SplendidBear-Websites/MineSeeker
Private
Public Access
1
0
Fork 0
Code Pull Requests 1 Releases Activity

chg: dev: refactor all forms to have Symfony Form Types & Validation Constrainsts - & implement Google ReCapthca v3 #4

Browse Source
This commit is contained in:
László Lang
2026-04-12 08:49:47 +02:00
parent e2b227ed7a
commit acbe9c7f63
21 changed files with 1253 additions and 351 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
composer.json
View File

@@ -12,6 +12,7 @@
"pentatrion/vite-bundle": "^8.2",
"symfony/console": "7.4.*",
"symfony/flex": "^2.10.0",
"symfony/form": "7.4.*",
"symfony/framework-bundle": "7.4.*",
"symfony/http-client": "7.4.*",
"symfony/mailer": "7.4.*",
@@ -21,6 +22,7 @@
"symfony/security-bundle": "7.4.*",
"symfony/translation": "7.4.*",
"symfony/twig-bundle": "7.4.*",
"symfony/validator": "7.4.*",
"symfony/yaml": "7.4.*"
},
"require-dev": {

370
composer.lock generated
View File

@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "a6a374918b3c989ed745ed4f0afd8b09",
"content-hash": "42a3734dddfef28ddaa1352541b4d23f",
"packages": [
{
"name": "doctrine/cache",
@@ -3162,6 +3162,109 @@
],
"time": "2025-11-16T09:38:19+00:00"
},
{
"name": "symfony/form",
"version": "v7.4.8",
"source": {
"type": "git",
"url": "https://github.com/symfony/form.git",
"reference": "fbb79fc4de32f091ec697276824331f5de3a87b4"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/form/zipball/fbb79fc4de32f091ec697276824331f5de3a87b4",
"reference": "fbb79fc4de32f091ec697276824331f5de3a87b4",
"shasum": ""
},
"require": {
"php": ">=8.2",
"symfony/deprecation-contracts": "^2.5|^3",
"symfony/event-dispatcher": "^6.4|^7.0|^8.0",
"symfony/options-resolver": "^7.3|^8.0",
"symfony/polyfill-ctype": "~1.8",
"symfony/polyfill-intl-icu": "^1.21",
"symfony/polyfill-mbstring": "~1.0",
"symfony/property-access": "^6.4|^7.0|^8.0",
"symfony/service-contracts": "^2.5|^3"
},
"conflict": {
"symfony/console": "<6.4",
"symfony/dependency-injection": "<6.4",
"symfony/doctrine-bridge": "<6.4",
"symfony/error-handler": "<6.4",
"symfony/framework-bundle": "<6.4",
"symfony/http-kernel": "<6.4",
"symfony/intl": "<7.4",
"symfony/translation": "<6.4.3|>=7.0,<7.0.3",
"symfony/translation-contracts": "<2.5",
"symfony/twig-bridge": "<6.4"
},
"require-dev": {
"doctrine/collections": "^1.0|^2.0",
"symfony/clock": "^6.4|^7.0|^8.0",
"symfony/config": "^6.4|^7.0|^8.0",
"symfony/console": "^6.4|^7.0|^8.0",
"symfony/dependency-injection": "^6.4|^7.0|^8.0",
"symfony/expression-language": "^6.4|^7.0|^8.0",
"symfony/html-sanitizer": "^6.4|^7.0|^8.0",
"symfony/http-foundation": "^6.4|^7.0|^8.0",
"symfony/http-kernel": "^6.4|^7.0|^8.0",
"symfony/intl": "^7.4|^8.0",
"symfony/security-core": "^6.4|^7.0|^8.0",
"symfony/security-csrf": "^6.4|^7.0|^8.0",
"symfony/translation": "^6.4.3|^7.0.3|^8.0",
"symfony/uid": "^6.4|^7.0|^8.0",
"symfony/validator": "^6.4.12|^7.1.5|^8.0",
"symfony/var-dumper": "^6.4|^7.0|^8.0"
},
"type": "library",
"autoload": {
"psr-4": {
"Symfony\\Component\\Form\\": ""
},
"exclude-from-classmap": [
"/Tests/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Fabien Potencier",
"email": "fabien@symfony.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Allows to easily create, process and reuse HTML forms",
"homepage": "https://symfony.com",
"support": {
"source": "https://github.com/symfony/form/tree/v7.4.8"
},
"funding": [
{
"url": "https://symfony.com/sponsor",
"type": "custom"
},
{
"url": "https://github.com/fabpot",
"type": "github"
},
{
"url": "https://github.com/nicolas-grekas",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
"type": "tidelift"
}
],
"time": "2026-03-24T13:12:05+00:00"
},
{
"name": "symfony/framework-bundle",
"version": "v7.4.8",
@@ -4203,6 +4306,77 @@
],
"time": "2026-04-02T18:23:01+00:00"
},
{
"name": "symfony/options-resolver",
"version": "v7.4.8",
"source": {
"type": "git",
"url": "https://github.com/symfony/options-resolver.git",
"reference": "2888fcdc4dc2fd5f7c7397be78631e8af12e02b4"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/options-resolver/zipball/2888fcdc4dc2fd5f7c7397be78631e8af12e02b4",
"reference": "2888fcdc4dc2fd5f7c7397be78631e8af12e02b4",
"shasum": ""
},
"require": {
"php": ">=8.2",
"symfony/deprecation-contracts": "^2.5|^3"
},
"type": "library",
"autoload": {
"psr-4": {
"Symfony\\Component\\OptionsResolver\\": ""
},
"exclude-from-classmap": [
"/Tests/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Fabien Potencier",
"email": "fabien@symfony.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Provides an improved replacement for the array_replace PHP function",
"homepage": "https://symfony.com",
"keywords": [
"config",
"configuration",
"options"
],
"support": {
"source": "https://github.com/symfony/options-resolver/tree/v7.4.8"
},
