From 7e89801956f4ab6269b7ae1bbf78114770349e2d Mon Sep 17 00:00:00 2001
From: Bechir Ba <13308700+bechir@users.noreply.github.com>
Date: Thu, 22 Jun 2023 20:35:22 +0000
Subject: [PATCH] [make:auth] Add `RememberMeBadge`

---
 src/Maker/MakeAuthenticator.php               | 67 ++++++++++++++---
 .../LoginFormAuthenticator.tpl.php            |  3 +-
 .../skeleton/authenticator/login_form.tpl.php | 21 +++---
 src/Security/SecurityConfigUpdater.php        | 37 +++++++++-
 tests/Maker/MakeAuthenticatorTest.php         | 72 +++++++++++++++++++
 tests/Security/SecurityConfigUpdaterTest.php  | 40 +++++++++--
 ...with_firewalls_and_always_remember_me.yaml | 18 +++++
 ...th_firewalls_and_remember_me_checkbox.yaml | 20 ++++++
 8 files changed, 253 insertions(+), 25 deletions(-)
 create mode 100644 tests/Security/yaml_fixtures/expected_authenticator/simple_security_with_firewalls_and_always_remember_me.yaml
 create mode 100644 tests/Security/yaml_fixtures/expected_authenticator/simple_security_with_firewalls_and_remember_me_checkbox.yaml

diff --git a/src/Maker/MakeAuthenticator.php b/src/Maker/MakeAuthenticator.php
index 0e2c69715..ba9402907 100644
--- a/src/Maker/MakeAuthenticator.php
+++ b/src/Maker/MakeAuthenticator.php
@@ -49,6 +49,7 @@
 use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
 use Symfony\Component\Security\Http\Authenticator\AbstractLoginFormAuthenticator;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\CsrfTokenBadge;
+use Symfony\Component\Security\Http\Authenticator\Passport\Badge\RememberMeBadge;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
 use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
 use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
@@ -66,6 +67,9 @@ final class MakeAuthenticator extends AbstractMaker
     private const AUTH_TYPE_EMPTY_AUTHENTICATOR = 'empty-authenticator';
     private const AUTH_TYPE_FORM_LOGIN = 'form-login';
 
+    private const REMEMBER_ME_TYPE_ALWAYS = 'always';
+    private const REMEMBER_ME_TYPE_CHECKBOX = 'checkbox';
+
     public function __construct(
         private FileManager $fileManager,
         private SecurityConfigUpdater $configUpdater,
@@ -184,6 +188,34 @@ function ($answer) {
                     true
                 )
             );
+
+            $command->addArgument('support-remember-me', InputArgument::REQUIRED);
+            $input->setArgument(
+                'support-remember-me',
+                $io->confirm(
+                    'Do you want to support remember me?',
+                    true
+                )
+            );
+
+            if ($input->getArgument('support-remember-me')) {
+                $supportRememberMeValues = [
+                    'Activate when the user checks a box' => self::REMEMBER_ME_TYPE_CHECKBOX,
+                    'Always activate remember me' => self::REMEMBER_ME_TYPE_ALWAYS,
+                ];
+                $command->addArgument('always-remember-me', InputArgument::REQUIRED);
+
+                $supportRememberMeType = $io->choice(
+                    'When activate the remember me?',
+                    array_keys($supportRememberMeValues),
+                    key($supportRememberMeValues)
+                );
+
+                $input->setArgument(
+                    'always-remember-me',
+                    $supportRememberMeValues[$supportRememberMeType]
+                );
+            }
         }
     }
 
@@ -192,12 +224,16 @@ public function generate(InputInterface $input, ConsoleStyle $io, Generator $gen
         $manipulator = new YamlSourceManipulator($this->fileManager->getFileContents('config/packages/security.yaml'));
         $securityData = $manipulator->getData();
 
