OXDEV-10012 Refactor login and redirect the user after login

Author: TitaKoleva

src/Authentication/TwoFactorAuth/Controller/RedirectView.php

@@ -10,7 +10,8 @@
 namespace OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Controller;
 
 use OxidEsales\Eshop\Application\Controller\FrontendController;
-use OxidEsales\Eshop\Core\Registry;
+use OxidEsales\Eshop\Core\Language;
+use OxidEsales\Eshop\Core\UtilsView;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Exception\OTPValidationException;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\AuthorizeServiceInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\UserServiceInterface;
@@ -30,6 +31,8 @@ public function __construct(
         private readonly AuthorizeServiceInterface $authService,
         private readonly UserServiceInterface $userService,
         private readonly AuthCodeRequestInterface $authCodeRequest,
+        private readonly Language $language,
+        private readonly UtilsView $utilsView,
     ) {
         parent::__construct();
     }
@@ -44,8 +47,8 @@ public function handleOTP(): ?string
             $this->userService->finalizeLogin();
 
         } catch (OTPValidationException $e) {
-            $translatedMessage = Registry::getLang()->translateString($e->getMessage());
-            Registry::getUtilsView()->addErrorToDisplay($translatedMessage);
+            $translatedMessage = $this->language->translateString($e->getMessage());
+            $this->utilsView->addErrorToDisplay($translatedMessage);
         }
 
         return null;

src/Authentication/TwoFactorAuth/Controller/TwoFactorAuthController.php

@@ -2,6 +2,9 @@ services:
   _defaults:
     autowire: true
     public: false
+    bind:
+      OxidEsales\Eshop\Core\UtilsView: '@=service("OxidEsales\\SecurityModule\\Core\\Registry").getUtilsView()'
+      OxidEsales\Eshop\Core\Language: '@=service("OxidEsales\\SecurityModule\\Core\\Registry").getLang()'
 
   OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Controller\TwoFactorAuthController:
     public: true

src/Authentication/TwoFactorAuth/Controller/services.yaml

@@ -15,6 +15,7 @@ class User implements UserInterface
 {
     public function __construct(
         private readonly string $userId,
+        private readonly string $email,
         private readonly int $attempts,
         private readonly ?string $code,
         private readonly ?DateTimeInterface $expiresAt,
@@ -46,4 +47,9 @@ public function getLastSentAt(): ?DateTimeInterface
     {
         return $this->lastSentAt;
     }
+
+    public function getEmail(): string
+    {
+        return $this->email;
+    }
 }

src/Authentication/TwoFactorAuth/DTO/User.php

@@ -20,4 +20,6 @@ public function getAttempts(): int;
     public function getExpiresAt(): ?DateTimeInterface;
 
     public function getLastSentAt(): ?DateTimeInterface;
+
+    public function getEmail(): string;
 }

src/Authentication/TwoFactorAuth/DTO/UserInterface.php

@@ -28,20 +28,21 @@ public function __construct(
     ) {
     }
 
-    public function getUserOTPData(string $userName): UserInterface
+    public function getUserOTPData(string $userId): UserInterface
     {
         $builder = $this->queryBuilderFactory->create();
         $builder->select([
                 'OXID',
+                'OXUSERNAME',
                 'OESMOTPCODE',
                 'OESMOTPATTEMPTS',
                 'OESMOTPEXPTIME',
                 'OESMOTPLASTSENT',
             ])
             ->from('oxuser')
-            ->where('oxusername = :userName')
+            ->where('oxid = :userId')
             ->andWhere('oxshopid = :shopId')
-            ->setParameter('userName', $userName)
+            ->setParameter('userId', $userId)
             ->setParameter('shopId', $this->context->getCurrentShopId());
 
         /** @var Result $queryResult */
@@ -53,7 +54,8 @@ public function getUserOTPData(string $userName): UserInterface
 
         return new UserDTO(
             $userData['OXID'],
-            $userData['OESMOTPATTEMPTS'],
+            $userData['OXUSERNAME'],
+            (int)$userData['OESMOTPATTEMPTS'],
             $userData['OESMOTPCODE'],
             $userData['OESMOTPEXPTIME'] ? new DateTime($userData['OESMOTPEXPTIME']) : null,
             $userData['OESMOTPLASTSENT'] ? new DateTime($userData['OESMOTPLASTSENT']) : null,
@@ -97,42 +99,6 @@ public function resetCodeFields(string $userId): void
         $userModel->save();
     }
 
