SplendidBear-Websites/MineSeeker
Private
Public Access
1
0
Fork 0
Code Pull Requests 1 Releases Activity

chg: dev: refactor all forms to have Symfony Form Types & Validation Constrainsts - & implement Google ReCapthca v3 #4

Browse Source
This commit is contained in:
László Lang
2026-04-12 08:49:47 +02:00
parent e2b227ed7a
commit acbe9c7f63
21 changed files with 1253 additions and 351 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
composer.json
View File

@@ -12,6 +12,7 @@
"pentatrion/vite-bundle": "^8.2", "pentatrion/vite-bundle": "^8.2",
"symfony/console": "7.4.*", "symfony/console": "7.4.*",
"symfony/flex": "^2.10.0", "symfony/flex": "^2.10.0",
"symfony/form": "7.4.*",
"symfony/framework-bundle": "7.4.*", "symfony/framework-bundle": "7.4.*",
"symfony/http-client": "7.4.*", "symfony/http-client": "7.4.*",
"symfony/mailer": "7.4.*", "symfony/mailer": "7.4.*",
@@ -21,6 +22,7 @@
"symfony/security-bundle": "7.4.*", "symfony/security-bundle": "7.4.*",
"symfony/translation": "7.4.*", "symfony/translation": "7.4.*",
"symfony/twig-bundle": "7.4.*", "symfony/twig-bundle": "7.4.*",
"symfony/validator": "7.4.*",
"symfony/yaml": "7.4.*" "symfony/yaml": "7.4.*"
}, },
"require-dev": { "require-dev": {