+        $supportRememberMe = $input->hasArgument('support-remember-me') ? $input->getArgument('support-remember-me') : false;
+        $alwaysRememberMe = $input->hasArgument('always-remember-me') ? $input->getArgument('always-remember-me') : false;
+
         $this->generateAuthenticatorClass(
             $securityData,
             $input->getArgument('authenticator-type'),
             $input->getArgument('authenticator-class'),
             $input->hasArgument('user-class') ? $input->getArgument('user-class') : null,
-            $input->hasArgument('username-field') ? $input->getArgument('username-field') : null
+            $input->hasArgument('username-field') ? $input->getArgument('username-field') : null,
+            $supportRememberMe,
         );
 
         // update security.yaml with guard config
@@ -215,7 +251,9 @@ public function generate(InputInterface $input, ConsoleStyle $io, Generator $gen
                 $input->getOption('firewall-name'),
                 $entryPoint,
                 $input->getArgument('authenticator-class'),
-                $input->hasArgument('logout-setup') ? $input->getArgument('logout-setup') : false
+                $input->hasArgument('logout-setup') ? $input->getArgument('logout-setup') : false,
+                $supportRememberMe,
+                $alwaysRememberMe
             );
             $generator->dumpFile($path, $newYaml);
             $securityYamlUpdated = true;
@@ -226,7 +264,9 @@ public function generate(InputInterface $input, ConsoleStyle $io, Generator $gen
             $this->generateFormLoginFiles(
                 $input->getArgument('controller-class'),
                 $input->getArgument('username-field'),
-                $input->getArgument('logout-setup')
+                $input->getArgument('logout-setup'),
+                $supportRememberMe,
+                $alwaysRememberMe,
             );
         }
 
@@ -241,12 +281,14 @@ public function generate(InputInterface $input, ConsoleStyle $io, Generator $gen
                 $input->getArgument('authenticator-class'),
                 $securityData,
                 $input->hasArgument('user-class') ? $input->getArgument('user-class') : null,
-                $input->hasArgument('logout-setup') ? $input->getArgument('logout-setup') : false
+                $input->hasArgument('logout-setup') ? $input->getArgument('logout-setup') : false,
+                $supportRememberMe,
+                $alwaysRememberMe
             )
         );
     }
 
-    private function generateAuthenticatorClass(array $securityData, string $authenticatorType, string $authenticatorClass, $userClass, $userNameField): void
+    private function generateAuthenticatorClass(array $securityData, string $authenticatorType, string $authenticatorClass, $userClass, $userNameField, bool $supportRememberMe): void
     {
         $useStatements = new UseStatementGenerator([
             Request::class,
@@ -288,6 +330,10 @@ private function generateAuthenticatorClass(array $securityData, string $authent
             $useStatements->addUseStatement(LegacySecurity::class);
         }
 
+        if ($supportRememberMe) {
+            $useStatements->addUseStatement(RememberMeBadge::class);
+        }
+
         $userClassNameDetails = $this->generator->createClassNameDetails(
             '\\'.$userClass,
             'Entity\\'
@@ -305,11 +351,12 @@ private function generateAuthenticatorClass(array $securityData, string $authent
                 'username_field_var' => Str::asLowerCamelCase($userNameField),
                 'user_needs_encoder' => $this->userClassHasEncoder($securityData, $userClass),
                 'user_is_entity' => $this->doctrineHelper->isClassAMappedEntity($userClass),
+                'remember_me_badge' => $supportRememberMe,
             ]
         );
     }
 
-    private function generateFormLoginFiles(string $controllerClass, string $userNameField, bool $logoutSetup): void
+    private function generateFormLoginFiles(string $controllerClass, string $userNameField, bool $logoutSetup, bool $supportRememberMe, bool $alwaysRememberMe): void
     {
         $controllerClassNameDetails = $this->generator->createClassNameDetails(
             $controllerClass,
@@ -362,11 +409,13 @@ private function generateFormLoginFiles(string $controllerClass, string $userNam
                 'username_is_email' => false !== stripos($userNameField, 'email'),
                 'username_label' => ucfirst(Str::asHumanWords($userNameField)),
                 'logout_setup' => $logoutSetup,
+                'support_remember_me' => $supportRememberMe,
+                'always_remember_me' => $alwaysRememberMe,
             ]
         );
     }
 
