rgutierrez/resq
1
0
Fork 0
Code Issues 126 Pull requests 49 Projects Releases 4 Packages Wiki Activity Actions

Add account deletion api endpoints #746

Browse source
This commit is contained in:
Ramon Gutierrez 2023-08-11 07:26:49 +08:00
parent 73738b7a18
commit 9ad1f0d9b2
6 changed files with 401 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
config/packages/security.yaml
View file

@ -54,7 +54,7 @@ security:
security: false
cust_api_v2:
pattern: ^\/apiv2\/(?!register|register\/|number_confirm|number_confirm\/|code_validate|code_validate\/|resend_code|resend_code\/|version_check|version_check\/)
pattern: ^\/apiv2\/(?!register|register\/|number_confirm|number_confirm\/|code_validate|code_validate\/|resend_code|resend_code\/|version_check|version_check\/|account|account\/|account_code_validate|account_code_validate\/|account_resend_code|account_resend_code\/)
provider: api_v2_provider
access_denied_handler: Catalyst\ApiBundle\Service\AccessDeniedHandler
stateless: true
@ -63,7 +63,7 @@ security:
- Catalyst\ApiBundle\Security\Authenticator
cust_api_v2_guest:
pattern: ^\/apiv2\/(register|register\/|number_confirm|number_confirm\/|code_validate|code_validate\/|resend_code|resend_code\/|version_check|version_check\/)
pattern: ^\/apiv2\/(register|register\/|number_confirm|number_confirm\/|code_validate|code_validate\/|resend_code|resend_code\/|version_check|version_check\/|account|account\/|account_code_validate|account_code_validate\/|account_resend_code|account_resend_code\/)
security: false
warranty_api:

18
config/routes/apiv2.yaml
View file

@ -244,4 +244,20 @@ apiv2_partner_review_tags:
apiv2_rider_review_tags:
path: /apiv2/review_tags/rider
controller: App\Controller\CustomerAppAPI\ReviewTagController::getRiderReviewTags
controller: App\Controller\CustomerAppAPI\ReviewTagController::getRiderReviewTags
# account deletion
apiv2_account_delete:
path: /apiv2/account
controller: App\Controller\CustomerAppAPI\AccountController::deleteAccount
methods: [DELETE]
apiv2_account_delete_resend_code:
path: /apiv2/account_resend_code
controller: App\Controller\CustomerAppAPI\AccountController:resendCode
methods: [POST]
apiv2_account_delete_code_validate:
path: /apiv2/account_code_validate
controller: App\Controller\CustomerAppAPI\AccountController::validateDeleteCode
methods: [POST]

169
src/Controller/CustomerAppAPI/AccountController.php Normal file
View file

@ -0,0 +1,169 @@
<?php
namespace App\Controller\CustomerAppAPI;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Contracts\Translation\TranslatorInterface;
use Catalyst\ApiBundle\Component\Response as ApiResponse;
use App\Entity\CustomerDeleteRequest;
use App\Service\RisingTideGateway;
use DateTime;
class AccountController extends ApiController
{
public function deleteAccount(RisingTideGateway $rt, Request $req, TranslatorInterface $translator)
{
// validate params
$missing = $this->hasMissingParams($req, [
'phone_number',
]);
if ($missing) {
return new ApiResponse(false, $missing);
}
// user input
$phone_number = $req->request->get('phone_number');
$reason = $req->request->get('reason');
// get otp_mode from .env
$otp_mode = $_ENV['OTP_MODE'];
// use the test code if we're using a test number or are on test mode
$code = $this->getConfirmCode($phone_number);
// build model
$obj = new CustomerDeleteRequest();
$obj->setPhoneNumber($phone_number);
$obj->setReason($reason);
$obj->setConfirmCode($code);
// send sms to number if not in test mode
if ($otp_mode != 'test') {
$this->sendConfirmationCode($rt, $phone_number, $code, $translator);
}
// save the model
$obj->setDateCodeSent(new DateTime());
$this->em->persist($obj);
$this->em->flush();
// response
return new ApiResponse(true, '', [
'request_id' => $obj->getID(),
]);
}
public function validateDeleteCode(Request $req)
{
// validate params
$missing = $this->hasMissingParams($req, [
'request_id',
'code',
]);
if ($missing) {
return new ApiResponse(false, $missing);
}
// user input
$code = $req->request->get('code');
$request_id = $req->request->get('request_id');
// get the request
$obj = $this->em->getRepository(CustomerDeleteRequest::class)->findOneBy([
'id' => $request_id,
'confirm_code' => $code,
'flag_confirmed' => false,
'flag_completed' => false,
]);
if (empty($obj)) {
return new ApiResponse(false, 'Invalid request details provided.');
}
// confirm the request
$obj->setConfirmed(true);
$obj->setDateConfirmed(new DateTime());
$this->em->flush();
// response
return new ApiResponse();
}
public function resendCode(Request $req, RisingTideGateway $rt, TranslatorInterface $translator)
{
// validate params
$missing = $this->hasMissingParams($req, [
'request_id',
]);
if ($missing) {
return new ApiResponse(false, $missing);
}
// user input
$request_id = $req->request->get('request_id');
$now = time();
// get the request
$obj = $this->em->getRepository(CustomerDeleteRequest::class)->findOneBy([
'id' => $request_id,
'flag_confirmed' => false,
'flag_completed' => false,
]);
if (empty($obj)) {
return new ApiResponse(false, 'Invalid request details provided.');
}
// prevent resend spamming
if ($now - $obj->getDateCodeSent()->getTimestamp() < 300) {
return new ApiResponse(false, 'Can only send confirm code every 5 mins.');
}
// use the test code if we're using a test number or are on test mode
$phone_number = $obj->getPhoneNumber();
$code = $this->getConfirmCode($phone_number);
// send sms to number if not in test mode
if ($otp_mode != 'test') {
$this->sendConfirmationCode($rt, $phone_number, $code, $translator);
}
// update last sent timestamp
$obj->setDateCodeSent(new DateTime());
$this->em->flush();
// response
return new ApiResponse();
}
protected function getConfirmCode($phone_number)
{
// get otp_mode from .env
$otp_mode = $_ENV['OTP_MODE'];
// check for hardcoded phone number for app store testing
$test_numbers = explode(",", $_ENV['TEST_PHONE_NUMBERS']);
if (in_array($phone_number, $test_numbers) || $otp_mode == 'test') {
$code = "123456";
} else {
// generate code
$code = $this->generateConfirmCode();
}
return $code;
}
protected function generateConfirmCode()
{
return sprintf("%06d", mt_rand(100000, 999999));
}
protected function sendConfirmationCode(RisingTideGateway $rt, $phone_number, $code, TranslatorInterface $translator)
{
// send sms to number
$message = $translator->trans('message.confirmation_code') . ' ' . $code;
$rt->sendSMS($phone_number, $translator->trans('message.battery_brand_allcaps'), $message);
}
}