370
composer.lock generated
View File

@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically" "This file is @generated automatically"
], ],
"content-hash": "a6a374918b3c989ed745ed4f0afd8b09", "content-hash": "42a3734dddfef28ddaa1352541b4d23f",
"packages": [ "packages": [
{ {
"name": "doctrine/cache", "name": "doctrine/cache",
@@ -3162,6 +3162,109 @@
], ],
"time": "2025-11-16T09:38:19+00:00" "time": "2025-11-16T09:38:19+00:00"
}, },
{
"name": "symfony/form",
"version": "v7.4.8",
"source": {
"type": "git",
"url": "https://github.com/symfony/form.git",
"reference": "fbb79fc4de32f091ec697276824331f5de3a87b4"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/form/zipball/fbb79fc4de32f091ec697276824331f5de3a87b4",
"reference": "fbb79fc4de32f091ec697276824331f5de3a87b4",
"shasum": ""
},
"require": {
"php": ">=8.2",
"symfony/deprecation-contracts": "^2.5|^3",
"symfony/event-dispatcher": "^6.4|^7.0|^8.0",
"symfony/options-resolver": "^7.3|^8.0",
"symfony/polyfill-ctype": "~1.8",
"symfony/polyfill-intl-icu": "^1.21",
"symfony/polyfill-mbstring": "~1.0",
"symfony/property-access": "^6.4|^7.0|^8.0",
"symfony/service-contracts": "^2.5|^3"
},
"conflict": {
"symfony/console": "<6.4",
"symfony/dependency-injection": "<6.4",
"symfony/doctrine-bridge": "<6.4",
"symfony/error-handler": "<6.4",
"symfony/framework-bundle": "<6.4",
"symfony/http-kernel": "<6.4",
"symfony/intl": "<7.4",
"symfony/translation": "<6.4.3|>=7.0,<7.0.3",
"symfony/translation-contracts": "<2.5",
"symfony/twig-bridge": "<6.4"
},
"require-dev": {
"doctrine/collections": "^1.0|^2.0",
"symfony/clock": "^6.4|^7.0|^8.0",
"symfony/config": "^6.4|^7.0|^8.0",
"symfony/console": "^6.4|^7.0|^8.0",
"symfony/dependency-injection": "^6.4|^7.0|^8.0",
"symfony/expression-language": "^6.4|^7.0|^8.0",
"symfony/html-sanitizer": "^6.4|^7.0|^8.0",
"symfony/http-foundation": "^6.4|^7.0|^8.0",
"symfony/http-kernel": "^6.4|^7.0|^8.0",
"symfony/intl": "^7.4|^8.0",
"symfony/security-core": "^6.4|^7.0|^8.0",
"symfony/security-csrf": "^6.4|^7.0|^8.0",
"symfony/translation": "^6.4.3|^7.0.3|^8.0",
"symfony/uid": "^6.4|^7.0|^8.0",
"symfony/validator": "^6.4.12|^7.1.5|^8.0",
"symfony/var-dumper": "^6.4|^7.0|^8.0"
},
"type": "library",
"autoload": {
"psr-4": {
"Symfony\\Component\\Form\\": ""
},
"exclude-from-classmap": [
"/Tests/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Fabien Potencier",
"email": "fabien@symfony.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Allows to easily create, process and reuse HTML forms",
"homepage": "https://symfony.com",
"support": {
"source": "https://github.com/symfony/form/tree/v7.4.8"
},
"funding": [
{
"url": "https://symfony.com/sponsor",
"type": "custom"
},
{
"url": "https://github.com/fabpot",
"type": "github"
},
{
"url": "https://github.com/nicolas-grekas",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
"type": "tidelift"
}
],
"time": "2026-03-24T13:12:05+00:00"
},
{ {
"name": "symfony/framework-bundle", "name": "symfony/framework-bundle",
"version": "v7.4.8", "version": "v7.4.8",
@@ -4203,6 +4306,77 @@
], ],
"time": "2026-04-02T18:23:01+00:00" "time": "2026-04-02T18:23:01+00:00"
}, },
{
"name": "symfony/options-resolver",
"version": "v7.4.8",
"source": {
"type": "git",
"url": "https://github.com/symfony/options-resolver.git",
"reference": "2888fcdc4dc2fd5f7c7397be78631e8af12e02b4"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/options-resolver/zipball/2888fcdc4dc2fd5f7c7397be78631e8af12e02b4",
"reference": "2888fcdc4dc2fd5f7c7397be78631e8af12e02b4",
"shasum": ""
},
"require": {
"php": ">=8.2",
"symfony/deprecation-contracts": "^2.5|^3"
},
"type": "library",
"autoload": {
"psr-4": {
"Symfony\\Component\\OptionsResolver\\": ""
},
"exclude-from-classmap": [
"/Tests/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Fabien Potencier",
"email": "fabien@symfony.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Provides an improved replacement for the array_replace PHP function",
"homepage": "https://symfony.com",
"keywords": [
"config",
"configuration",
"options"
],
"support": {
"source": "https://github.com/symfony/options-resolver/tree/v7.4.8"
},
"funding": [
{
"url": "https://symfony.com/sponsor",
"type": "custom"
},
{
"url": "https://github.com/fabpot",
"type": "github"
},
{
"url": "https://github.com/nicolas-grekas",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
"type": "tidelift"
}
],
"time": "2026-03-24T13:12:05+00:00"
},
{ {
"name": "symfony/password-hasher", "name": "symfony/password-hasher",
"version": "v7.4.8", "version": "v7.4.8",
@@ -4361,6 +4535,94 @@
], ],
"time": "2026-04-10T16:19:22+00:00" "time": "2026-04-10T16:19:22+00:00"
}, },
{
"name": "symfony/polyfill-intl-icu",
"version": "v1.34.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-intl-icu.git",
"reference": "3510b63d07376b04e57e27e82607d468bb134f78"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/polyfill-intl-icu/zipball/3510b63d07376b04e57e27e82607d468bb134f78",
"reference": "3510b63d07376b04e57e27e82607d468bb134f78",
"shasum": ""
},
"require": {
"php": ">=7.2"
},
"suggest": {
"ext-intl": "For best performance and support of other locales than \"en\""
},
"type": "library",
"extra": {
"thanks": {
"url": "https://github.com/symfony/polyfill",
"name": "symfony/polyfill"
}
},
"autoload": {
"files": [
"bootstrap.php"
],
"psr-4": {
"Symfony\\Polyfill\\Intl\\Icu\\": ""
},
"classmap": [
"Resources/stubs"
],
"exclude-from-classmap": [
"/Tests/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Nicolas Grekas",
"email": "p@tchwork.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Symfony polyfill for intl's ICU-related data and classes",
"homepage": "https://symfony.com",
"keywords": [
"compatibility",
"icu",
"intl",
"polyfill",
"portable",
"shim"
],
"support": {
"source": "https://github.com/symfony/polyfill-intl-icu/tree/v1.34.0"
},
"funding": [
{
"url": "https://symfony.com/sponsor",
"type": "custom"
},
{
"url": "https://github.com/fabpot",
"type": "github"
},
{
"url": "https://github.com/nicolas-grekas",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
"type": "tidelift"
}
],
"time": "2026-04-10T16:50:15+00:00"
},
{ {
"name": "symfony/polyfill-intl-idn", "name": "symfony/polyfill-intl-idn",
"version": "v1.34.0", "version": "v1.34.0",
@@ -6281,6 +6543,110 @@
], ],
"time": "2026-03-24T13:12:05+00:00" "time": "2026-03-24T13:12:05+00:00"
}, },
{
"name": "symfony/validator",
"version": "v7.4.8",
"source": {
"type": "git",
"url": "https://github.com/symfony/validator.git",
"reference": "8f73cbddae916756f319b3e195088da216f0f12f"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/validator/zipball/8f73cbddae916756f319b3e195088da216f0f12f",
"reference": "8f73cbddae916756f319b3e195088da216f0f12f",
"shasum": ""
},
"require": {
"php": ">=8.2",
"symfony/deprecation-contracts": "^2.5|^3",
"symfony/polyfill-ctype": "~1.8",
"symfony/polyfill-mbstring": "~1.0",
"symfony/polyfill-php83": "^1.27",
"symfony/translation-contracts": "^2.5|^3"
},
"conflict": {
"doctrine/lexer": "<1.1",
"symfony/dependency-injection": "<6.4",
"symfony/doctrine-bridge": "<7.0",
"symfony/expression-language": "<6.4",
"symfony/http-kernel": "<6.4",
"symfony/intl": "<6.4",
"symfony/property-info": "<6.4",
"symfony/translation": "<6.4.3|>=7.0,<7.0.3",
"symfony/var-exporter": "<6.4.25|>=7.0,<7.3.3",
"symfony/yaml": "<6.4"
},
"require-dev": {
"egulias/email-validator": "^2.1.10|^3|^4",
"symfony/cache": "^6.4|^7.0|^8.0",
"symfony/config": "^6.4|^7.0|^8.0",
"symfony/console": "^6.4|^7.0|^8.0",
"symfony/dependency-injection": "^6.4|^7.0|^8.0",
"symfony/expression-language": "^6.4|^7.0|^8.0",
"symfony/finder": "^6.4|^7.0|^8.0",
"symfony/http-client": "^6.4|^7.0|^8.0",
"symfony/http-foundation": "^6.4|^7.0|^8.0",
"symfony/http-kernel": "^6.4|^7.0|^8.0",
"symfony/intl": "^6.4|^7.0|^8.0",
"symfony/mime": "^6.4|^7.0|^8.0",
"symfony/process": "^6.4|^7.0|^8.0",
"symfony/property-access": "^6.4|^7.0|^8.0",
"symfony/property-info": "^6.4|^7.0|^8.0",
"symfony/string": "^6.4|^7.0|^8.0",
"symfony/translation": "^6.4.3|^7.0.3|^8.0",
"symfony/type-info": "^7.1.8",
"symfony/yaml": "^6.4|^7.0|^8.0"
},
"type": "library",
"autoload": {
"psr-4": {
"Symfony\\Component\\Validator\\": ""
},
"exclude-from-classmap": [
"/Tests/",
"/Resources/bin/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Fabien Potencier",
"email": "fabien@symfony.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Provides tools to validate values",
"homepage": "https://symfony.com",
"support": {
"source": "https://github.com/symfony/validator/tree/v7.4.8"
},
"funding": [
{
"url": "https://symfony.com/sponsor",
"type": "custom"
},
{
"url": "https://github.com/fabpot",
"type": "github"
},
{
"url": "https://github.com/nicolas-grekas",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
"type": "tidelift"
}
],
"time": "2026-03-30T12:55:43+00:00"
},
{ {
"name": "symfony/var-dumper", "name": "symfony/var-dumper",
"version": "v7.4.8", "version": "v7.4.8",
@@ -8207,7 +8573,7 @@
"prefer-stable": false, "prefer-stable": false,
"prefer-lowest": false, "prefer-lowest": false,
"platform": { "platform": {
"php": ">=8.2", "php": ">=8.5",
"ext-iconv": "*", "ext-iconv": "*",
"ext-json": "*" "ext-json": "*"
}, },

11
config/packages/csrf.yaml Normal file
View File

@@ -0,0 +1,11 @@
# Enable stateless CSRF protection for forms and logins/logouts
framework:
form:
csrf_protection:
token_id: submit
csrf_protection:
stateless_token_ids:
- submit
- authenticate
- logout

1
config/packages/twig.yaml
View File

@@ -4,3 +4,4 @@ twig:
strict_variables: '%kernel.debug%' strict_variables: '%kernel.debug%'
globals: globals:
version: "%jotunheimr.version%" version: "%jotunheimr.version%"
recaptcha_site_key: "%env(RECAPTCHA_SITE_KEY)%"

11
config/packages/validator.yaml Normal file
View File

@@ -0,0 +1,11 @@
framework:
validation:
# Enables validator auto-mapping support.
# For instance, basic validation constraints will be inferred from Doctrine's metadata.
#auto_mapping:
# App\Entity\: []
when@test:
framework:
validation:
not_compromised_password: false

