chore: sync
This commit is contained in:
@@ -5,6 +5,8 @@ declare(strict_types=1);
|
||||
namespace App\Module\Auth\Controller;
|
||||
|
||||
use App\Config\ConfigLoader;
|
||||
use App\Config\AppConfig;
|
||||
use App\Module\Email\EmailSenderInterface;
|
||||
use App\Module\PlanetGenerator\Service\PlanetGenerator;
|
||||
use App\Shared\Http\JsonResponder;
|
||||
use PDO;
|
||||
@@ -24,7 +26,9 @@ final class AuthController
|
||||
public function __construct(
|
||||
private PDO $pdo,
|
||||
private ConfigLoader $configLoader,
|
||||
private PlanetGenerator $planetGenerator
|
||||
private PlanetGenerator $planetGenerator,
|
||||
private EmailSenderInterface $emailSender,
|
||||
private AppConfig $appConfig
|
||||
) {
|
||||
}
|
||||
|
||||
@@ -144,8 +148,8 @@ final class AuthController
|
||||
]);
|
||||
}
|
||||
|
||||
public function registerStep3(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
|
||||
{
|
||||
public function registerStep3(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
|
||||
{
|
||||
$draft = $this->getDraft();
|
||||
if (empty($draft['race_key']) || empty($draft['avatar_key']) || empty($draft['title'])) {
|
||||
return JsonResponder::withJson($response, [
|
||||
@@ -194,12 +198,14 @@ final class AuthController
|
||||
], 409);
|
||||
}
|
||||
|
||||
$token = bin2hex(random_bytes(16));
|
||||
$isDev = $this->appConfig->isDevEntwicklung();
|
||||
try {
|
||||
$this->pdo->beginTransaction();
|
||||
|
||||
$stmt = $this->pdo->prepare(
|
||||
'INSERT INTO users (username, email, password_hash, race_key, title, avatar_key)
|
||||
VALUES (:username, :email, :password_hash, :race_key, :title, :avatar_key)
|
||||
'INSERT INTO users (username, email, password_hash, race_key, title, avatar_key, activation_token, is_active)
|
||||
VALUES (:username, :email, :password_hash, :race_key, :title, :avatar_key, :activation_token, :is_active)
|
||||
RETURNING *'
|
||||
);
|
||||
$stmt->execute([
|
||||
@@ -209,12 +215,14 @@ final class AuthController
|
||||
'race_key' => $draft['race_key'],
|
||||
'title' => $draft['title'],
|
||||
'avatar_key' => $draft['avatar_key'],
|
||||
'activation_token' => $token,
|
||||
'is_active' => $isDev,
|
||||
]);
|
||||
$user = $stmt->fetch();
|
||||
|
||||
$userId = (int)($user['id'] ?? 0);
|
||||
if ($userId <= 0) {
|
||||
throw new \\RuntimeException('User-ID fehlt.');
|
||||
throw new \RuntimeException('User-ID fehlt.');
|
||||
}
|
||||
|
||||
$this->assignRole($userId, 'player');
|
||||
@@ -233,7 +241,7 @@ final class AuthController
|
||||
'error' => 'registration_failed',
|
||||
'message' => 'Registrierung fehlgeschlagen.',
|
||||
], 500);
|
||||
} catch (\\Throwable $e) {
|
||||
} catch (\Throwable $e) {
|
||||
$this->pdo->rollBack();
|
||||
return JsonResponder::withJson($response, [
|
||||
'error' => 'registration_failed',
|
||||
@@ -242,11 +250,70 @@ final class AuthController
|
||||
}
|
||||
|
||||
$this->clearDraft();
|
||||
|
||||
if (!$isDev) {
|
||||
$this->sendConfirmationEmail($email, $token);
|
||||
return JsonResponder::withJson($response, [
|
||||
'status' => 'pending',
|
||||
'message' => 'Bestätige deine E-Mail-Adresse via Link.',
|
||||
], 201);
|
||||
}
|
||||
|
||||
$this->loginUser((int)$user['id']);
|
||||
return JsonResponder::withJson($response, [
|
||||
'user' => $this->buildUserSummary($user),
|
||||
'status' => 'active',
|
||||
], 201);
|
||||
}
|
||||
|
||||
public function confirmRegistration(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
|
||||
{
|
||||
$body = $this->parseBody($request);
|
||||
$token = trim((string)($body['token'] ?? ''));
|
||||
if ($token === '') {
|
||||
return JsonResponder::withJson($response, [
|
||||
'error' => 'invalid_token',
|
||||
'message' => 'Token fehlt.',
|
||||
], 400);
|
||||
}
|
||||
|
||||
$stmt = $this->pdo->prepare('SELECT * FROM users WHERE activation_token = :token LIMIT 1');
|
||||
$stmt->execute(['token' => $token]);
|
||||
$user = $stmt->fetch();
|
||||
if (!$user) {
|
||||
return JsonResponder::withJson($response, [
|
||||
'error' => 'invalid_token',
|
||||
'message' => 'Ungültiges Token.',
|
||||
], 404);
|
||||
}
|
||||
|
||||
if ((bool)($user['is_active'] ?? false)) {
|
||||
return JsonResponder::withJson($response, [
|
||||
'error' => 'already_active',
|
||||
'message' => 'Account bereits aktiviert.',
|
||||
], 409);
|
||||
}
|
||||
|
||||
$stmt = $this->pdo->prepare(
|
||||
'UPDATE users SET is_active = TRUE, email_verified_at = :verified, activation_token = NULL WHERE id = :id'
|
||||
);
|
||||
$stmt->execute([
|
||||
'verified' => (new \DateTimeImmutable('now'))->format('Y-m-d H:i:s'),
|
||||
'id' => (int)$user['id'],
|
||||
]);
|
||||
$this->loginUser((int)$user['id']);
|
||||
|
||||
return JsonResponder::withJson($response, [
|
||||
'user' => $this->buildUserSummary($user),
|
||||
], 201);
|
||||
]);
|
||||
}
|
||||
|
||||
private function sendConfirmationEmail(string $to, string $token): void
|
||||
{
|
||||
$url = $this->appConfig->getAppUrl();
|
||||
$link = rtrim($url, '/') . '/auth/register/confirm?token=' . urlencode($token);
|
||||
$body = "Bitte bestätige deinen Account:\n" . $link;
|
||||
$this->emailSender->sendEmail($to, 'E-Mail-Adresse bestätigen', $body);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user