"funding": [
{
"url": "https://symfony.com/sponsor",
"type": "custom"
},
{
"url": "https://github.com/fabpot",
"type": "github"
},
{
"url": "https://github.com/nicolas-grekas",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
"type": "tidelift"
}
],
"time": "2026-03-24T13:12:05+00:00"
},
{
"name": "symfony/password-hasher",
"version": "v7.4.8",
@@ -4361,6 +4535,94 @@
],
"time": "2026-04-10T16:19:22+00:00"
},
{
"name": "symfony/polyfill-intl-icu",
"version": "v1.34.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/polyfill-intl-icu.git",
"reference": "3510b63d07376b04e57e27e82607d468bb134f78"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/polyfill-intl-icu/zipball/3510b63d07376b04e57e27e82607d468bb134f78",
"reference": "3510b63d07376b04e57e27e82607d468bb134f78",
"shasum": ""
},
"require": {
"php": ">=7.2"
},
"suggest": {
"ext-intl": "For best performance and support of other locales than \"en\""
},
"type": "library",
"extra": {
"thanks": {
"url": "https://github.com/symfony/polyfill",
"name": "symfony/polyfill"
}
},
"autoload": {
"files": [
"bootstrap.php"
],
"psr-4": {
"Symfony\\Polyfill\\Intl\\Icu\\": ""
},
"classmap": [
"Resources/stubs"
],
"exclude-from-classmap": [
"/Tests/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Nicolas Grekas",
"email": "p@tchwork.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Symfony polyfill for intl's ICU-related data and classes",
"homepage": "https://symfony.com",
"keywords": [
"compatibility",
"icu",
"intl",
"polyfill",
"portable",
"shim"
],
"support": {
"source": "https://github.com/symfony/polyfill-intl-icu/tree/v1.34.0"
},
"funding": [
{
"url": "https://symfony.com/sponsor",
"type": "custom"
},
{
"url": "https://github.com/fabpot",
"type": "github"
},
{
"url": "https://github.com/nicolas-grekas",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
"type": "tidelift"
}
],
"time": "2026-04-10T16:50:15+00:00"
},
{
"name": "symfony/polyfill-intl-idn",
"version": "v1.34.0",
@@ -6281,6 +6543,110 @@
],
"time": "2026-03-24T13:12:05+00:00"
},
{
"name": "symfony/validator",
"version": "v7.4.8",
"source": {
"type": "git",
"url": "https://github.com/symfony/validator.git",
"reference": "8f73cbddae916756f319b3e195088da216f0f12f"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/validator/zipball/8f73cbddae916756f319b3e195088da216f0f12f",
"reference": "8f73cbddae916756f319b3e195088da216f0f12f",
"shasum": ""
},
"require": {
"php": ">=8.2",
"symfony/deprecation-contracts": "^2.5|^3",
"symfony/polyfill-ctype": "~1.8",
"symfony/polyfill-mbstring": "~1.0",
"symfony/polyfill-php83": "^1.27",
"symfony/translation-contracts": "^2.5|^3"
},
"conflict": {
"doctrine/lexer": "<1.1",
"symfony/dependency-injection": "<6.4",
"symfony/doctrine-bridge": "<7.0",
"symfony/expression-language": "<6.4",
"symfony/http-kernel": "<6.4",
"symfony/intl": "<6.4",
"symfony/property-info": "<6.4",
"symfony/translation": "<6.4.3|>=7.0,<7.0.3",
"symfony/var-exporter": "<6.4.25|>=7.0,<7.3.3",
"symfony/yaml": "<6.4"
},
"require-dev": {
"egulias/email-validator": "^2.1.10|^3|^4",
"symfony/cache": "^6.4|^7.0|^8.0",
"symfony/config": "^6.4|^7.0|^8.0",
"symfony/console": "^6.4|^7.0|^8.0",
"symfony/dependency-injection": "^6.4|^7.0|^8.0",
"symfony/expression-language": "^6.4|^7.0|^8.0",
"symfony/finder": "^6.4|^7.0|^8.0",
"symfony/http-client": "^6.4|^7.0|^8.0",
"symfony/http-foundation": "^6.4|^7.0|^8.0",
"symfony/http-kernel": "^6.4|^7.0|^8.0",
"symfony/intl": "^6.4|^7.0|^8.0",
"symfony/mime": "^6.4|^7.0|^8.0",
"symfony/process": "^6.4|^7.0|^8.0",
"symfony/property-access": "^6.4|^7.0|^8.0",
"symfony/property-info": "^6.4|^7.0|^8.0",
"symfony/string": "^6.4|^7.0|^8.0",
"symfony/translation": "^6.4.3|^7.0.3|^8.0",
"symfony/type-info": "^7.1.8",
"symfony/yaml": "^6.4|^7.0|^8.0"
},
"type": "library",
"autoload": {
"psr-4": {
"Symfony\\Component\\Validator\\": ""
},
"exclude-from-classmap": [
"/Tests/",
"/Resources/bin/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Fabien Potencier",
"email": "fabien@symfony.com"
},
{
"name": "Symfony Community",
"homepage": "https://symfony.com/contributors"
}
],
"description": "Provides tools to validate values",
"homepage": "https://symfony.com",
"support": {
"source": "https://github.com/symfony/validator/tree/v7.4.8"
},
"funding": [
{
"url": "https://symfony.com/sponsor",
"type": "custom"
},
{
"url": "https://github.com/fabpot",
"type": "github"
},
{
"url": "https://github.com/nicolas-grekas",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
"type": "tidelift"
}
],
"time": "2026-03-30T12:55:43+00:00"
},
{
"name": "symfony/var-dumper",
"version": "v7.4.8",
@@ -8207,7 +8573,7 @@
"prefer-stable": false,
"prefer-lowest": false,
"platform": {
"php": ">=8.2",
"php": ">=8.5",
"ext-iconv": "*",
"ext-json": "*"
},