134
src/Controller/SecurityController.php
View File

@@ -11,6 +11,9 @@
namespace App\Controller; namespace App\Controller;
use App\Entity\User; use App\Entity\User;
use App\Form\ForgotPasswordFormType;
use App\Form\RegistrationFormType;
use App\Form\ResetPasswordFormType;
use App\Repository\UserRepository; use App\Repository\UserRepository;
use DateTime; use DateTime;
use Doctrine\ORM\EntityManagerInterface; use Doctrine\ORM\EntityManagerInterface;
@@ -68,75 +71,45 @@ class SecurityController extends AbstractController
return $this->redirectToRoute('MineSeekerBundle_homepage'); return $this->redirectToRoute('MineSeekerBundle_homepage');
} }
$errors = []; $user = new User();
$form = $this->createForm(RegistrationFormType::class, $user);
$form->handleRequest($request);
if ($request->isMethod('POST')) { if ($form->isSubmitted() && $form->isValid()) {
$username = trim((string) $request->request->get('_username', '')); $token = bin2hex(random_bytes(32));
$email = trim((string) $request->request->get('_email', ''));
$password = (string) $request->request->get('_password', '');
$passwordConfirm = (string) $request->request->get('_password_confirm', '');
if (mb_strlen($username) < 3) { $user
$errors['username'] = 'Username must be at least 3 characters.'; ->setIsVerified(false)
} elseif ($em->getRepository(User::class)->findOneBy(['username' => $username])) { ->setVerificationToken($token)
$errors['username'] = 'This username is already taken.'; ->setPassword($hasher->hashPassword($user, $form->get('plainPassword')->getData()));
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $em->persist($user);
$errors['email'] = 'Please enter a valid email address.'; $em->flush();
} elseif ($em->getRepository(User::class)->findOneBy(['email' => $email])) {
$errors['email'] = 'This email address is already registered.';
}
if (mb_strlen($password) < 6) { $activationUrl = $this->generateUrl(
$errors['password'] = 'Password must be at least 6 characters.'; 'MineSeekerBundle_activate',
} elseif ($password !== $passwordConfirm) { ['token' => $token],
$errors['password_confirm'] = 'Passwords do not match.'; UrlGeneratorInterface::ABSOLUTE_URL,
} );
if (empty($errors)) { $mailer->send(
$token = bin2hex(random_bytes(32)); new TemplatedEmail()
->from('noreply@mineseeker.ninja')
->to($user->getEmail())
->subject('Activate your MineSeeker account')
->htmlTemplate('emails/activation.html.twig')
->context([
'username' => $user->getUsername(),
'activation_url' => $activationUrl,
])
);
$user = new User() $this->addFlash('verify_email', $user->getEmail());
->setUsername($username)
->setEmail($email)
->setIsVerified(false)
->setVerificationToken($token);
$user->setPassword($hasher->hashPassword($user, $password)); return $this->redirectToRoute('MineSeekerBundle_register');
$em->persist($user);
$em->flush();
$activationUrl = $this->generateUrl(
'MineSeekerBundle_activate',
['token' => $token],
UrlGeneratorInterface::ABSOLUTE_URL,
);
$mailer->send(
new TemplatedEmail()
->from('noreply@mineseeker.ninja')
->to($email)
->subject('Activate your MineSeeker account')
->htmlTemplate('emails/activation.html.twig')
->context([
'username' => $username,
'activation_url' => $activationUrl,
])
);
$this->addFlash('verify_email', $email);
return $this->redirectToRoute('MineSeekerBundle_register');
}
} }
return $this->render('Security/register.html.twig', [ return $this->render('Security/register.html.twig', ['form' => $form]);
'errors' => $errors,
'last_username' => $request->request->get('_username', ''),
'last_email' => $request->request->get('_email', ''),
]);
} }
#[Route('/forgot-password', name: 'MineSeekerBundle_forgot_password')] #[Route('/forgot-password', name: 'MineSeekerBundle_forgot_password')]
@@ -150,8 +123,11 @@ class SecurityController extends AbstractController
return $this->redirectToRoute('MineSeekerBundle_homepage'); return $this->redirectToRoute('MineSeekerBundle_homepage');
} }
if ($request->isMethod('POST')) { $form = $this->createForm(ForgotPasswordFormType::class);
$email = trim((string) $request->request->get('_email', '')); $form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$email = $form->get('email')->getData();
$user = $userRepository->findOneByEmail($email); $user = $userRepository->findOneByEmail($email);
if ($user && $user->isVerified()) { if ($user && $user->isVerified()) {
@@ -186,7 +162,7 @@ class SecurityController extends AbstractController
return $this->redirectToRoute('MineSeekerBundle_forgot_password'); return $this->redirectToRoute('MineSeekerBundle_forgot_password');
} }
return $this->render('Security/forgot_password.html.twig'); return $this->render('Security/forgot_password.html.twig', ['form' => $form]);
} }
#[Route('/reset-password/{token}', name: 'MineSeekerBundle_reset_password')] #[Route('/reset-password/{token}', name: 'MineSeekerBundle_reset_password')]
@@ -204,32 +180,22 @@ class SecurityController extends AbstractController
return $this->redirectToRoute('MineSeekerBundle_forgot_password'); return $this->redirectToRoute('MineSeekerBundle_forgot_password');
} }
$errors = []; $form = $this->createForm(ResetPasswordFormType::class);
$form->handleRequest($request);
if ($request->isMethod('POST')) { if ($form->isSubmitted() && $form->isValid()) {
$password = (string) $request->request->get('_password', ''); $user
$passwordConfirm = (string) $request->request->get('_password_confirm', ''); ->setPassword($hasher->hashPassword($user, $form->get('plainPassword')->getData()))
->setResetToken(null)
->setResetTokenExpiresAt(null);
$em->flush();
if (mb_strlen($password) < 6) { $this->addFlash('success', 'Your password has been reset. You can now sign in.');
$errors['password'] = 'Password must be at least 6 characters.';
} elseif ($password !== $passwordConfirm) {
$errors['password_confirm'] = 'Passwords do not match.';
}
if (empty($errors)) { return $this->redirectToRoute('MineSeekerBundle_login');
$user
->setPassword($hasher->hashPassword($user, $password))
->setResetToken(null)
->setResetTokenExpiresAt(null);
$em->flush();
$this->addFlash('success', 'Your password has been reset. You can now sign in.');
return $this->redirectToRoute('MineSeekerBundle_login');
}
} }
return $this->render('Security/reset_password.html.twig', ['errors' => $errors]); return $this->render('Security/reset_password.html.twig', ['form' => $form]);
} }
#[Route('/activate/{token}', name: 'MineSeekerBundle_activate')] #[Route('/activate/{token}', name: 'MineSeekerBundle_activate')]