-    private function generateNextMessage(bool $securityYamlUpdated, string $authenticatorType, string $authenticatorClass, array $securityData, $userClass, bool $logoutSetup): array
+    private function generateNextMessage(bool $securityYamlUpdated, string $authenticatorType, string $authenticatorClass, array $securityData, $userClass, bool $logoutSetup, bool $supportRememberMe, bool $alwaysRememberMe): array
     {
         $nextTexts = ['Next:'];
         $nextTexts[] = '- Customize your new authenticator.';
@@ -377,7 +426,9 @@ private function generateNextMessage(bool $securityYamlUpdated, string $authenti
                 'main',
                 null,
                 $authenticatorClass,
-                $logoutSetup
+                $logoutSetup,
+                $supportRememberMe,
+                $alwaysRememberMe
             );
             $nextTexts[] = "- Your <info>security.yaml</info> could not be updated automatically. You'll need to add the following config manually:\n\n".$yamlExample;
         }
diff --git a/src/Resources/skeleton/authenticator/LoginFormAuthenticator.tpl.php b/src/Resources/skeleton/authenticator/LoginFormAuthenticator.tpl.php
index a7d6ba04f..eb0f17219 100644
--- a/src/Resources/skeleton/authenticator/LoginFormAuthenticator.tpl.php
+++ b/src/Resources/skeleton/authenticator/LoginFormAuthenticator.tpl.php
@@ -24,7 +24,8 @@ public function authenticate(Request $request): Passport
             new UserBadge($<?= $username_field_var ?>),
             new PasswordCredentials($request->request->get('password', '')),
             [
-                new CsrfTokenBadge('authenticate', $request->request->get('_csrf_token')),
+                new CsrfTokenBadge('authenticate', $request->request->get('_csrf_token')),<?= $remember_me_badge ? "
+                new RememberMeBadge(),\n" : "" ?>
             ]
         );
     }
diff --git a/src/Resources/skeleton/authenticator/login_form.tpl.php b/src/Resources/skeleton/authenticator/login_form.tpl.php
index 95bc79a3f..4124397ac 100644
--- a/src/Resources/skeleton/authenticator/login_form.tpl.php
+++ b/src/Resources/skeleton/authenticator/login_form.tpl.php
@@ -25,17 +25,16 @@
     <input type="hidden" name="_csrf_token"
            value="{{ csrf_token('authenticate') }}"
     >
-
-    {#
-        Uncomment this section and add a remember_me option below your firewall to activate remember me functionality.
-        See https://symfony.com/doc/current/security/remember_me.html
-
-        <div class="checkbox mb-3">
-            <label>
-                <input type="checkbox" name="_remember_me"> Remember me
-            </label>
-        </div>
-    #}
+<?php if($support_remember_me): ?>
+<?php if(!$always_remember_me): ?>
+
+    <div class="checkbox mb-3">
+        <label>
+            <input type="checkbox" name="_remember_me"> Remember me
+        </label>
+    </div>
+<?php endif; ?>
+<?php endif; ?>
 
     <button class="btn btn-lg btn-primary" type="submit">
         Sign in
diff --git a/src/Security/SecurityConfigUpdater.php b/src/Security/SecurityConfigUpdater.php
index e6d5b1acb..0d3a4702e 100644
--- a/src/Security/SecurityConfigUpdater.php
+++ b/src/Security/SecurityConfigUpdater.php
@@ -69,7 +69,7 @@ public function updateForUserClass(string $yamlSource, UserClassConfiguration $u
         return $contents;
     }
 
-    public function updateForAuthenticator(string $yamlSource, string $firewallName, $chosenEntryPoint, string $authenticatorClass, bool $logoutSetup): string
+    public function updateForAuthenticator(string $yamlSource, string $firewallName, $chosenEntryPoint, string $authenticatorClass, bool $logoutSetup, bool $supportRememberMe, bool $alwaysRememberMe): string
     {
         $this->createYamlSourceManipulator($yamlSource);
 