11
config/packages/csrf.yaml Normal file
View File

@@ -0,0 +1,11 @@
# Enable stateless CSRF protection for forms and logins/logouts
framework:
form:
csrf_protection:
token_id: submit
csrf_protection:
stateless_token_ids:
- submit
- authenticate
- logout

1
config/packages/twig.yaml
View File

@@ -4,3 +4,4 @@ twig:
strict_variables: '%kernel.debug%'
globals:
version: "%jotunheimr.version%"
recaptcha_site_key: "%env(RECAPTCHA_SITE_KEY)%"

11
config/packages/validator.yaml Normal file
View File

@@ -0,0 +1,11 @@
framework:
validation:
# Enables validator auto-mapping support.
# For instance, basic validation constraints will be inferred from Doctrine's metadata.
#auto_mapping:
# App\Entity\: []
when@test:
framework:
validation:
not_compromised_password: false

84
src/Controller/SecurityController.php
View File

@@ -11,6 +11,9 @@
namespace App\Controller;
use App\Entity\User;
use App\Form\ForgotPasswordFormType;
use App\Form\RegistrationFormType;
use App\Form\ResetPasswordFormType;
use App\Repository\UserRepository;
use DateTime;
use Doctrine\ORM\EntityManagerInterface;
@@ -68,42 +71,17 @@ class SecurityController extends AbstractController
return $this->redirectToRoute('MineSeekerBundle_homepage');
}
$errors = [];
$user = new User();
$form = $this->createForm(RegistrationFormType::class, $user);
$form->handleRequest($request);
if ($request->isMethod('POST')) {
$username = trim((string) $request->request->get('_username', ''));
$email = trim((string) $request->request->get('_email', ''));
$password = (string) $request->request->get('_password', '');
$passwordConfirm = (string) $request->request->get('_password_confirm', '');
if (mb_strlen($username) < 3) {
$errors['username'] = 'Username must be at least 3 characters.';
} elseif ($em->getRepository(User::class)->findOneBy(['username' => $username])) {
$errors['username'] = 'This username is already taken.';
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors['email'] = 'Please enter a valid email address.';
} elseif ($em->getRepository(User::class)->findOneBy(['email' => $email])) {
$errors['email'] = 'This email address is already registered.';
}
if (mb_strlen($password) < 6) {
$errors['password'] = 'Password must be at least 6 characters.';
} elseif ($password !== $passwordConfirm) {
$errors['password_confirm'] = 'Passwords do not match.';
}
if (empty($errors)) {
if ($form->isSubmitted() && $form->isValid()) {
$token = bin2hex(random_bytes(32));
$user = new User()
->setUsername($username)
->setEmail($email)
$user
->setIsVerified(false)
->setVerificationToken($token);
$user->setPassword($hasher->hashPassword($user, $password));
->setVerificationToken($token)
->setPassword($hasher->hashPassword($user, $form->get('plainPassword')->getData()));
$em->persist($user);
$em->flush();
@@ -117,26 +95,21 @@ class SecurityController extends AbstractController
$mailer->send(
new TemplatedEmail()
->from('noreply@mineseeker.ninja')
->to($email)
->to($user->getEmail())
->subject('Activate your MineSeeker account')
->htmlTemplate('emails/activation.html.twig')
->context([
'username' => $username,
'username' => $user->getUsername(),
'activation_url' => $activationUrl,
])
);
$this->addFlash('verify_email', $email);
$this->addFlash('verify_email', $user->getEmail());
return $this->redirectToRoute('MineSeekerBundle_register');
}
}
return $this->render('Security/register.html.twig', [
'errors' => $errors,
'last_username' => $request->request->get('_username', ''),
'last_email' => $request->request->get('_email', ''),
]);
return $this->render('Security/register.html.twig', ['form' => $form]);
}
#[Route('/forgot-password', name: 'MineSeekerBundle_forgot_password')]
@@ -150,8 +123,11 @@ class SecurityController extends AbstractController
return $this->redirectToRoute('MineSeekerBundle_homepage');
}
if ($request->isMethod('POST')) {
$email = trim((string) $request->request->get('_email', ''));
$form = $this->createForm(ForgotPasswordFormType::class);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$email = $form->get('email')->getData();
$user = $userRepository->findOneByEmail($email);
if ($user && $user->isVerified()) {
@@ -186,7 +162,7 @@ class SecurityController extends AbstractController
return $this->redirectToRoute('MineSeekerBundle_forgot_password');
}
return $this->render('Security/forgot_password.html.twig');
return $this->render('Security/forgot_password.html.twig', ['form' => $form]);
}
#[Route('/reset-password/{token}', name: 'MineSeekerBundle_reset_password')]
@@ -204,21 +180,12 @@ class SecurityController extends AbstractController
return $this->redirectToRoute('MineSeekerBundle_forgot_password');
}
$errors = [];
$form = $this->createForm(ResetPasswordFormType::class);
$form->handleRequest($request);
if ($request->isMethod('POST')) {
$password = (string) $request->request->get('_password', '');
$passwordConfirm = (string) $request->request->get('_password_confirm', '');
if (mb_strlen($password) < 6) {
$errors['password'] = 'Password must be at least 6 characters.';
} elseif ($password !== $passwordConfirm) {
$errors['password_confirm'] = 'Passwords do not match.';
}
if (empty($errors)) {
if ($form->isSubmitted() && $form->isValid()) {
$user
->setPassword($hasher->hashPassword($user, $password))
->setPassword($hasher->hashPassword($user, $form->get('plainPassword')->getData()))
->setResetToken(null)
->setResetTokenExpiresAt(null);
$em->flush();
@@ -227,9 +194,8 @@ class SecurityController extends AbstractController
return $this->redirectToRoute('MineSeekerBundle_login');
}
}
return $this->render('Security/reset_password.html.twig', ['errors' => $errors]);
return $this->render('Security/reset_password.html.twig', ['form' => $form]);
}
#[Route('/activate/{token}', name: 'MineSeekerBundle_activate')]

