Completed
Push — master ( 254925...5d79ce )
by Lhalaa
14s queued 10s
created

PartialUserFormVerifyController::init()   A

Complexity

Conditions 2
Paths 2

Size

Total Lines 18

Duplication

Lines 0
Ratio 0 %

Code Coverage

Tests 10
CRAP Score 2

Importance

Changes 0
Metric Value
dl 0
loc 18
ccs 10
cts 10
cp 1
rs 9.6666
c 0
b 0
f 0
cc 2
nc 2
nop 0
crap 2
1
<?php
2
3
4
namespace Firesphere\PartialUserforms\Controllers;
5
6
use Exception;
7
use Firesphere\PartialUserforms\Forms\PasswordForm;
8
use Firesphere\PartialUserforms\Models\PartialFormSubmission;
9
use Page;
10
use PageController;
11
use SilverStripe\Control\HTTPResponse;
12
use SilverStripe\Control\HTTPResponse_Exception;
13
use SilverStripe\UserForms\Model\UserDefinedForm;
14
15
/**
16
 * Class \Firesphere\PartialUserforms\Controllers\PartialUserFormVerifyController
17
 *
18
 */
19
class PartialUserFormVerifyController extends PageController
20
{
21
    public const PASSWORD_KEY = 'FormPassword';
22
23
    /**
24
     * @var array
25
     */
26
    private static $allowed_actions = [
27
        'getForm'
28
    ];
29
    /**
30
     * @var PartialFormSubmission
31
     */
32
    protected $partialFormSubmission;
33
34
    /**
35
     * @var PasswordForm
36
     */
37
    protected $form;
38
39
    /**
40
     * @return PartialUserFormVerifyController|void
41
     * @throws HTTPResponse_Exception
42
     */
43 4
    public function init()
44
    {
45 4
        parent::init();
46 4
        $session = $this->getRequest()->getSession();
47 4
        $sessionID = $session->get(PartialSubmissionController::SESSION_KEY);
48
        // Set the session if the last session has expired
49 4
        if (!$sessionID) {
50 1
            return $this->httpError(404);
51
        }
52
53
        /** @var PartialFormSubmission $partial */
54 3
        $partial = PartialFormSubmission::get()->byID($sessionID);
55
56 3
        $this->setPartialFormSubmission($partial);
57
        // Set data record and load the form
58
        /** @var UserDefinedForm dataRecord */
59 3
        $this->dataRecord = Page::create();
60 3
    }
61
62
    /**
63
     * @return PasswordForm
64
     */
65 1
    public function getForm()
66
    {
67 1
        return PasswordForm::create($this, __FUNCTION__);
68
    }
69
70
71
    /**
72
     * @param array $data
73
     * @param PasswordForm $form
74
     * @return HTTPResponse
75
     * @throws Exception
76
     */
77 1
    public function doValidate($data, $form)
78
    {
79
        /** @var PartialFormSubmission $partial */
80 1
        $partial = $this->getPartialFormSubmission();
81
82 1
        $password = hash_pbkdf2('SHA256', $data['Password'], $partial->TokenSalt, 1000);
83 1
        if (!hash_equals($password, $partial->Password)) {
84 1
            $form->sessionError(
85 1
                _t(
86 1
                    PasswordForm::class . '.PASSWORDERROR',
87 1
                    'Password incorrect, please check your password and try again'
88
                )
89
            );
90
91 1
            return $this->redirectBack();
92
        }
93
94 1
        $request = $this->getRequest();
95 1
        $request->getSession()->set(PasswordForm::PASSWORD_SESSION_KEY, $partial->ID);
96 1
        $request->getSession()->set(self::PASSWORD_KEY, $data['Password']);
97
98 1
        return $this->redirect($partial->getPartialLink());
99
    }
100
101
    /**
102
     * @return PartialFormSubmission
103
     */
104 1
    public function getPartialFormSubmission()
105
    {
106 1
        return $this->partialFormSubmission;
107
    }
108
109
    /**
110
     * @param PartialFormSubmission $partialFormSubmission
111
     */
112 3
    public function setPartialFormSubmission($partialFormSubmission): void
113
    {
114 3
        $this->partialFormSubmission = $partialFormSubmission;
115 3
    }
116
}
117