@@ -110,6 +110,41 @@ public function updateForAuthenticator(string $yamlSource, string $firewallName,
             $firewall['entry_point'] = $authenticatorClass;
         }
 
+        if (!isset($firewall['logout']) && $logoutSetup) {
+            $firewall['logout'] = ['path' => 'app_logout'];
+            $firewall['logout'][] = $this->manipulator->createCommentLine(
+                ' where to redirect after logout'
+            );
+            $firewall['logout'][] = $this->manipulator->createCommentLine(
+                ' target: app_any_route'
+            );
+        }
+
+        if ($supportRememberMe) {
+            if (!isset($firewall['remember_me'])) {
+                $firewall['remember_me_empty_line'] = $this->manipulator->createEmptyLine();
+                $firewall['remember_me'] = [
+                    'secret' => '%kernel.secret%',
+                    'lifetime' => 604800,
+                    'path' => '/',
+                ];
+                if (!$alwaysRememberMe) {
+                    $firewall['remember_me'][] = $this->manipulator->createCommentLine(' by default, the feature is enabled by checking a checkbox in the');
+                    $firewall['remember_me'][] = $this->manipulator->createCommentLine(' login form, uncomment the following line to always enable it.');
+                }
+            } else {
+                $firewall['remember_me']['secret'] ??= '%kernel.secret%';
+                $firewall['remember_me']['lifetime'] ??= 604800;
+                $firewall['remember_me']['path'] ??= '/';
+            }
+
+            if ($alwaysRememberMe) {
+                $firewall['remember_me']['always_remember_me'] = true;
+            } else {
+                $firewall['remember_me'][] = $this->manipulator->createCommentLine('always_remember_me: true');
+            }
+        }
+
         $newData['security']['firewalls'][$firewallName] = $firewall;
 
         if (!isset($firewall['logout']) && $logoutSetup) {
diff --git a/tests/Maker/MakeAuthenticatorTest.php b/tests/Maker/MakeAuthenticatorTest.php
index c5143fcc2..2e9fc0f79 100644
--- a/tests/Maker/MakeAuthenticatorTest.php
+++ b/tests/Maker/MakeAuthenticatorTest.php
@@ -151,6 +151,8 @@ public function getTestDetails(): \Generator
                     // field name
                     'userEmail',
                     'no',
+                    // remember me support => no
+                    'no',
                 ]);
 
                 $this->runLoginTest($runner, 'userEmail');
@@ -180,6 +182,8 @@ public function getTestDetails(): \Generator
                     // username field => userEmail
                     0,
                     'no',
+                    // remember me support => no
+                    'no',
                 ]);
 
                 $runner->runTests();
@@ -207,6 +211,8 @@ public function getTestDetails(): \Generator
                     // user class
                     'App\Security\User',
                     'no',
+                    // remember me support => no
+                    'no',
                 ]);
             }),
         ];
@@ -229,6 +235,8 @@ public function getTestDetails(): \Generator
                     // controller name
                     'SecurityController',
                     'no',
+                    // remember me support => no
+                    'no',
                 ]);
 
                 $this->runLoginTest($runner, 'email');
@@ -249,6 +257,8 @@ public function getTestDetails(): \Generator
                     'SecurityController',
                     // logout support
                     'yes',
+                    // remember me support => no
+                    'no',
                 ]);
 