4
src/Controller/CustomerAppAPI/AuthController.php
View file

@ -85,7 +85,9 @@ class AuthController extends ApiController
$otp_mode = $_ENV['OTP_MODE'];
// check for hardcoded phone number for app store testing
if ($phone_number == '9991112233' || $phone_number == '9221111111') {
$test_numbers = explode(",", $_ENV['TEST_PHONE_NUMBERS']);
if (in_array($phone_number, $test_numbers)) {
$code = '123456';
$this->session->setConfirmCode($code)
->setPhoneNumber($phone_number);

209
src/Entity/CustomerDeleteRequest.php Normal file
View file

@ -0,0 +1,209 @@
<?php
namespace App\Entity;
use Doctrine\ORM\Mapping as ORM;
use DateTime;
/**
* @ORM\Entity
* @ORM\Table(name="customer_delete_request")
*/
class CustomerDeleteRequest
{
// unique id
/**
* @ORM\Id
* @ORM\Column(type="string", length=50)
*/
protected $id;
// phone number
/**
* @ORM\Column(type="string", length=12)
*/
protected $phone_number;
// reason for account deletion
/**
* @ORM\Column(type="text", nullable=true)
*/
protected $reason;
// confirm code that we send via SMS
/**
* @ORM\Column(type="string", length=6, nullable=true)
*/
protected $confirm_code;
// if this request has been confirmed via SMS
/**
* @ORM\Column(type="boolean")
*/
protected $flag_confirmed;
// if this request has been completed
/**
* @ORM\Column(type="boolean")
*/
protected $flag_completed;
// date request was created
/**
* @ORM\Column(type="datetime")
*/
protected $date_created;
// date and time that the confirmation code was last sent
/**
* @ORM\Column(type="datetime", nullable=true)
*/
protected $date_code_sent;
// date request was confirmed
/**
* @ORM\Column(type="datetime", nullable=true)
*/
protected $date_confirmed;
// date customer was created
/**
* @ORM\Column(type="datetime", nullable=true)
*/
protected $date_completed;
// link to customer
/**
* @ORM\ManyToOne(targetEntity="Customer")
* @ORM\JoinColumn(name="customer_id", referencedColumnName="id", nullable=true)
*/
protected $customer;
public function __construct()
{
$this->id = $this->generateKeyID();
$this->flag_confirmed = false;
$this->flag_completed = false;
$this->date_created = new DateTime();
$this->date_code_sent = null;
$this->date_confirmed = null;
$this->date_completed = null;
$this->reason = null;
$this->customer = null;
}
public function generateKeyID()
{
// use uniqid with unix timestamp prefix for now
return uniqid(time());
}
public function getID()
{
return $this->id;
}
public function setPhoneNumber($num)
{
$this->phone_number = $num;
return $this;
}
public function getPhoneNumber()
{
return $this->phone_number;
}
public function setReason($reason)
{
$this->reason = $reason;
return $this;
}
public function getReason()
{
return $this->reason;
}
public function setConfirmCode($code)
{
$this->confirm_code = $code;
return $this;
}
public function getConfirmCode()
{
return $this->confirm_code;
}
public function setConfirmed($flag = true)
{
$this->flag_confirmed = $flag;
return $this;
}
public function isConfirmed()
{
return $this->flag_confirmed;
}
public function setCompleted($flag = true)
{
$this->flag_completed = $flag;
return $this;
}
public function isCompleted()
{
return $this->flag_completed;
}
public function getDateCreated()
{
return $this->date_created;
}
public function setDateCodeSent(DateTime $date)
{
$this->date_code_sent = $date;
return $this;
}
public function getDateCodeSent()
{
return $this->date_code_sent;
}
public function setDateConfirmed(DateTime $date)
{
$this->date_confirmed = $date;
return $this;
}
public function getDateConfirmed()
{
return $this->date_confirmed;
}
public function setDateCompleted(DateTime $date)
{
$this->date_completed = $date;
return $this;
}
public function getDateCompleted()
{
return $this->date_completed;
}
public function setCustomer(Customer $cust = null)
{
$this->customer = $cust;
return $this;
}
public function getCustomer()
{
return $this->customer;
}
}

2
src/Entity/CustomerSession.php
View file

@ -20,7 +20,7 @@ class CustomerSession
*/
protected $id;
// link to customer er
// link to customer
/**
* @ORM\ManyToOne(targetEntity="Customer")
* @ORM\JoinColumn(name="customer_id", referencedColumnName="id", nullable=true)