4
src/Entity/User.php
View File

@@ -18,9 +18,9 @@ use Doctrine\ORM\Mapping\Entity;
use Doctrine\ORM\Mapping\GeneratedValue;
use Doctrine\ORM\Mapping\Id;
use Doctrine\ORM\Mapping\Table;
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Validator\Constraints as Assert;
/**
* Class User
@@ -34,6 +34,8 @@ use Symfony\Component\Validator\Constraints as Assert;
*/
#[Table(name: 'app_user')]
#[Entity(repositoryClass: UserRepository::class)]
#[UniqueEntity(fields: ['username'], message: 'This username is already taken.')]
#[UniqueEntity(fields: ['email'], message: 'This email address is already registered.')]
class User implements UserInterface, PasswordAuthenticatedUserInterface
{
#[Id, GeneratedValue, Column]

56
src/EventListener/LoginCaptchaListener.php Normal file
View File

@@ -0,0 +1,56 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\EventListener;
use App\Service\RecaptchaService;
use Symfony\Component\EventDispatcher\Attribute\AsEventListener;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
use Symfony\Component\Security\Http\Event\CheckPassportEvent;
/**
* Class LoginCaptchaListener
*
* Validates the Google reCAPTCHA v3 token during form-login authentication.
* Fires on CheckPassportEvent, which is dispatched after credentials are
* collected but before the user is authenticated.
*
* @package App\EventListener
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
#[AsEventListener(event: CheckPassportEvent::class)]
readonly class LoginCaptchaListener
{
public function __construct(
private RecaptchaService $recaptcha,
private RequestStack $requestStack,
) {}
public function __invoke(CheckPassportEvent $event): void
{
$request = $this->requestStack->getCurrentRequest();
if ($request === null || !$request->isMethod('POST')) {
return;
}
$token = $request->request->getString('g-recaptcha-response');
$remoteIp = (string) $request->getClientIp();
if (!$this->recaptcha->verify($token, $remoteIp)) {
throw new CustomUserMessageAuthenticationException('CAPTCHA verification failed. Please try again.');
}
}
}

48
src/Form/ForgotPasswordFormType.php Normal file
View File

@@ -0,0 +1,48 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\Form;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Extension\Core\Type\EmailType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolver;
use Symfony\Component\Validator\Constraints\Email;
use Symfony\Component\Validator\Constraints\NotBlank;
/**
* Class ForgotPasswordFormType
*
* @package App\Form
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
class ForgotPasswordFormType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options): void
{
$builder
->add('email', EmailType::class, [
'constraints' => [
new NotBlank(message: 'Please enter an email address.'),
new Email(message: 'Please enter a valid email address.'),
],
])
->add('recaptcha', RecaptchaType::class);
}
public function configureOptions(OptionsResolver $resolver): void
{
$resolver->setDefaults([]);
}
}