                 $this->runLoginTest($runner, 'userEmail', true, 'App\\Entity\\User', true);
@@ -266,6 +276,68 @@ public function getTestDetails(): \Generator
                 );
             }),
         ];
+
+        yield 'auth_login_form_remember_me_via_checkbox' => [$this->createMakerTest()
+            ->addExtraDependencies('doctrine', 'twig', 'symfony/form')
+            ->run(function (MakerTestRunner $runner) {
+                $this->makeUser($runner, 'userEmail');
+
+                $output = $runner->runMaker([
+                    // authenticator type => login-form
+                    1,
+                    // class name
+                    'AppCustomAuthenticator',
+                    // controller name
+                    'SecurityController',
+                    // logout support
+                    'yes',
+                    // remember me support => yes
+                    'yes',
+                    // remember me type => checkbox
+                    0,
+                ]);
+
+                $this->runLoginTest($runner, 'userEmail');
+
+                $this->assertStringContainsString('Success', $output);
+                $seucrityConfig = $runner->readYaml('config/packages/security.yaml');
+                $firewallMain = $seucrityConfig['security']['firewalls']['main'];
+
+                $this->assertEquals('%kernel.secret%', $firewallMain['remember_me']['secret']);
+                $this->assertEquals('604800', $firewallMain['remember_me']['lifetime']);
+            }),
+        ];
+
+        yield 'auth_login_form_always_remember_me' => [$this->createMakerTest()
+            ->addExtraDependencies('doctrine', 'twig', 'symfony/form')
+            ->run(function (MakerTestRunner $runner) {
+                $this->makeUser($runner, 'userEmail');
+
+                $output = $runner->runMaker([
+                    // authenticator type => login-form
+                    1,
+                    // class name
+                    'AppCustomAuthenticator',
+                    // controller name
+                    'SecurityController',
+                    // logout support
+                    'yes',
+                    // remember me support => yes
+                    'yes',
+                    // remember me type => always
+                    1,
+                ]);
+
+                $this->runLoginTest($runner, 'userEmail');
+
+                $this->assertStringContainsString('Success', $output);
+                $seucrityConfig = $runner->readYaml('config/packages/security.yaml');
+                $firewallMain = $seucrityConfig['security']['firewalls']['main'];
+
+                $this->assertEquals('%kernel.secret%', $firewallMain['remember_me']['secret']);
+                $this->assertTrue($firewallMain['remember_me']['always_remember_me']);
+            }),
+        ];
     }
 
     private function runLoginTest(MakerTestRunner $runner, string $userIdentifier, bool $isEntity = true, string $userClass = 'App\\Entity\\User', bool $testLogin = false): void
diff --git a/tests/Security/SecurityConfigUpdaterTest.php b/tests/Security/SecurityConfigUpdaterTest.php
index f84cbce92..a7076915c 100644
--- a/tests/Security/SecurityConfigUpdaterTest.php
+++ b/tests/Security/SecurityConfigUpdaterTest.php
@@ -104,14 +104,14 @@ public function getUserClassTests(): \Generator
     /**
      * @dataProvider getAuthenticatorTests
      */
-    public function testUpdateForAuthenticator(string $firewallName, $entryPoint, string $expectedSourceFilename, string $startingSourceFilename, bool $logoutSetup): void
+    public function testUpdateForAuthenticator(string $firewallName, $entryPoint, string $expectedSourceFilename, string $startingSourceFilename, bool $logoutSetup, bool $supportRememberMe, bool $alwaysRememberMe): void
     {
         $this->createLogger();
 
         $updater = new SecurityConfigUpdater($this->ysmLogger);
-        $source = $this->getYamlSource($startingSourceFilename);
-        $actualSource = $updater->updateForAuthenticator($source, $firewallName, $entryPoint, 'App\\Security\\AppCustomAuthenticator', $logoutSetup);
-        $expectedSource = $this->getExpectedYaml('expected_authenticator', $expectedSourceFilename);
+        $source = file_get_contents(__DIR__.'/yaml_fixtures/source/'.$startingSourceFilename);
+        $actualSource = $updater->updateForAuthenticator($source, $firewallName, $entryPoint, 'App\\Security\\AppCustomAuthenticator', $logoutSetup, $supportRememberMe, $alwaysRememberMe);
+        $expectedSource = file_get_contents(__DIR__.'/yaml_fixtures/expected_authenticator/'.$expectedSourceFilename);
 