6
src/Entity/User.php
View File

@@ -18,9 +18,9 @@ use Doctrine\ORM\Mapping\Entity;
use Doctrine\ORM\Mapping\GeneratedValue; use Doctrine\ORM\Mapping\GeneratedValue;
use Doctrine\ORM\Mapping\Id; use Doctrine\ORM\Mapping\Id;
use Doctrine\ORM\Mapping\Table; use Doctrine\ORM\Mapping\Table;
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface; use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Validator\Constraints as Assert;
/** /**
* Class User * Class User
@@ -34,6 +34,8 @@ use Symfony\Component\Validator\Constraints as Assert;
*/ */
#[Table(name: 'app_user')] #[Table(name: 'app_user')]
#[Entity(repositoryClass: UserRepository::class)] #[Entity(repositoryClass: UserRepository::class)]
#[UniqueEntity(fields: ['username'], message: 'This username is already taken.')]
#[UniqueEntity(fields: ['email'], message: 'This email address is already registered.')]
class User implements UserInterface, PasswordAuthenticatedUserInterface class User implements UserInterface, PasswordAuthenticatedUserInterface
{ {
#[Id, GeneratedValue, Column] #[Id, GeneratedValue, Column]
@@ -82,7 +84,7 @@ class User implements UserInterface, PasswordAuthenticatedUserInterface
public function getUserIdentifier(): string public function getUserIdentifier(): string
{ {
return (string) $this->username; return (string)$this->username;
} }
public function getRoles(): array public function getRoles(): array

56
src/EventListener/LoginCaptchaListener.php Normal file
View File

@@ -0,0 +1,56 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\EventListener;
use App\Service\RecaptchaService;
use Symfony\Component\EventDispatcher\Attribute\AsEventListener;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
use Symfony\Component\Security\Http\Event\CheckPassportEvent;
/**
* Class LoginCaptchaListener
*
* Validates the Google reCAPTCHA v3 token during form-login authentication.
* Fires on CheckPassportEvent, which is dispatched after credentials are
* collected but before the user is authenticated.
*
* @package App\EventListener
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
#[AsEventListener(event: CheckPassportEvent::class)]
readonly class LoginCaptchaListener
{
public function __construct(
private RecaptchaService $recaptcha,
private RequestStack $requestStack,
) {}
public function __invoke(CheckPassportEvent $event): void
{
$request = $this->requestStack->getCurrentRequest();
if ($request === null || !$request->isMethod('POST')) {
return;
}
$token = $request->request->getString('g-recaptcha-response');
$remoteIp = (string) $request->getClientIp();
if (!$this->recaptcha->verify($token, $remoteIp)) {
throw new CustomUserMessageAuthenticationException('CAPTCHA verification failed. Please try again.');
}
}
}

48
src/Form/ForgotPasswordFormType.php Normal file
View File

@@ -0,0 +1,48 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\Form;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Extension\Core\Type\EmailType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolver;
use Symfony\Component\Validator\Constraints\Email;
use Symfony\Component\Validator\Constraints\NotBlank;
/**
* Class ForgotPasswordFormType
*
* @package App\Form
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
class ForgotPasswordFormType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options): void
{
$builder
->add('email', EmailType::class, [
'constraints' => [
new NotBlank(message: 'Please enter an email address.'),
new Email(message: 'Please enter a valid email address.'),
],
])
->add('recaptcha', RecaptchaType::class);
}
public function configureOptions(OptionsResolver $resolver): void
{
$resolver->setDefaults([]);
}
}

61
src/Form/RecaptchaType.php Normal file
View File

@@ -0,0 +1,61 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\Form;
use App\Validator\Recaptcha;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Event\PreSubmitEvent;
use Symfony\Component\Form\Extension\Core\Type\HiddenType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\Form\FormEvents;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\OptionsResolver\OptionsResolver;
/**
* Class RecaptchaType
*
* Reads the Google reCAPTCHA v3 token from the raw POST field
* `g-recaptcha-response` (populated by JS before form submit) and injects
* it as this field's value before validation runs.
*
* @package App\Form
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
class RecaptchaType extends AbstractType
{
public function __construct(private readonly RequestStack $requestStack) {}
public function buildForm(FormBuilderInterface $builder, array $options): void
{
$builder->addEventListener(FormEvents::PRE_SUBMIT, function (PreSubmitEvent $event): void {
$request = $this->requestStack->getCurrentRequest();
$token = $request?->request->getString('g-recaptcha-response') ?? '';
$event->setData($token);
});
}
public function configureOptions(OptionsResolver $resolver): void
{
$resolver->setDefaults([
'mapped' => false,
'constraints' => [new Recaptcha()],
]);
}
public function getParent(): string
{
return HiddenType::class;
}
}

80
src/Form/RegistrationFormType.php Normal file
View File

@@ -0,0 +1,80 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\Form;
use App\Entity\User;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Extension\Core\Type\EmailType;
use Symfony\Component\Form\Extension\Core\Type\PasswordType;
use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
use Symfony\Component\Form\Extension\Core\Type\TextType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolver;
use Symfony\Component\Validator\Constraints\Email;
use Symfony\Component\Validator\Constraints\Length;
use Symfony\Component\Validator\Constraints\NotBlank;
/**
* Class RegistrationFormType
*
* @package App\Form
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
class RegistrationFormType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options): void
{
$builder
->add('username', TextType::class, [
'constraints' => [
new NotBlank(message: 'Please enter a username.'),
new Length(
min: 3,
max: 180,
minMessage: 'Username must be at least {{ limit }} characters.',
maxMessage: 'Username cannot be longer than {{ limit }} characters.',
),
],
])
->add('email', EmailType::class, [
'constraints' => [
new NotBlank(message: 'Please enter an email address.'),
new Email(message: 'Please enter a valid email address.'),
],
])
->add('plainPassword', RepeatedType::class, [
'type' => PasswordType::class,
'mapped' => false,
'invalid_message' => 'Passwords do not match.',
'first_options' => ['label' => 'Password'],
'second_options' => ['label' => 'Confirm Password'],
'constraints' => [
new NotBlank(message: 'Please enter a password.'),
new Length(
min: 6,
minMessage: 'Password must be at least {{ limit }} characters.',
),
],
])
->add('recaptcha', RecaptchaType::class);
}
public function configureOptions(OptionsResolver $resolver): void
{
$resolver->setDefaults([
'data_class' => User::class,
]);
}
}