61
src/Form/RecaptchaType.php Normal file
View File

@@ -0,0 +1,61 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\Form;
use App\Validator\Recaptcha;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Event\PreSubmitEvent;
use Symfony\Component\Form\Extension\Core\Type\HiddenType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\Form\FormEvents;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\OptionsResolver\OptionsResolver;
/**
* Class RecaptchaType
*
* Reads the Google reCAPTCHA v3 token from the raw POST field
* `g-recaptcha-response` (populated by JS before form submit) and injects
* it as this field's value before validation runs.
*
* @package App\Form
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
class RecaptchaType extends AbstractType
{
public function __construct(private readonly RequestStack $requestStack) {}
public function buildForm(FormBuilderInterface $builder, array $options): void
{
$builder->addEventListener(FormEvents::PRE_SUBMIT, function (PreSubmitEvent $event): void {
$request = $this->requestStack->getCurrentRequest();
$token = $request?->request->getString('g-recaptcha-response') ?? '';
$event->setData($token);
});
}
public function configureOptions(OptionsResolver $resolver): void
{
$resolver->setDefaults([
'mapped' => false,
'constraints' => [new Recaptcha()],
]);
}
public function getParent(): string
{
return HiddenType::class;
}
}

80
src/Form/RegistrationFormType.php Normal file
View File

@@ -0,0 +1,80 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\Form;
use App\Entity\User;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Extension\Core\Type\EmailType;
use Symfony\Component\Form\Extension\Core\Type\PasswordType;
use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
use Symfony\Component\Form\Extension\Core\Type\TextType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolver;
use Symfony\Component\Validator\Constraints\Email;
use Symfony\Component\Validator\Constraints\Length;
use Symfony\Component\Validator\Constraints\NotBlank;
/**
* Class RegistrationFormType
*
* @package App\Form
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
class RegistrationFormType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options): void
{
$builder
->add('username', TextType::class, [
'constraints' => [
new NotBlank(message: 'Please enter a username.'),
new Length(
min: 3,
max: 180,
minMessage: 'Username must be at least {{ limit }} characters.',
maxMessage: 'Username cannot be longer than {{ limit }} characters.',
),
],
])
->add('email', EmailType::class, [
'constraints' => [
new NotBlank(message: 'Please enter an email address.'),
new Email(message: 'Please enter a valid email address.'),
],
])
->add('plainPassword', RepeatedType::class, [
'type' => PasswordType::class,
'mapped' => false,
'invalid_message' => 'Passwords do not match.',
'first_options' => ['label' => 'Password'],
'second_options' => ['label' => 'Confirm Password'],
'constraints' => [
new NotBlank(message: 'Please enter a password.'),
new Length(
min: 6,
minMessage: 'Password must be at least {{ limit }} characters.',
),
],
])
->add('recaptcha', RecaptchaType::class);
}
public function configureOptions(OptionsResolver $resolver): void
{
$resolver->setDefaults([
'data_class' => User::class,
]);
}
}

56
src/Form/ResetPasswordFormType.php Normal file
View File

@@ -0,0 +1,56 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\Form;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Extension\Core\Type\PasswordType;
use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolver;
use Symfony\Component\Validator\Constraints\Length;
use Symfony\Component\Validator\Constraints\NotBlank;
/**
* Class ResetPasswordFormType
*
* @package App\Form
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
class ResetPasswordFormType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options): void
{
$builder
->add('recaptcha', RecaptchaType::class)
->add('plainPassword', RepeatedType::class, [
'type' => PasswordType::class,
'invalid_message' => 'Passwords do not match.',
'first_options' => ['label' => 'New Password'],
'second_options' => ['label' => 'Confirm New Password'],
'constraints' => [
new NotBlank(message: 'Please enter a password.'),
new Length(
min: 6,
minMessage: 'Password must be at least {{ limit }} characters.',
),
],
]);
}
public function configureOptions(OptionsResolver $resolver): void
{
$resolver->setDefaults([]);
}
}

69
src/Service/RecaptchaService.php Normal file
View File

@@ -0,0 +1,69 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\Service;
use Psr\Log\LoggerInterface;
use Symfony\Component\DependencyInjection\Attribute\Autowire;
use Symfony\Contracts\HttpClient\HttpClientInterface;
/**
* Class RecaptchaService
*
* @package App\Service
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
readonly class RecaptchaService
{
private const string SITEVERIFY_URL = 'https://www.google.com/recaptcha/api/siteverify';
/**
* Minimum score to accept a request (0.0 = bot, 1.0 = human).
* 0.5 is Google's recommended default threshold.
*/
private const float SCORE_THRESHOLD = 0.5;
public function __construct(
private HttpClientInterface $httpClient,
private LoggerInterface $logger,
#[Autowire(env: 'RECAPTCHA_SECRET_KEY')]
private string $secretKey,
) {}
public function verify(string $token, string $remoteIp = ''): bool
{
if ($token === '') {
return false;
}
try {
$body = ['secret' => $this->secretKey, 'response' => $token];
if ($remoteIp !== '') {
$body['remoteip'] = $remoteIp;
}
$data = $this->httpClient
->request('POST', self::SITEVERIFY_URL, ['body' => $body])
->toArray();
return ($data['success'] ?? false) === true
&& ($data['score'] ?? 0.0) >= self::SCORE_THRESHOLD;
} catch (\Throwable $e) {
$this->logger->error('reCAPTCHA verification failed: ' . $e->getMessage());
return false;
}
}
}

