rgutierrez/resq
1
0
Fork 0
Code Issues 126 Pull requests 49 Projects Releases 4 Packages Wiki Activity Actions

Fix base api user usage, fix customer user registration logic on number confirm #730

Browse source
This commit is contained in:
Ramon Gutierrez 2023-02-08 07:42:51 +08:00
parent 1ecd69b959
commit f62ce78ac7
12 changed files with 441 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
config/packages/security.yaml
View file

@ -50,14 +50,17 @@ security:
security: false
cust_api_v2:
pattern: ^\/apiv2\/
#provider: api_provider
#access_denied_handler: Catalyst\ApiBundle\Service\AccessDeniedHandler
pattern: ^\/apiv2\/(?!register|register\/|number_confirm|number_confirm\/|code_validate|code_validate\/)
provider: api_provider
access_denied_handler: Catalyst\ApiBundle\Service\AccessDeniedHandler
stateless: true
#guard:
# authenticators:
# - Catalyst\ApiBundle\Security\Authenticator
security: false # NOTE: Temporary
guard:
authenticators:
- Catalyst\ApiBundle\Security\Authenticator
cust_api_v2_guest:
pattern: ^\/apiv2\/(register|register\/|number_confirm|number_confirm\/|code_validate|code_validate\/)
security: false
warranty_api:
pattern: ^\/capi\/

2
src/Command/CreateRiderAPIUserCommand.php
View file

@ -10,7 +10,7 @@ use Symfony\Component\Console\Output\OutputInterface;
use Doctrine\ORM\EntityManagerInterface;
use Catalyst\ApiBundle\Entity\User as APIUser;
use App\Entity\ApiUser as APIUser;
use Catalyst\ApiBundle\Entity\Role as APIRole;
use App\Entity\Rider;

2
src/Controller/APIUserController.php
View file

@ -2,7 +2,7 @@
namespace App\Controller;
use Catalyst\ApiBundle\Entity\User as APIUser;
use App\Entity\ApiUser as APIUser;
use Catalyst\ApiBundle\Entity\Role as APIRole;
use Doctrine\ORM\Query;

2
src/Controller/CAPI/RiderAppController.php
View file

@ -22,7 +22,7 @@ use App\Entity\BatteryModel;
use App\Entity\BatterySize;
use App\Entity\RiderAPISession;
use App\Entity\User;
use Catalyst\ApiBundle\Entity\User as APIUser;
use App\Entity\ApiUser as APIUser;
use App\Service\RedisClientProvider;
use App\Service\RiderCache;

12
src/Controller/CustomerAppAPI/ApiController.php
View file

@ -10,9 +10,9 @@ use Catalyst\ApiBundle\Controller\ApiController as BaseApiController;
use Catalyst\ApiBundle\Component\Response as ApiResponse;
use App\Ramcar\JOStatus;
use App\Entity\MobileSession;
use App\Entity\Warranty;
use App\Entity\JobOrder;
use App\Entity\CustomerSession;
class ApiController extends BaseApiController
{
@ -21,7 +21,7 @@ class ApiController extends BaseApiController
public function __construct(EntityManagerInterface $em, KernelInterface $kernel)
{
$this->session = new MobileSession; // NOTE: original was null
$this->session = new CustomerSession; // NOTE: original was null
$this->em = $em;
// load env file
@ -40,10 +40,10 @@ class ApiController extends BaseApiController
return $this->checkRequiredParameters($req, $params);
}
protected function validateSession($api_key)
protected function validateSession($session_key)
{
// check if the session exists
$session = $this->em->getRepository(MobileSession::class)->find($api_key);
$session = $this->em->getRepository(CustomerSession::class)->find($session_key);
if ($session === null) {
return false;
}
@ -55,10 +55,10 @@ class ApiController extends BaseApiController
protected function validateRequest(Request $req, $params = [])
{
$error = $this->hasMissingParams($req, $params);
$api_key = $req->query->get('api_key');
$session_key = $req->query->get('session_key');
if (!$error) {
if (empty($api_key) || !$this->validateSession($api_key)) {
if (empty($session_key) || !$this->validateSession($session_key)) {
$error = 'Invalid session key.';
}
}

