();
	}

	/**
	 * Assigns the given action to this party. Note: The internal reference of the action is
	 * set to this party.
	 *
	 * @param \Brain\Domain\Model\Action $action The action
	 * @return void
	 */
	public function addAction(\Brain\Domain\Model\Action $action) {
		$this->actions->add($action);
		$action->setParty($this);
	}

	/**
	 * Remove an action from this party
	 *
	 * @param \Brain\Domain\Model\Action $action The action to remove
	 * @return void
	 */
	public function removeAction(\Brain\Domain\Model\Action $action) {
		$this->actions->removeElement($action);
	}

	/**
	 * Returns the actions of this party
	 *
	 * @return \Doctrine\Common\Collections\Collection All assigned Brain\Domain\Model\Action objects
	 */
	public function getActions() {
		return $this->actions;
	}

	/**
	 * Returns the accounts of this party
	 *
	 * @param \Doctrine\Common\Collections\Collection $accounts
	 */
	public function setAccounts($accounts) {
		$this->accounts = $accounts;
	}

	public function getEmail() {
		return $this->getPrimaryElectronicAddress()->getIdentifier();
	}

	public function getAvatar() {
		return 'http://www.gravatar.com/avatar/' . md5($this->getEmail());
	}
}

?>

UserRepository.php

<?php
namespace Brain\Domain\Repository;

/*                                                                        *
 * This script belongs to the FLOW3 package "Brain".                      *
 *                                                                        *
 *                                                                        */

use TYPO3\Flow\Annotations as Flow;

/**
 * A repository for Users
 *
 * @Flow\Scope("singleton")
 */
class UserRepository extends \TYPO3\Flow\Persistence\Repository {
	/**
	 * @Flow\Inject
	 * @var \TYPO3\Flow\Security\AccountRepository
	 */
	protected $accountRepository;

	public function findOneByName($name) {
		$user = $this->findOneByName($name);
		if (is_null($user)) {
			$user = new \Brain\Domain\Model\User();
			$user->setName($name);
			$this->add($user);
		}
		return $user;
	}

	public function findOneByUsername($username) {
		var_dump($username);
		$account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($username, 'BrainProvider');
		return $account->getParty();
	}
}
?>