30
src/Validator/Recaptcha.php Normal file
View File

@@ -0,0 +1,30 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\Validator;
use Attribute;
use Symfony\Component\Validator\Constraint;
/**
* Class Recaptcha
*
* @package App\Validator
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
#[Attribute(Attribute::TARGET_PROPERTY | Attribute::TARGET_METHOD | Attribute::IS_REPEATABLE)]
class Recaptcha extends Constraint
{
public string $message = 'CAPTCHA verification failed. Please try again.';
}

51
src/Validator/RecaptchaValidator.php Normal file
View File

@@ -0,0 +1,51 @@
<?php declare(strict_types=1);
/*
* This file is part of the SplendidBear Websites' projects.
*
* Copyright (c) 2026 @ www.splendidbear.org
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\Validator;
use App\Service\RecaptchaService;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\Validator\Constraint;
use Symfony\Component\Validator\ConstraintValidator;
use Symfony\Component\Validator\Exception\UnexpectedTypeException;
/**
* Class RecaptchaValidator
*
* @package App\Validator
* @author Lang <https://www.splendidbear.org>
* @category Class
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
* @link www.splendidbear.org
* @since 2026. 04. 12.
*/
class RecaptchaValidator extends ConstraintValidator
{
public function __construct(
private readonly RecaptchaService $recaptcha,
private readonly RequestStack $requestStack,
) {}
public function validate(mixed $value, Constraint $constraint): void
{
if (!$constraint instanceof Recaptcha) {
throw new UnexpectedTypeException($constraint, Recaptcha::class);
}
$request = $this->requestStack->getCurrentRequest();
$remoteIp = $request !== null ? ((string) $request->getClientIp()) : '';
if ($this->recaptcha->verify((string) $value, $remoteIp)) {
return;
}
$this->context->buildViolation($constraint->message)->addViolation();
}
}

24
symfony.lock
View File

@@ -197,6 +197,18 @@
"ref": "cc1afd81841db36fbef982fe56b48ade6716fac4"
}
},
"symfony/form": {
"version": "7.4",
"recipe": {
"repo": "github.com/symfony/recipes",
"branch": "main",
"version": "7.2",
"ref": "7d86a6723f4a623f59e2bf966b6aad2fc461d36b"
},
"files": [
"config/packages/csrf.yaml"
]
},
"symfony/framework-bundle": {
"version": "3.3",
"recipe": {
@@ -369,6 +381,18 @@
"ref": "f75ac166398e107796ca94cc57fa1edaa06ec47f"
}
},
"symfony/validator": {
"version": "7.4",
"recipe": {
"repo": "github.com/symfony/recipes",
"branch": "main",
"version": "7.0",
"ref": "8c1c4e28d26a124b0bb273f537ca8ce443472bfd"
},
"files": [
"config/packages/validator.yaml"
]
},
"symfony/var-dumper": {
"version": "v4.0.9"
},

51
templates/Security/forgot_password.html.twig
View File

@@ -4,7 +4,6 @@
{% block body %}
<div class="auth-page">
{% for email in app.flashes('reset_sent') %}
<div class="auth-card auth-card--sent">
<div class="auth-sent-icon"><i class="fa fa-envelope-o"></i></div>
@@ -21,40 +20,62 @@
</a>
</div>
{% else %}
<div class="auth-card">
<h2 class="auth-title">Forgot Password</h2>
<p class="auth-sub">Enter your email and we'll send you a reset link</p>
<form class="auth-form" method="post" action="{{ path('MineSeekerBundle_forgot_password') }}">
{{ form_start(form, {attr: {class: 'auth-form'}}) }}
<div class="auth-field">
<label for="email" class="auth-label">Email</label>
<label for="{{ form.email.vars.id }}" class="auth-label">Email</label>
<div class="auth-input-wrap">
<i class="fa fa-envelope auth-input-icon"></i>
<input
type="email"
id="email"
name="_email"
class="auth-input"
autocomplete="email"
autofocus
required
/>
{{ form_widget(form.email, {
attr: {
class: 'auth-input' ~ (not form.email.vars.valid ? ' auth-input--error' : ''),
autocomplete: 'email',
autofocus: true,
}
}) }}
</div>
{% if not form.email.vars.valid %}
{% for error in form.email.vars.errors %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ error.message }}</p>
{% endfor %}
{% endif %}
</div>
<button type="submit" class="auth-submit">
<i class="fa fa-paper-plane"></i> Send Reset Link
</button>
</form>
{{ form_end(form) }}
<p class="auth-switch">
Remembered it?
<a href="{{ path('MineSeekerBundle_login') }}">Sign in</a>
</p>
</div>
{% endfor %}
</div>
{% endblock %}
{% block javascripts %}
{{ parent() }}
<script src="https://www.google.com/recaptcha/api.js?render={{ recaptcha_site_key }}" async defer></script>
<script>
(function () {
const form = document.querySelector('.auth-form');
if (!form) return;
form.addEventListener('submit', function (e) {
e.preventDefault();
grecaptcha.ready(function () {
grecaptcha.execute('{{ recaptcha_site_key }}', {action: 'forgot_password'}).then(function (token) {
document.getElementById('{{ form.recaptcha.vars.id }}').value = token;
form.submit();
});
});
});
}());
</script>
{% endblock %}