47
src/Controller/CustomerAppAPI/AuthController.php
View file

@ -7,7 +7,9 @@ use Symfony\Component\HttpFoundation\Request;
use Symfony\Contracts\Translation\TranslatorInterface;
use Catalyst\ApiBundle\Component\Response as ApiResponse;
use App\Entity\MobileSession;
use App\Entity\Customer;
use App\Entity\CustomerUser;
use App\Entity\CustomerSession;
use App\Service\RisingTideGateway;
use DateTime;
@ -32,7 +34,7 @@ class AuthController extends ApiController
while (true) {
try {
// instantiate session
$sess = new MobileSession();
$sess = new CustomerSession();
$sess->setPhoneModel($req->request->get('phone_model'))
->setOSType($req->request->get('os_type'))
->setOSVersion($req->request->get('os_version'))
@ -132,6 +134,11 @@ class AuthController extends ApiController
return new ApiResponse(false, $validity['error']);
}
// already confirmed
if ($this->session->isConfirmed()) {
return new ApiResponse(false, 'User is already confirmed.');
}
// code is wrong
$code = $req->request->get('code');
if ($this->session->getConfirmCode() != $code) {
@ -143,12 +150,17 @@ class AuthController extends ApiController
$this->session->setDateConfirmed($date)
->setConfirmed();
// figure out if we have customer and customer user already
$customer_user = false;
// TODO: check if we have the number registered before and merge
$dupe_sess = $this->findNumberSession($this->session->getPhoneNumber());
if ($dupe_sess != null) {
$dupe_cust = $dupe_sess->getCustomer();
$this->session->setCustomer($dupe_cust);
// set customer user if it exists
$customer_user = $dupe_sess->getCustomerUser() ?? $dupe_cust->getCustomerUser();
}
// TODO: check if mobile matches mobile of customer
@ -159,10 +171,31 @@ class AuthController extends ApiController
$this->session->setCustomer($customer);
}
if (!$customer_user) {
$customer_user = $this->findCustomerUserByNumber($this->session->getPhoneNumber());
if ($customer_user != null) {
// dupe_cust_user is the same as the customer we found?
$this->session->setCustomerUser($customer_user);
} else {
$customer_user = new CustomerUser();
$customer_user->setCustomer($this->session->getCustomer())
->setPhoneNumber($this->session->getPhoneNumber());
// save
$this->em->persist($customer_user);
}
}
$this->em->flush();
// set session customer user
$this->session->setCustomerUser($customer_user);
// response
return new ApiResponse();
return new ApiResponse(true, '', [
'api_key' => $customer_user->getApiKey(),
'secret_key'=> $customer_user->getSecretKey(),
]);
}
public function resendCode(Request $req, RisingTideGateway $rt, TranslatorInterface $translator)
@ -208,9 +241,10 @@ class AuthController extends ApiController
// TODO: find session customer by phone number
protected function findNumberSession($number)
{
$query = $this->em->getRepository(MobileSession::class)->createQueryBuilder('s')
$query = $this->em->getRepository(CustomerSession::class)->createQueryBuilder('s')
->where('s.phone_number = :number')
->andWhere('s.customer is not null')
->andWhere('s.customer_user is not null')
->andWhere('s.confirm_flag = 1')
->setParameter('number', $number)
->setMaxResults(1)
@ -242,4 +276,9 @@ class AuthController extends ApiController
return $cust;
}
protected function findCustomerUserByNumber($number)
{
return $this->em->getRepository(CustomerUser::class)->findOneBy(['phone_number' => $number]);
}
}

2
src/Controller/RiderController.php
View file

@ -25,7 +25,7 @@ use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
use Catalyst\MenuBundle\Annotation\Menu;
use Catalyst\ApiBundle\Entity\User as APIUser;
use App\Entity\ApiUser as APIUser;
use Catalyst\ApiBundle\Entity\Role as APIRole;
use DateTime;

5
src/Entity/ApiUser.php
View file

@ -2,8 +2,13 @@
namespace App\Entity;
use Doctrine\ORM\Mapping as ORM;
use Catalyst\ApiBundle\Entity\User as BaseUser;
/**
* @ORM\Entity
* @ORM\Table(name="api_user")
*/
class ApiUser extends BaseUser
{
/**