56
src/Form/ResetPasswordFormType.php Normal file
View File

@@ -0,0 +1,56 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\Form;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Extension\Core\Type\PasswordType;
use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolver;
use Symfony\Component\Validator\Constraints\Length;
use Symfony\Component\Validator\Constraints\NotBlank;
/**
* Class ResetPasswordFormType
*
* @package App\Form
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
class ResetPasswordFormType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options): void
{
$builder
->add('recaptcha', RecaptchaType::class)
->add('plainPassword', RepeatedType::class, [
'type' => PasswordType::class,
'invalid_message' => 'Passwords do not match.',
'first_options' => ['label' => 'New Password'],
'second_options' => ['label' => 'Confirm New Password'],
'constraints' => [
new NotBlank(message: 'Please enter a password.'),
new Length(
min: 6,
minMessage: 'Password must be at least {{ limit }} characters.',
),
],
]);
}
public function configureOptions(OptionsResolver $resolver): void
{
$resolver->setDefaults([]);
}
}

69
src/Service/RecaptchaService.php Normal file
View File

@@ -0,0 +1,69 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\Service;
use Psr\Log\LoggerInterface;
use Symfony\Component\DependencyInjection\Attribute\Autowire;
use Symfony\Contracts\HttpClient\HttpClientInterface;
/**
* Class RecaptchaService
*
* @package App\Service
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
readonly class RecaptchaService
{
private const string SITEVERIFY_URL = 'https://www.google.com/recaptcha/api/siteverify';
/**
* Minimum score to accept a request (0.0 = bot, 1.0 = human).
* 0.5 is Google's recommended default threshold.
*/
private const float SCORE_THRESHOLD = 0.5;
public function __construct(
private HttpClientInterface $httpClient,
private LoggerInterface $logger,
#[Autowire(env: 'RECAPTCHA_SECRET_KEY')]
private string $secretKey,
) {}
public function verify(string $token, string $remoteIp = ''): bool
{
if ($token === '') {
return false;
}
try {
$body = ['secret' => $this->secretKey, 'response' => $token];
if ($remoteIp !== '') {
$body['remoteip'] = $remoteIp;
}
$data = $this->httpClient
->request('POST', self::SITEVERIFY_URL, ['body' => $body])
->toArray();
return ($data['success'] ?? false) === true
&& ($data['score'] ?? 0.0) >= self::SCORE_THRESHOLD;
} catch (\Throwable $e) {
$this->logger->error('reCAPTCHA verification failed: ' . $e->getMessage());
return false;
}
}
}

30
src/Validator/Recaptcha.php Normal file
View File

@@ -0,0 +1,30 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\Validator;
use Attribute;
use Symfony\Component\Validator\Constraint;
/**
* Class Recaptcha
*
* @package App\Validator
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
#[Attribute(Attribute::TARGET_PROPERTY | Attribute::TARGET_METHOD | Attribute::IS_REPEATABLE)]
class Recaptcha extends Constraint
{
public string $message = 'CAPTCHA verification failed. Please try again.';
}

51
src/Validator/RecaptchaValidator.php Normal file
View File

@@ -0,0 +1,51 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\Validator;
use App\Service\RecaptchaService;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\Validator\Constraint;
use Symfony\Component\Validator\ConstraintValidator;
use Symfony\Component\Validator\Exception\UnexpectedTypeException;
/**
* Class RecaptchaValidator
*
* @package App\Validator
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
class RecaptchaValidator extends ConstraintValidator
{
public function __construct(
private readonly RecaptchaService $recaptcha,
private readonly RequestStack $requestStack,
) {}
public function validate(mixed $value, Constraint $constraint): void
{
if (!$constraint instanceof Recaptcha) {
throw new UnexpectedTypeException($constraint, Recaptcha::class);
}
$request = $this->requestStack->getCurrentRequest();
$remoteIp = $request !== null ? ((string) $request->getClientIp()) : '';
if ($this->recaptcha->verify((string) $value, $remoteIp)) {
return;
}
$this->context->buildViolation($constraint->message)->addViolation();
}
}

24
symfony.lock
View File

@@ -197,6 +197,18 @@
"ref": "cc1afd81841db36fbef982fe56b48ade6716fac4" "ref": "cc1afd81841db36fbef982fe56b48ade6716fac4"
} }
}, },
"symfony/form": {
"version": "7.4",
"recipe": {
"repo": "github.com/symfony/recipes",
"branch": "main",
"version": "7.2",
"ref": "7d86a6723f4a623f59e2bf966b6aad2fc461d36b"
},
"files": [
"config/packages/csrf.yaml"
]
},
"symfony/framework-bundle": { "symfony/framework-bundle": {
"version": "3.3", "version": "3.3",
"recipe": { "recipe": {
@@ -369,6 +381,18 @@
"ref": "f75ac166398e107796ca94cc57fa1edaa06ec47f" "ref": "f75ac166398e107796ca94cc57fa1edaa06ec47f"
} }
}, },
"symfony/validator": {
"version": "7.4",
"recipe": {
"repo": "github.com/symfony/recipes",
"branch": "main",
"version": "7.0",
"ref": "8c1c4e28d26a124b0bb273f537ca8ce443472bfd"
},
"files": [
"config/packages/validator.yaml"
]
},
"symfony/var-dumper": { "symfony/var-dumper": {
"version": "v4.0.9" "version": "v4.0.9"
}, },

51
templates/Security/forgot_password.html.twig
View File

@@ -4,7 +4,6 @@
{% block body %} {% block body %}
<div class="auth-page"> <div class="auth-page">
{% for email in app.flashes('reset_sent') %} {% for email in app.flashes('reset_sent') %}
<div class="auth-card auth-card--sent"> <div class="auth-card auth-card--sent">
<div class="auth-sent-icon"><i class="fa fa-envelope-o"></i></div> <div class="auth-sent-icon"><i class="fa fa-envelope-o"></i></div>
@@ -21,40 +20,62 @@
</a> </a>
</div> </div>
{% else %} {% else %}
<div class="auth-card"> <div class="auth-card">
<h2 class="auth-title">Forgot Password</h2> <h2 class="auth-title">Forgot Password</h2>
<p class="auth-sub">Enter your email and we'll send you a reset link</p> <p class="auth-sub">Enter your email and we'll send you a reset link</p>
<form class="auth-form" method="post" action="{{ path('MineSeekerBundle_forgot_password') }}"> {{ form_start(form, {attr: {class: 'auth-form'}}) }}
<div class="auth-field"> <div class="auth-field">
<label for="email" class="auth-label">Email</label> <label for="{{ form.email.vars.id }}" class="auth-label">Email</label>
<div class="auth-input-wrap"> <div class="auth-input-wrap">
<i class="fa fa-envelope auth-input-icon"></i> <i class="fa fa-envelope auth-input-icon"></i>
<input {{ form_widget(form.email, {
type="email" attr: {
id="email" class: 'auth-input' ~ (not form.email.vars.valid ? ' auth-input--error' : ''),
name="_email" autocomplete: 'email',
class="auth-input" autofocus: true,
autocomplete="email" }
autofocus }) }}
required
/>
</div> </div>
{% if not form.email.vars.valid %}
{% for error in form.email.vars.errors %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ error.message }}</p>
{% endfor %}
{% endif %}
</div> </div>
<button type="submit" class="auth-submit"> <button type="submit" class="auth-submit">
<i class="fa fa-paper-plane"></i> Send Reset Link <i class="fa fa-paper-plane"></i> Send Reset Link
</button> </button>
</form>
{{ form_end(form) }}
<p class="auth-switch"> <p class="auth-switch">
Remembered it? Remembered it?
<a href="{{ path('MineSeekerBundle_login') }}">Sign in</a> <a href="{{ path('MineSeekerBundle_login') }}">Sign in</a>
</p> </p>
</div> </div>
{% endfor %} {% endfor %}
</div> </div>
{% endblock %} {% endblock %}
{% block javascripts %}
{{ parent() }}
<script src="https://www.google.com/recaptcha/api.js?render={{ recaptcha_site_key }}" async defer></script>
<script>
(function () {
const form = document.querySelector('.auth-form');
if (!form) return;
form.addEventListener('submit', function (e) {
e.preventDefault();
grecaptcha.ready(function () {
grecaptcha.execute('{{ recaptcha_site_key }}', {action: 'forgot_password'}).then(function (token) {
document.getElementById('{{ form.recaptcha.vars.id }}').value = token;
form.submit();
});
});
});
}());
</script>
{% endblock %}