19
templates/Security/login.html.twig
View File

@@ -68,6 +68,8 @@
<span>Remember me</span>
</label>
<input type="hidden" id="g-recaptcha-response" name="g-recaptcha-response"/>
<button type="submit" class="auth-submit">
<i class="fa fa-sign-in"></i> Sign In
</button>
@@ -85,3 +87,20 @@
</div>
{% endblock %}
{% block javascripts %}
{{ parent() }}
<script src="https://www.google.com/recaptcha/api.js?render={{ recaptcha_site_key }}" async defer></script>
<script>
document.querySelector('.auth-form').addEventListener('submit', function (e) {
e.preventDefault();
const form = this;
grecaptcha.ready(function () {
grecaptcha.execute('{{ recaptcha_site_key }}', {action: 'login'}).then(function (token) {
document.getElementById('g-recaptcha-response').value = token;
form.submit();
});
});
});
</script>
{% endblock %}

2
templates/Security/profile.html.twig
View File

@@ -4,7 +4,6 @@
{% block body %}
<div class="profile-page">
<div class="profile-header">
<div class="profile-avatar">
{{ app.user.username|slice(0, 2)|upper }}
@@ -105,6 +104,5 @@
<p>No games recorded yet. <a href="{{ path('MineSeekerBundle_gamePlay') }}">Start playing!</a></p>
</div>
{% endif %}
</div>
{% endblock %}

127
templates/Security/register.html.twig
View File

@@ -4,7 +4,6 @@
{% block body %}
<div class="auth-page">
{% for email in app.flashes('verify_email') %}
<div class="auth-card auth-card--sent">
<div class="auth-sent-icon"><i class="fa fa-envelope-o"></i></div>
@@ -15,106 +14,122 @@
Click the link in the email to activate your account.<br>
The link expires in <strong>24 hours</strong>.
</p>
<a href="{{ path('MineSeekerBundle_login') }}" class="auth-submit" style="text-decoration:none; margin-top:16px;">
<a
href="{{ path('MineSeekerBundle_login') }}"
class="auth-submit"
style="text-decoration:none; margin-top:16px;"
>
Go to Sign In
</a>
</div>
{% else %}
<div class="auth-card">
<h2 class="auth-title">Create Account</h2>
<p class="auth-sub">Join the battle — no subscription required</p>
<form class="auth-form" method="post" action="{{ path('MineSeekerBundle_register') }}">
{{ form_start(form, {attr: {class: 'auth-form'}}) }}
<div class="auth-field">
<label for="username" class="auth-label">Username</label>
<label for="{{ form.username.vars.id }}" class="auth-label">Username</label>
<div class="auth-input-wrap">
<i class="fa fa-user auth-input-icon"></i>
<input
type="text"
id="username"
name="_username"
class="auth-input{% if errors.username is defined %} auth-input--error{% endif %}"
value="{{ last_username }}"
autocomplete="username"
autofocus
required
minlength="3"
/>
{{ form_widget(form.username, {
attr: {
class: 'auth-input' ~ (not form.username.vars.valid ? ' auth-input--error' : ''),
autocomplete: 'username',
autofocus: true,
minlength: '3',
}
}) }}
</div>
{% if errors.username is defined %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ errors.username }}</p>
{% if not form.username.vars.valid %}
{% for error in form.username.vars.errors %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ error.message }}</p>
{% endfor %}
{% endif %}
</div>
<div class="auth-field">
<label for="email" class="auth-label">Email</label>
<label for="{{ form.email.vars.id }}" class="auth-label">Email</label>
<div class="auth-input-wrap">
<i class="fa fa-envelope auth-input-icon"></i>
<input
type="email"
id="email"
name="_email"
class="auth-input{% if errors.email is defined %} auth-input--error{% endif %}"
value="{{ last_email }}"
autocomplete="email"
required
/>
{{ form_widget(form.email, {
attr: {
class: 'auth-input' ~ (not form.email.vars.valid ? ' auth-input--error' : ''),
autocomplete: 'email',
}
}) }}
</div>
{% if errors.email is defined %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ errors.email }}</p>
{% if not form.email.vars.valid %}
{% for error in form.email.vars.errors %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ error.message }}</p>
{% endfor %}
{% endif %}
</div>
<div class="auth-field">
<label for="password" class="auth-label">Password</label>
<label for="{{ form.plainPassword.first.vars.id }}" class="auth-label">Password</label>
<div class="auth-input-wrap">
<i class="fa fa-lock auth-input-icon"></i>
<input
type="password"
id="password"
name="_password"
class="auth-input{% if errors.password is defined %} auth-input--error{% endif %}"
autocomplete="new-password"
required
minlength="6"
/>
{{ form_widget(form.plainPassword.first, {
attr: {
class: 'auth-input' ~ (not form.plainPassword.vars.valid ? ' auth-input--error' : ''),
autocomplete: 'new-password',
minlength: '6',
}
}) }}
</div>
{% if errors.password is defined %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ errors.password }}</p>
{% if not form.plainPassword.vars.valid %}
{% for error in form.plainPassword.vars.errors %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ error.message }}</p>
{% endfor %}
{% endif %}
</div>
<div class="auth-field">
<label for="password_confirm" class="auth-label">Confirm Password</label>
<label for="{{ form.plainPassword.second.vars.id }}" class="auth-label">Confirm Password</label>
<div class="auth-input-wrap">
<i class="fa fa-lock auth-input-icon"></i>
<input
type="password"
id="password_confirm"
name="_password_confirm"
class="auth-input{% if errors.password_confirm is defined %} auth-input--error{% endif %}"
autocomplete="new-password"
required
/>
{{ form_widget(form.plainPassword.second, {
attr: {
class: 'auth-input' ~ (not form.plainPassword.vars.valid ? ' auth-input--error' : ''),
autocomplete: 'new-password',
}
}) }}
</div>
{% if errors.password_confirm is defined %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ errors.password_confirm }}</p>
{% endif %}
</div>
<button type="submit" class="auth-submit">
<i class="fa fa-user-plus"></i> Create Account
</button>
</form>
{{ form_end(form) }}
<p class="auth-switch">
Already have an account?
<a href="{{ path('MineSeekerBundle_login') }}">Sign in</a>
</p>
</div>
{% endfor %}
</div>
{% endblock %}
{% block javascripts %}
{{ parent() }}
<script src="https://www.google.com/recaptcha/api.js?render={{ recaptcha_site_key }}" async defer></script>
<script>
(function () {
const form = document.querySelector('.auth-form');
if (!form) return;
form.addEventListener('submit', function (e) {
e.preventDefault();
grecaptcha.ready(function () {
grecaptcha.execute('{{ recaptcha_site_key }}', {action: 'register'}).then(function (token) {
document.getElementById('{{ form.recaptcha.vars.id }}').value = token;
form.submit();
});
});
});
}());
</script>
{% endblock %}