18
src/Entity/Customer.php
View file

@ -96,6 +96,13 @@ class Customer
*/
protected $sessions;
// link to customer user
/**
* @ORM\OneToOne(targetEntity="CustomerUser", inversedBy="customer")
* @ORM\JoinColumn(name="customer_user_id", referencedColumnName="id", nullable=true)
*/
protected $customer_user;
// vehicles linked to customer
/**
* @ORM\OneToMany(targetEntity="CustomerVehicle", mappedBy="customer", cascade={"persist"})
@ -682,4 +689,15 @@ class Customer
{
return $this->car_club_customer_hub;
}
public function setCustomerUser(CustomerUser $cust_user = null)
{
$this->customer_user = $cust_user;
return $this;
}
public function getCustomeUser()
{
return $this->customer_user;
}
}

273
src/Entity/CustomerSession.php Normal file
View file

@ -0,0 +1,273 @@
<?php
namespace App\Entity;
use Doctrine\ORM\Mapping as ORM;
use Doctrine\Common\Collections\ArrayCollection;
use DateTime;
/**
* @ORM\Entity
* @ORM\Table(name="customer_session")
*/
class CustomerSession
{
// unique id
/**
* @ORM\Id
* @ORM\Column(type="string", length=13)
*/
protected $id;
// link to customer er
/**
* @ORM\ManyToOne(targetEntity="Customer")
* @ORM\JoinColumn(name="customer_id", referencedColumnName="id", nullable=true)
*/
protected $customer;
// link to customer user
/**
* @ORM\ManyToOne(targetEntity="CustomerUser", inversedBy="sessions")
* @ORM\JoinColumn(name="customer_user_id", referencedColumnName="id", nullable=true)
*/
protected $customer_user;
// phone number
/**
* @ORM\Column(type="string", length=12, nullable=true)
*/
protected $phone_number;
// phone model
/**
* @ORM\Column(type="string", length=50)
*/
protected $phone_model;
// operating system (android, ios, etc)
/**
* @ORM\Column(type="string", length=15)
*/
protected $os_type;
// os version
/**
* @ORM\Column(type="string", length=25)
*/
protected $os_version;
// device id or push id used by device
/**
* @ORM\Column(type="string", length=200, nullable=true)
*/
protected $device_push_id;
// phone id
/**
* @ORM\Column(type="string", length=50, nullable=true)
*/
protected $phone_id;
// confirm code that we send via SMS
/**
* @ORM\Column(type="string", length=6, nullable=true)
*/
protected $confirm_code;
// is confirmed?
/**
* @ORM\Column(type="boolean")
*/
protected $confirm_flag;
// date the session id was generated and sent to mobile app
/**
* @ORM\Column(type="datetime")
*/
protected $date_generated;
// date the phone number was confirmed
/**
* @ORM\Column(type="datetime", nullable=true)
*/
protected $date_confirmed;
// date and time that the confirmation code was last sent
/**
* @ORM\Column(type="datetime", nullable=true)
*/
protected $date_code_sent;
// reviews made by mobile session
/**
* @ORM\OneToMany(targetEntity="Review", mappedBy="mobile_session")
*/
protected $reviews;
public function __construct()
{
// default date generated to now
$this->id = $this->generateKeyID();
$this->date_generated = new DateTime();
$this->customer_user = null;
$this->confirm_flag = false;
$this->date_confirmed = null;
$this->date_code_sent = null;
$this->reviews = new ArrayCollection();
}
public function generateKeyID()
{
// use uniqid for now, since primary key dupes will trigger exceptions
return uniqid();
}
public function getID()
{
return $this->id;
}
public function setPhoneNumber($num)
{
$this->phone_number = $num;
return $this;
}
public function getPhoneNumber()
{
return $this->phone_number;
}
public function setPhoneModel($model)
{
$this->phone_model = $model;
return $this;
}
public function getPhoneModel()
{
return $this->phone_model;
}
public function setOSType($type)
{
$this->os_type = $type;
return $this;
}
public function getOSType()
{
return $this->os_type;
}
public function setOSVersion($version)
{
$this->os_version = $version;
return $this;
}
public function getOSVersion()
{
return $this->os_version;
}
public function setPhoneID($id)
{
$this->phone_id = $id;
return $this;
}
public function getPhoneID()
{
return $this->phone_id;
}
public function setDevicePushID($id)
{
$this->device_push_id = $id;
return $this;
}
public function getDevicePushID()
{
return $this->device_push_id;
}
public function setCustomer(Customer $cust = null)
{
$this->customer = $cust;
return $this;
}
public function getCustomer()
{
return $this->customer;
}
public function setCustomerUser(CustomerUser $cust_user = null)
{
$this->customer_user = $cust_user;
return $this;
}
public function getCustomerUser()
{
return $this->customer_user;
}
public function getDateGenerated()
{
return $this->date_generated;
}
public function setConfirmCode($code)
{
$this->confirm_code = $code;
return $this;
}
public function getConfirmCode()
{
return $this->confirm_code;
}
public function setConfirmed($flag = true)
{
$this->confirm_flag = $flag;
return $this;
}
public function isConfirmed()
{
return $this->confirm_flag;
}
public function setDateConfirmed(DateTime $date)
{
$this->date_confirmed = $date;
return $this;
}
public function getDateConfirmed()
{
return $this->date_confirmed;
}
public function setDateCodeSent(DateTime $date)
{
$this->date_code_sent = $date;
return $this;
}
public function getDateCodeSent()
{
return $this->date_code_sent;
}
public function getReviews()
{
return $this->reviews;
}
}