19
templates/Security/login.html.twig
View File

@@ -68,6 +68,8 @@
<span>Remember me</span> <span>Remember me</span>
</label> </label>
<input type="hidden" id="g-recaptcha-response" name="g-recaptcha-response"/>
<button type="submit" class="auth-submit"> <button type="submit" class="auth-submit">
<i class="fa fa-sign-in"></i> Sign In <i class="fa fa-sign-in"></i> Sign In
</button> </button>
@@ -85,3 +87,20 @@
</div> </div>
{% endblock %} {% endblock %}
{% block javascripts %}
{{ parent() }}
<script src="https://www.google.com/recaptcha/api.js?render={{ recaptcha_site_key }}" async defer></script>
<script>
document.querySelector('.auth-form').addEventListener('submit', function (e) {
e.preventDefault();
const form = this;
grecaptcha.ready(function () {
grecaptcha.execute('{{ recaptcha_site_key }}', {action: 'login'}).then(function (token) {
document.getElementById('g-recaptcha-response').value = token;
form.submit();
});
});
});
</script>
{% endblock %}

204
templates/Security/profile.html.twig
View File

@@ -3,108 +3,106 @@
{% block title %} - Profile{% endblock %} {% block title %} - Profile{% endblock %}
{% block body %} {% block body %}
<div class="profile-page"> <div class="profile-page">
<div class="profile-header">
<div class="profile-header"> <div class="profile-avatar">
<div class="profile-avatar"> {{ app.user.username|slice(0, 2)|upper }}
{{ app.user.username|slice(0, 2)|upper }} </div>
</div> <div class="profile-info">
<div class="profile-info"> <h1 class="profile-name">{{ app.user.username }}</h1>
<h1 class="profile-name">{{ app.user.username }}</h1> {% if app.user.email %}
{% if app.user.email %} <p class="profile-email">
<p class="profile-email"> <i class="fa fa-envelope"></i>
<i class="fa fa-envelope"></i> {{ app.user.email }}
{{ app.user.email }} </p>
</p>
{% endif %}
<p class="profile-role">
<i class="fa fa-shield"></i> Registered commander
</p>
</div>
</div>
<div class="profile-stats">
<div class="profile-stat">
<i class="fa fa-gamepad profile-stat__icon"></i>
<span class="profile-stat__value">{{ stats.total }}</span>
<span class="profile-stat__label">Games played</span>
</div>
<div class="profile-stat profile-stat--win">
<i class="fa fa-trophy profile-stat__icon"></i>
<span class="profile-stat__value">{{ stats.wins }}</span>
<span class="profile-stat__label">Victories</span>
</div>
<div class="profile-stat profile-stat--loss">
<i class="fa fa-flag profile-stat__icon"></i>
<span class="profile-stat__value">{{ stats.losses }}</span>
<span class="profile-stat__label">Defeats</span>
</div>
<div class="profile-stat profile-stat--bomb">
<i class="fa fa-bomb profile-stat__icon"></i>
<span class="profile-stat__value">{{ stats.bombs }}</span>
<span class="profile-stat__label">Mines hit</span>
</div>
</div>
{% if recent|length > 0 %}
<div class="profile-section">
<h2 class="profile-section__title">
<i class="fa fa-history"></i> Recent battles
</h2>
<div class="profile-games">
{% for game in recent %}
{% set is_red = game.red and game.red.id == app.user.id %}
{% set my_points = is_red ? game.redPoints : game.bluePoints %}
{% set opp_points = is_red ? game.bluePoints : game.redPoints %}
{% set opp = is_red ? game.blue : game.red %}
{% set opp_anon = is_red ? game.blueAnon : game.redAnon %}
{% set result = 'draw' %}
{% if game.resign == (is_red ? 'red' : 'blue') %}
{% set result = 'loss' %}
{% elseif game.resign == (is_red ? 'blue' : 'red') %}
{% set result = 'win' %}
{% elseif my_points is not null and opp_points is not null %}
{% if my_points > opp_points %}
{% set result = 'win' %}
{% elseif my_points < opp_points %}
{% set result = 'loss' %}
{% endif %}
{% endif %}
<div class="profile-game profile-game--{{ result }}">
<span class="profile-game__badge">
{{ result == 'win' ? 'W' : (result == 'loss' ? 'L' : 'D') }}
</span>
<span class="profile-game__score">
{{ my_points ?? '—' }} : {{ opp_points ?? '—' }}
</span>
<span class="profile-game__vs">vs</span>
<span class="profile-game__opponent">
{% if opp %}
{{ opp.username }}
{% elseif opp_anon %}
{{ opp_anon.userName }}
{% else %}
Guest
{% endif %}
</span>
<span class="profile-game__color">
<i class="fa fa-circle" style="color: {{ is_red ? '#c0392b' : '#2980b9' }}"></i>
</span>
<span class="profile-game__date">
{{ game.updated ? game.updated|date('Y-m-d') : '' }}
</span>
</div>
{% endfor %}
</div>
</div>
{% else %}
<div class="profile-empty">
<i class="fa fa-inbox"></i>
<p>No games recorded yet. <a href="{{ path('MineSeekerBundle_gamePlay') }}">Start playing!</a></p>
</div>
{% endif %} {% endif %}
<p class="profile-role">
<i class="fa fa-shield"></i> Registered commander
</p>
</div>
</div> </div>
{% endblock %}
<div class="profile-stats">
<div class="profile-stat">
<i class="fa fa-gamepad profile-stat__icon"></i>
<span class="profile-stat__value">{{ stats.total }}</span>
<span class="profile-stat__label">Games played</span>
</div>
<div class="profile-stat profile-stat--win">
<i class="fa fa-trophy profile-stat__icon"></i>
<span class="profile-stat__value">{{ stats.wins }}</span>
<span class="profile-stat__label">Victories</span>
</div>
<div class="profile-stat profile-stat--loss">
<i class="fa fa-flag profile-stat__icon"></i>
<span class="profile-stat__value">{{ stats.losses }}</span>
<span class="profile-stat__label">Defeats</span>
</div>
<div class="profile-stat profile-stat--bomb">
<i class="fa fa-bomb profile-stat__icon"></i>
<span class="profile-stat__value">{{ stats.bombs }}</span>
<span class="profile-stat__label">Mines hit</span>
</div>
</div>
{% if recent|length > 0 %}
<div class="profile-section">
<h2 class="profile-section__title">
<i class="fa fa-history"></i> Recent battles
</h2>
<div class="profile-games">
{% for game in recent %}
{% set is_red = game.red and game.red.id == app.user.id %}
{% set my_points = is_red ? game.redPoints : game.bluePoints %}
{% set opp_points = is_red ? game.bluePoints : game.redPoints %}
{% set opp = is_red ? game.blue : game.red %}
{% set opp_anon = is_red ? game.blueAnon : game.redAnon %}
{% set result = 'draw' %}
{% if game.resign == (is_red ? 'red' : 'blue') %}
{% set result = 'loss' %}
{% elseif game.resign == (is_red ? 'blue' : 'red') %}
{% set result = 'win' %}
{% elseif my_points is not null and opp_points is not null %}
{% if my_points > opp_points %}
{% set result = 'win' %}
{% elseif my_points < opp_points %}
{% set result = 'loss' %}
{% endif %}
{% endif %}
<div class="profile-game profile-game--{{ result }}">
<span class="profile-game__badge">
{{ result == 'win' ? 'W' : (result == 'loss' ? 'L' : 'D') }}
</span>
<span class="profile-game__score">
{{ my_points ?? '—' }} : {{ opp_points ?? '—' }}
</span>
<span class="profile-game__vs">vs</span>
<span class="profile-game__opponent">
{% if opp %}
{{ opp.username }}
{% elseif opp_anon %}
{{ opp_anon.userName }}
{% else %}
Guest
{% endif %}
</span>
<span class="profile-game__color">
<i class="fa fa-circle" style="color: {{ is_red ? '#c0392b' : '#2980b9' }}"></i>
</span>
<span class="profile-game__date">
{{ game.updated ? game.updated|date('Y-m-d') : '' }}
</span>
</div>
{% endfor %}
</div>
</div>
{% else %}
<div class="profile-empty">
<i class="fa fa-inbox"></i>
<p>No games recorded yet. <a href="{{ path('MineSeekerBundle_gamePlay') }}">Start playing!</a></p>
</div>
{% endif %}
</div>
{% endblock %}