-    public function getUserPasswordHash(string $userName): ?string
-    {
-        $builder = $this->queryBuilderFactory->create();
-        $builder->select('OXPASSWORD')
-            ->from('oxuser')
-            ->where('oxusername = :userName')
-            ->andWhere('oxshopid = :shopId')
-            ->setParameter('userName', $userName)
-            ->setParameter('shopId', $this->context->getCurrentShopId());
-
-        /** @var Result $queryResult */
-        $queryResult = $builder->execute();
-        $userPass = $queryResult->fetchOne();
-
-        return $userPass ?: null;
-    }
-
-    public function getUserIdByUserName(string $userName): ?string
-    {
-        $builder = $this->queryBuilderFactory->create();
-        $builder->select('OXID')
-            ->from('oxuser')
-            ->where('oxusername = :userName')
-            ->andWhere('oxshopid = :shopId')
-            ->andWhere('oxactive = 1')
-            ->andWhere("oxpassword != ''")
-            ->setParameter('userName', $userName)
-            ->setParameter('shopId', $this->context->getCurrentShopId());
-
-        /** @var Result $queryResult */
-        $queryResult = $builder->execute();
-        $userId = $queryResult->fetchOne();
-
-        return $userId ?: null;
-    }
-
     public function markOtpAsSent(string $userId): void
     {
         $userModel = $this->userFactory->create();

src/Authentication/TwoFactorAuth/Infrastructure/Repository/UserRepository.php

@@ -12,17 +12,13 @@
 
 interface UserRepositoryInterface
 {
-    public function getUserOTPData(string $userName): UserInterface;
+    public function getUserOTPData(string $userId): UserInterface;
 
     public function updateAttempts(string $userId, int $attempts): void;
 
     public function resetCodeFields(string $userId): void;
 
     public function addOTPtoUser(string $userId, string $otp, DateTime $expiresAt): bool;
 
-    public function getUserPasswordHash(string $userName): ?string;
-
-    public function getUserIdByUserName(string $userName): ?string;
-
     public function markOtpAsSent(string $userId): void;
 }

src/Authentication/TwoFactorAuth/Infrastructure/Repository/UserRepositoryInterface.php

@@ -10,6 +10,7 @@
 namespace OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service;
 
 use OxidEsales\EshopCommunity\Internal\Framework\Session\SessionInterface;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Infrastructure\Repository\UserRepositoryInterface;
 
 class AuthorizeService implements AuthorizeServiceInterface
 {
@@ -22,6 +23,7 @@ public function __construct(
         private VerificationCollectorServiceInterface $verifyCollector,
         private NotifierCollectorInterface $notifierCollector,
         private ResendOTPServiceInterface $resendOTPService,
+        private UserRepositoryInterface $userRepository,
         private SessionInterface $session
     ) {
     }
@@ -34,9 +36,9 @@ public function validate(string $inputCode): void
             $activeVerificator
         );
 
-        $userName = $this->session->get(self::USER_SESSION_KEY);
+        $userId = $this->session->get(self::USER_SESSION_KEY);
 
-        $verificator->validateCode($userName, $inputCode);
+        $verificator->validateCode($userId, $inputCode);
     }
 
     public function generate(): void
@@ -47,16 +49,17 @@ public function generate(): void
             $activeVerificator
         );
 
-        $userName = $this->session->get(self::USER_SESSION_KEY);
-        if (!$this->resendOTPService->canSend($userName)) {
+        $userId = $this->session->get(self::USER_SESSION_KEY);
+        if (!$this->resendOTPService->canSend($userId)) {
             return;
         }
 
-        $OTPCode = $verificator->generate($userName);
+        $OTPCode = $verificator->generate($userId);
 
+        $user = $this->userRepository->getUserOTPData($userId);
         $notifier = $this->notifierCollector->getNotifier('email');
-        $notifier->notify($userName, $OTPCode);
-        $this->resendOTPService->markAsSent($userName);
+        $notifier->notify($user->getEmail(), $OTPCode);
+        $this->resendOTPService->markAsSent($userId);
     }
 
     public function getVerificationUrl(): string

src/Authentication/TwoFactorAuth/Service/AuthorizeService.php

@@ -21,16 +21,14 @@ public function __construct(
     ) {
     }
 
-    public function markAsSent(string $userName): void
+    public function markAsSent(string $userId): void
     {
-        $otpData = $this->userRepository->getUserOTPData($userName);
-
-        $this->userRepository->markOtpAsSent($otpData->getId());
+        $this->userRepository->markOtpAsSent($userId);
     }
 
-    public function canSend(string $userName): bool
+    public function canSend(string $userId): bool
     {
-        $otpData = $this->userRepository->getUserOTPData($userName);
+        $otpData = $this->userRepository->getUserOTPData($userId);
 
         $lastSentAt = $otpData->getLastSentAt();
         if ($lastSentAt === null) {

src/Authentication/TwoFactorAuth/Service/ResendOTPService.php

@@ -9,7 +9,7 @@
 
 interface ResendOTPServiceInterface
 {
-    public function markAsSent(string $userName): void;
+    public function markAsSent(string $userId): void;
 
-    public function canSend(string $userName): bool;
+    public function canSend(string $userId): bool;
 }