94
src/Entity/CustomerUser.php
View file

@ -12,29 +12,95 @@ use Catalyst\ApiBundle\Entity\User as BaseUser;
*/
class CustomerUser extends BaseUser
{
// link to customer
/**
* @ORM\OneToOne(targetEntity="Customer", inversedBy="customer_user")
* @ORM\JoinColumn(name="customer_id", referencedColumnName="id", nullable=true)
*/
protected $customer;
// phone number
/**
* @ORM\Column(type="string", length=12)
*/
protected $phone_number;
/**
* @ORM\Column(type="json")
*/
protected $metadata;
// roles
/**
* @ORM\ManyToMany(targetEntity="Catalyst\ApiBundle\Entity\Role", indexBy="id")
* @ORM\JoinTable(name="customer_user_role")
*/
protected $roles;
// mobile sessions linked to this customer
/**
* @ORM\OneToMany(targetEntity="CustomerSession", mappedBy="customer")
*/
protected $sessions;
public function __construct()
{
parent::__construct();
$this->metadata = [];
$this->sessions = new ArrayCollection();
}
/**
* @ORM\Column(type="string", length=180)
*/
protected $name;
/**
* @ORM\Column(type="boolean")
*/
protected $enabled;
public function setName($name)
public function setMetadata($meta)
{
$this->name = $name;
$this->metadata = $meta;
return $this;
}
public function getName()
public function getMetadata()
{
return $this->name;
if ($this->metadata == null)
return [];
return $this->metadata;
}
public function setPhoneNumber($num)
{
$this->phone_number = $num;
return $this;
}
public function getPhoneNumber()
{
return $this->phone_number;
}
public function addMobileSession(MobileSession $session)
{
$this->sessions->add($session);
return $this;
}
public function clearMobileSessions()
{
$this->sessions->clear();
return $this;
}
public function getMobileSessions()
{
return $this->sessions;
}
public function setCustomer(Customer $cust = null)
{
$this->customer = $cust;
return $this;
}
public function getCustomer()
{
return $this->customer;
}
}

4
src/Entity/Rider.php
View file

@ -9,7 +9,7 @@ use Doctrine\Common\Collections\ArrayCollection;
use Doctrine\Common\Collections\Criteria;
use App\Ramcar\JOStatus;
use Catalyst\ApiBundle\Entity\User as APIUser;
use App\Entity\ApiUser as APIUser;
/**
* @ORM\Entity
@ -131,7 +131,7 @@ class Rider
protected $current_job_order;
/**
* @ORM\OneToOne(targetEntity="Catalyst\ApiBundle\Entity\User", inversedBy="rider")
* @ORM\OneToOne(targetEntity="App\Entity\ApiUser", inversedBy="rider")
* @ORM\JoinColumn(name="api_user_id", referencedColumnName="id", nullable=true)
*/
protected $api_user;