227
templates/Security/register.html.twig
View File

@@ -3,118 +3,133 @@
{% block title %} - Register{% endblock %} {% block title %} - Register{% endblock %}
{% block body %} {% block body %}
<div class="auth-page"> <div class="auth-page">
{% for email in app.flashes('verify_email') %}
<div class="auth-card auth-card--sent">
<div class="auth-sent-icon"><i class="fa fa-envelope-o"></i></div>
<h2 class="auth-title">Check your inbox</h2>
<p class="auth-sub">We sent an activation link to</p>
<p class="auth-sent-email">{{ email }}</p>
<p class="auth-sent-note">
Click the link in the email to activate your account.<br>
The link expires in <strong>24 hours</strong>.
</p>
<a
href="{{ path('MineSeekerBundle_login') }}"
class="auth-submit"
style="text-decoration:none; margin-top:16px;"
>
Go to Sign In
</a>
</div>
{% else %}
<div class="auth-card">
<h2 class="auth-title">Create Account</h2>
<p class="auth-sub">Join the battle — no subscription required</p>
{% for email in app.flashes('verify_email') %} {{ form_start(form, {attr: {class: 'auth-form'}}) }}
<div class="auth-card auth-card--sent">
<div class="auth-sent-icon"><i class="fa fa-envelope-o"></i></div>
<h2 class="auth-title">Check your inbox</h2>
<p class="auth-sub">We sent an activation link to</p>
<p class="auth-sent-email">{{ email }}</p>
<p class="auth-sent-note">
Click the link in the email to activate your account.<br>
The link expires in <strong>24 hours</strong>.
</p>
<a href="{{ path('MineSeekerBundle_login') }}" class="auth-submit" style="text-decoration:none; margin-top:16px;">
Go to Sign In
</a>
</div>
{% else %}
<div class="auth-card"> <div class="auth-field">
<h2 class="auth-title">Create Account</h2> <label for="{{ form.username.vars.id }}" class="auth-label">Username</label>
<p class="auth-sub">Join the battle — no subscription required</p> <div class="auth-input-wrap">
<i class="fa fa-user auth-input-icon"></i>
{{ form_widget(form.username, {
attr: {
class: 'auth-input' ~ (not form.username.vars.valid ? ' auth-input--error' : ''),
autocomplete: 'username',
autofocus: true,
minlength: '3',
}
}) }}
</div>
{% if not form.username.vars.valid %}
{% for error in form.username.vars.errors %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ error.message }}</p>
{% endfor %}
{% endif %}
</div>
<form class="auth-form" method="post" action="{{ path('MineSeekerBundle_register') }}"> <div class="auth-field">
<label for="{{ form.email.vars.id }}" class="auth-label">Email</label>
<div class="auth-input-wrap">
<i class="fa fa-envelope auth-input-icon"></i>
{{ form_widget(form.email, {
attr: {
class: 'auth-input' ~ (not form.email.vars.valid ? ' auth-input--error' : ''),
autocomplete: 'email',
}
}) }}
</div>
{% if not form.email.vars.valid %}
{% for error in form.email.vars.errors %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ error.message }}</p>
{% endfor %}
{% endif %}
</div>
<div class="auth-field"> <div class="auth-field">
<label for="username" class="auth-label">Username</label> <label for="{{ form.plainPassword.first.vars.id }}" class="auth-label">Password</label>
<div class="auth-input-wrap"> <div class="auth-input-wrap">
<i class="fa fa-user auth-input-icon"></i> <i class="fa fa-lock auth-input-icon"></i>
<input {{ form_widget(form.plainPassword.first, {
type="text" attr: {
id="username" class: 'auth-input' ~ (not form.plainPassword.vars.valid ? ' auth-input--error' : ''),
name="_username" autocomplete: 'new-password',
class="auth-input{% if errors.username is defined %} auth-input--error{% endif %}" minlength: '6',
value="{{ last_username }}" }
autocomplete="username" }) }}
autofocus </div>
required {% if not form.plainPassword.vars.valid %}
minlength="3" {% for error in form.plainPassword.vars.errors %}
/> <p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ error.message }}</p>
</div> {% endfor %}
{% if errors.username is defined %} {% endif %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ errors.username }}</p> </div>
{% endif %}
</div>
<div class="auth-field"> <div class="auth-field">
<label for="email" class="auth-label">Email</label> <label for="{{ form.plainPassword.second.vars.id }}" class="auth-label">Confirm Password</label>
<div class="auth-input-wrap"> <div class="auth-input-wrap">
<i class="fa fa-envelope auth-input-icon"></i> <i class="fa fa-lock auth-input-icon"></i>
<input {{ form_widget(form.plainPassword.second, {
type="email" attr: {
id="email" class: 'auth-input' ~ (not form.plainPassword.vars.valid ? ' auth-input--error' : ''),
name="_email" autocomplete: 'new-password',
class="auth-input{% if errors.email is defined %} auth-input--error{% endif %}" }
value="{{ last_email }}" }) }}
autocomplete="email" </div>
required </div>
/>
</div>
{% if errors.email is defined %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ errors.email }}</p>
{% endif %}
</div>
<div class="auth-field"> <button type="submit" class="auth-submit">
<label for="password" class="auth-label">Password</label> <i class="fa fa-user-plus"></i> Create Account
<div class="auth-input-wrap"> </button>
<i class="fa fa-lock auth-input-icon"></i>
<input
type="password"
id="password"
name="_password"
class="auth-input{% if errors.password is defined %} auth-input--error{% endif %}"
autocomplete="new-password"
required
minlength="6"
/>
</div>
{% if errors.password is defined %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ errors.password }}</p>
{% endif %}
</div>
<div class="auth-field"> {{ form_end(form) }}
<label for="password_confirm" class="auth-label">Confirm Password</label>
<div class="auth-input-wrap">
<i class="fa fa-lock auth-input-icon"></i>
<input
type="password"
id="password_confirm"
name="_password_confirm"
class="auth-input{% if errors.password_confirm is defined %} auth-input--error{% endif %}"
autocomplete="new-password"
required
/>
</div>
{% if errors.password_confirm is defined %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ errors.password_confirm }}</p>
{% endif %}
</div>
<button type="submit" class="auth-submit"> <p class="auth-switch">
<i class="fa fa-user-plus"></i> Create Account Already have an account?
</button> <a href="{{ path('MineSeekerBundle_login') }}">Sign in</a>
</form> </p>
</div>
{% endfor %}
</div>
{% endblock %}
<p class="auth-switch"> {% block javascripts %}
Already have an account? {{ parent() }}
<a href="{{ path('MineSeekerBundle_login') }}">Sign in</a> <script src="https://www.google.com/recaptcha/api.js?render={{ recaptcha_site_key }}" async defer></script>
</p> <script>
</div> (function () {
const form = document.querySelector('.auth-form');
{% endfor %} if (!form) return;
</div> form.addEventListener('submit', function (e) {
{% endblock %} e.preventDefault();
grecaptcha.ready(function () {
grecaptcha.execute('{{ recaptcha_site_key }}', {action: 'register'}).then(function (token) {
document.getElementById('{{ form.recaptcha.vars.id }}').value = token;
form.submit();
});
});
});
}());
</script>
{% endblock %}