         $this->assertSame($expectedSource, $actualSource);
     }
@@ -124,6 +124,8 @@ public function getAuthenticatorTests(): \Generator
             'empty_source.yaml',
             'empty_security.yaml',
             false,
+            false,
+            false,
         ];
 
         yield 'simple_security' => [
@@ -132,6 +134,8 @@ public function getAuthenticatorTests(): \Generator
             'simple_security_source.yaml',
             'simple_security.yaml',
             false,
+            false,
+            false,
         ];
 
         yield 'simple_security_with_firewalls' => [
@@ -140,6 +144,8 @@ public function getAuthenticatorTests(): \Generator
             'simple_security_with_firewalls.yaml',
             'simple_security_with_firewalls.yaml',
             false,
+            false,
+            false,
         ];
 
         yield 'simple_security_with_firewalls_and_authenticator' => [
@@ -148,6 +154,8 @@ public function getAuthenticatorTests(): \Generator
             'simple_security_with_firewalls_and_authenticator.yaml',
             'simple_security_with_firewalls_and_authenticator.yaml',
             false,
+            false,
+            false,
         ];
 
         yield 'simple_security_with_firewalls_and_logout' => [
@@ -156,6 +164,8 @@ public function getAuthenticatorTests(): \Generator
             'simple_security_with_firewalls_and_logout.yaml',
             'simple_security_with_firewalls_and_logout.yaml',
             true,
+            false,
+            false,
         ];
 
         yield 'security_52_with_multiple_authenticators' => [
@@ -164,6 +174,28 @@ public function getAuthenticatorTests(): \Generator
             'multiple_authenticators.yaml',
             'multiple_authenticators.yaml',
             false,
+            false,
+            false,
+        ];
+
+        yield 'simple_security_with_firewalls_and_remember_me_checkbox' => [
+            'main',
+            null,
+            'simple_security_with_firewalls_and_remember_me_checkbox.yaml',
+            'simple_security.yaml',
+            false,
+            true,
+            false,
+        ];
+
+        yield 'simple_security_with_firewalls_and_always_remember_me' => [
+            'main',
+            null,
+            'simple_security_with_firewalls_and_always_remember_me.yaml',
+            'simple_security.yaml',
+            false,
+            true,
+            true,
         ];
     }
 
diff --git a/tests/Security/yaml_fixtures/expected_authenticator/simple_security_with_firewalls_and_always_remember_me.yaml b/tests/Security/yaml_fixtures/expected_authenticator/simple_security_with_firewalls_and_always_remember_me.yaml
new file mode 100644
index 000000000..e0400b048
--- /dev/null
+++ b/tests/Security/yaml_fixtures/expected_authenticator/simple_security_with_firewalls_and_always_remember_me.yaml
@@ -0,0 +1,18 @@
+security:
+    enable_authenticator_manager: true
+
+    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
+    providers:
+        in_memory: { memory: ~ }
+
+    firewalls:
+        dev: ~
+        main:
+            lazy: true
+            custom_authenticator: App\Security\AppCustomAuthenticator
+
+            remember_me:
+                secret: '%kernel.secret%'
+                lifetime: 604800
+                path: /
+                always_remember_me: true
diff --git a/tests/Security/yaml_fixtures/expected_authenticator/simple_security_with_firewalls_and_remember_me_checkbox.yaml b/tests/Security/yaml_fixtures/expected_authenticator/simple_security_with_firewalls_and_remember_me_checkbox.yaml
new file mode 100644
index 000000000..55f1d38be
--- /dev/null
+++ b/tests/Security/yaml_fixtures/expected_authenticator/simple_security_with_firewalls_and_remember_me_checkbox.yaml
@@ -0,0 +1,20 @@
+security:
+    enable_authenticator_manager: true
+
+    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
+    providers:
+        in_memory: { memory: ~ }
+
+    firewalls:
+        dev: ~
+        main:
+            lazy: true
+            custom_authenticator: App\Security\AppCustomAuthenticator
+
+            remember_me:
+                secret: '%kernel.secret%'
+                lifetime: 604800
+                path: /
+                # by default, the feature is enabled by checking a checkbox in the
+                # login form, uncomment the following line to always enable it.
+                #always_remember_me: true