69
templates/Security/reset_password.html.twig
View File

@@ -8,50 +8,65 @@
<h2 class="auth-title">Reset Password</h2>
<p class="auth-sub">Choose a new password for your account</p>
<form class="auth-form" method="post">
{{ form_start(form, {attr: {class: 'auth-form'}}) }}
<div class="auth-field">
<label for="password" class="auth-label">New Password</label>
<label for="{{ form.plainPassword.first.vars.id }}" class="auth-label">New Password</label>
<div class="auth-input-wrap">
<i class="fa fa-lock auth-input-icon"></i>
<input
type="password"
id="password"
name="_password"
class="auth-input{% if errors.password is defined %} auth-input--error{% endif %}"
autocomplete="new-password"
autofocus
required
minlength="6"
/>
{{ form_widget(form.plainPassword.first, {
attr: {
class: 'auth-input' ~ (not form.plainPassword.vars.valid ? ' auth-input--error' : ''),
autocomplete: 'new-password',
autofocus: true,
minlength: '6',
}
}) }}
</div>
{% if errors.password is defined %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ errors.password }}</p>
{% if not form.plainPassword.vars.valid %}
{% for error in form.plainPassword.vars.errors %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ error.message }}</p>
{% endfor %}
{% endif %}
</div>
<div class="auth-field">
<label for="password_confirm" class="auth-label">Confirm New Password</label>
<label for="{{ form.plainPassword.second.vars.id }}" class="auth-label">Confirm New Password</label>
<div class="auth-input-wrap">
<i class="fa fa-lock auth-input-icon"></i>
<input
type="password"
id="password_confirm"
name="_password_confirm"
class="auth-input{% if errors.password_confirm is defined %} auth-input--error{% endif %}"
autocomplete="new-password"
required
/>
{{ form_widget(form.plainPassword.second, {
attr: {
class: 'auth-input' ~ (not form.plainPassword.vars.valid ? ' auth-input--error' : ''),
autocomplete: 'new-password',
}
}) }}
</div>
{% if errors.password_confirm is defined %}
<p class="auth-field-error"><i class="fa fa-exclamation-circle"></i> {{ errors.password_confirm }}</p>
{% endif %}
</div>
<button type="submit" class="auth-submit">
<i class="fa fa-key"></i> Set New Password
</button>
</form>
{{ form_end(form) }}
</div>
</div>
{% endblock %}
{% block javascripts %}
{{ parent() }}
<script src="https://www.google.com/recaptcha/api.js?render={{ recaptcha_site_key }}" async defer></script>
<script>
(function () {
document.querySelector('.auth-form').addEventListener('submit', function (e) {
e.preventDefault();
const form = this;
grecaptcha.ready(function () {
grecaptcha.execute('{{ recaptcha_site_key }}', {action: 'reset_password'}).then(function (token) {
document.getElementById('{{ form.recaptcha.vars.id }}').value = token;
form.submit();
});
});
});
}());
</script>
{% endblock %}