93
templates/Security/reset_password.html.twig
View File

@@ -8,50 +8,65 @@
<h2 class="auth-title">Reset Password</h2> <h2 class="auth-title">Reset Password</h2>
<p class="auth-sub">Choose a new password for your account</p> <p class="auth-sub">Choose a new password for your account</p>
<form class="auth-form" method="post"> {{ form_start(form, {attr: {class: 'auth-form'}}) }}
<div class="auth-field"> <div class="auth-field">
<label for="password" class="auth-label">New Password</label> <label for="{{ form.plainPassword.first.vars.id }}" class="auth-label">New Password</label>
<div class="auth-input-wrap"> <div class="auth-input-wrap">
<i class="fa fa-lock auth-input-icon"></i> <i class="fa fa-lock auth-input-icon"></i>
<input {{ form_widget(form.plainPassword.first, {
type="password" attr: {
id="password" class: 'auth-input' ~ (not form.plainPassword.vars.valid ? ' auth-input--error' : ''),
name="_password" autocomplete: 'new-password',
class="auth-input{% if errors.password is defined %} auth-input--error{% endif %}" autofocus: true,
autocomplete="new-password" minlength: '6',
autofocus }
required }) }}
minlength="6"
/>
</div>
{% if errors.password is defined %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ errors.password }}</p>
{% endif %}
</div> </div>
{% if not form.plainPassword.vars.valid %}
{% for error in form.plainPassword.vars.errors %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ error.message }}</p>
{% endfor %}
{% endif %}
</div>
<div class="auth-field"> <div class="auth-field">
<label for="password_confirm" class="auth-label">Confirm New Password</label> <label for="{{ form.plainPassword.second.vars.id }}" class="auth-label">Confirm New Password</label>
<div class="auth-input-wrap"> <div class="auth-input-wrap">
<i class="fa fa-lock auth-input-icon"></i> <i class="fa fa-lock auth-input-icon"></i>
<input {{ form_widget(form.plainPassword.second, {
type="password" attr: {
id="password_confirm" class: 'auth-input' ~ (not form.plainPassword.vars.valid ? ' auth-input--error' : ''),
name="_password_confirm" autocomplete: 'new-password',
class="auth-input{% if errors.password_confirm is defined %} auth-input--error{% endif %}" }
autocomplete="new-password" }) }}
required
/>
</div>
{% if errors.password_confirm is defined %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ errors.password_confirm }}</p>
{% endif %}
</div> </div>
</div>
<button type="submit" class="auth-submit"> <button type="submit" class="auth-submit">
<i class="fa fa-key"></i> Set New Password <i class="fa fa-key"></i> Set New Password
</button> </button>
</form>
{{ form_end(form) }}
</div> </div>
</div> </div>
{% endblock %} {% endblock %}
{% block javascripts %}
{{ parent() }}
<script src="https://www.google.com/recaptcha/api.js?render={{ recaptcha_site_key }}" async defer></script>
<script>
(function () {
document.querySelector('.auth-form').addEventListener('submit', function (e) {
e.preventDefault();
const form = this;
grecaptcha.ready(function () {
grecaptcha.execute('{{ recaptcha_site_key }}', {action: 'reset_password'}).then(function (token) {
document.getElementById('{{ form.recaptcha.vars.id }}').value = token;
form.submit();
});
});
});
}());
</script>
{% endblock %}