daenamnu/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2026-05-30 07:20:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: move deSEC password-reveal logic from JS to Twig (PRG pattern)

Browse Source 
Agent-Logs-Url: https://github.com/nextcloud/all-in-one/sessions/159fc9de-4eb7-4131-8dee-9166045156e6

Co-authored-by: szaimen <42591237+szaimen@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-04-25 16:43:49 +00:00
committed by GitHub
parent 5343353bb5
commit 1c6ca098d5
6 changed files with 50 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
php/src/Controller/DesecController.php
View File

@@ -3,6 +3,7 @@ declare(strict_types=1);
namespace AIO\Controller;
use AIO\Desec\AlreadyRegisteredException;
use AIO\Desec\DesecManager;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
@@ -14,15 +15,23 @@ readonly class DesecController {
}
public function Register(Request $request, Response $response, array $args): Response {
$email = (string)($request->getParsedBody()['desec_email'] ?? '');
$slug = (string)($request->getParsedBody()['desec_slug'] ?? '');
$password = (string)($request->getParsedBody()['desec_password'] ?? '');
try {
$email = (string)($request->getParsedBody()['desec_email'] ?? '');
$slug = (string)($request->getParsedBody()['desec_slug'] ?? '');
$password = (string)($request->getParsedBody()['desec_password'] ?? '');
$this->desecManager->register($email, $slug, $password);
return $response->withStatus(201)->withHeader('Location', '.');
} catch (AlreadyRegisteredException $ex) {
$_SESSION['desec_show_password'] = true;
$_SESSION['desec_prefill_email'] = $ex->email;
$_SESSION['desec_error'] = $ex->getMessage();
} catch (\Exception $ex) {
$response->getBody()->write($ex->getMessage());
return $response->withStatus(422);
$_SESSION['desec_error'] = $ex->getMessage();
}
// Post/Redirect/Get: always redirect back to the containers page.
// The browser follows the Location header and issues a fresh GET,
// which prevents form-resubmission on reload.
return $response->withStatus(303)->withHeader('Location', '../../containers');
}
}

20
php/src/Desec/AlreadyRegisteredException.php Normal file
View File

@@ -0,0 +1,20 @@
<?php
declare(strict_types=1);
namespace AIO\Desec;
/**
* Thrown when a deSEC account registration attempt fails because the email address
* is already associated with an existing account. The controller catches this to
* redirect the user back to the registration form with the password field revealed.
*/
class AlreadyRegisteredException extends \Exception {
public function __construct(
public readonly string $email,
) {
parent::__construct(
'This email address is already registered at deSEC. '
. 'If this is your account, please enter your deSEC password in the password field and try again.',
);
}
}

5
php/src/Desec/DesecManager.php
View File

@@ -122,10 +122,7 @@ class DesecManager {
if ($code === 400) {
$data = json_decode($body, true, 512, JSON_THROW_ON_ERROR);
if (is_array($data) && isset($data['email'])) {
throw new \Exception(
'This email address is already registered at deSEC. '
. 'If this is your account, please enter your deSEC password in the password field and try again.',
);
throw new AlreadyRegisteredException($email);
}
throw new \Exception('Registration at deSEC failed (HTTP 400): ' . $body);
}