Merge pull request #6 from dmitrijs-voronovs/account-confrmation-feature

alfredsgenkins · web-flow · commit b941d4a83c44 · 2020-03-19T17:25:42.000+02:00
Email confirmation
diff --git a/README.md b/README.md
@@ -54,20 +54,18 @@ mutation ResetPassword(
 
 ### Mutation `confirmCustomerEmail`
 
-> ⚠️ This is not tested but implemented !!! ⚠️
-
 Here is an example use of it:
 
 ```graphql
 mutation ConfirmCustomerEmail(
     $password: String!
     $key: String!
-    $id: String!
+    $email: String!
 ) {
     confirmCustomerEmail(
         password: $password
         key: $key
-        id: $id
+        email: $email
     ) {
         status
         token
@@ -99,7 +97,7 @@ The variables for input above might look like:
 ```json
 {
     "key": "0129309912",
-    "id": "0000000000",
+    "email": "alfreds+valid12@gmail.com",
     "password": "Testing123_"
 }
 ```
diff --git a/src/Model/Customer/ExtractCustomerData.php b/src/Model/Customer/ExtractCustomerData.php
@@ -0,0 +1,82 @@
+<?php
+/**
+ * ScandiPWA - Progressive Web App for Magento
+ *
+ * Copyright © Scandiweb, Inc. All rights reserved.
+ * See LICENSE for license details.
+ *
+ * @license OSL-3.0 (Open Software License ("OSL") v. 3.0)
+ * @package scandipwa/module-customer-graph-ql
+ * @link https://github.com/scandipwa/module-customer-graph-ql
+ */
+declare(strict_types=1);
+
+namespace ScandiPWA\CustomerGraphQl\Model\Customer;
+
+use Magento\Customer\Api\Data\CustomerInterface;
+use Magento\Customer\Model\AccountConfirmation;
+use Magento\Framework\App\Config\ScopeConfigInterface;
+use Magento\Framework\Exception\LocalizedException;
+use Magento\Framework\Serialize\SerializerInterface;
+use Magento\Framework\Webapi\ServiceOutputProcessor;
+use Magento\Store\Model\ScopeInterface;
+
+/**
+ * Transform single customer data from object to in array format
+ */
+class ExtractCustomerData extends \Magento\CustomerGraphQl\Model\Customer\ExtractCustomerData
+{
+    /**
+     * @var ScopeConfigInterface
+     */
+    private $scopeConfig;
+
+    /**
+     * @var ServiceOutputProcessor
+     */
+    private $serviceOutputProcessor;
+
+    /**
+     * @var SerializerInterface
+     */
+    private $serializer;
+
+    /**
+     * @param ServiceOutputProcessor $serviceOutputProcessor
+     * @param ScopeConfigInterface $scopeConfig
+     * @param SerializerInterface $serializer
+     */
+    public function __construct(
+        ServiceOutputProcessor $serviceOutputProcessor,
+        ScopeConfigInterface $scopeConfig,
+        SerializerInterface $serializer
+    ) {
+        parent::__construct(
+            $serviceOutputProcessor,
+            $serializer
+        );
+        $this->scopeConfig = $scopeConfig;
+    }
+
+    /**
+     * Transform single customer data from object to in array format
+     *
+     * @param CustomerInterface $customer
+     * @return array
+     * @throws LocalizedException
+     */
+    public function execute(CustomerInterface $customer): array
+    {
+        $customerData = parent::execute($customer);
+
+        $isConfirmationRequired =  $this->scopeConfig->isSetFlag(
+            AccountConfirmation::XML_PATH_IS_CONFIRM,
+            ScopeInterface::SCOPE_WEBSITES,
+            $customer->getStoreId()
+        );
+
+        $customerData['confirmation_required'] = $isConfirmationRequired;
+
+        return $customerData;
+    }
+}
diff --git a/src/Model/Customer/GetCustomer.php b/src/Model/Customer/GetCustomer.php
@@ -0,0 +1,108 @@
+<?php
+/**
+ * ScandiPWA - Progressive Web App for Magento
+ *
+ * Copyright © Scandiweb, Inc. All rights reserved.
+ * See LICENSE for license details.
+ *
+ * @license OSL-3.0 (Open Software License ("OSL") v. 3.0)
+ * @package scandipwa/module-customer-graph-ql
+ * @link https://github.com/scandipwa/module-customer-graph-ql
+ */
+declare(strict_types=1);
+
+namespace ScandiPWA\CustomerGraphQl\Model\Customer;
+
+use Magento\Authorization\Model\UserContextInterface;
+use Magento\Customer\Api\AccountManagementInterface;
+use Magento\Customer\Api\CustomerRepositoryInterface;
+use Magento\Customer\Api\Data\CustomerInterface;
+use Magento\Customer\Model\AuthenticationInterface;
+use Magento\Framework\Exception\LocalizedException;
+use Magento\Framework\Exception\NoSuchEntityException;
+use Magento\Framework\GraphQl\Exception\GraphQlAuthenticationException;
+use Magento\Framework\GraphQl\Exception\GraphQlAuthorizationException;
+use Magento\Framework\GraphQl\Exception\GraphQlInputException;
+use Magento\Framework\GraphQl\Exception\GraphQlNoSuchEntityException;
+use Magento\GraphQl\Model\Query\ContextInterface;
+
+/**
+ * Get customer
+ */
+class GetCustomer extends \Magento\CustomerGraphQl\Model\Customer\GetCustomer
+{
+    /**
+     * @var AuthenticationInterface
+     */
+    private $authentication;
+
+    /**
+     * @var CustomerRepositoryInterface
+     */
+    private $customerRepository;
+
+    /**
+     * @var AccountManagementInterface
+     */
+    private $accountManagement;
+
+    /**
+     * @param AuthenticationInterface $authentication
+     * @param CustomerRepositoryInterface $customerRepository
+     * @param AccountManagementInterface $accountManagement
+     */
+    public function __construct(
+        AuthenticationInterface $authentication,
+        CustomerRepositoryInterface $customerRepository,
+        AccountManagementInterface $accountManagement
+    ) {
+        $this->authentication = $authentication;
+        $this->customerRepository = $customerRepository;
+        $this->accountManagement = $accountManagement;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function execute(ContextInterface $context): CustomerInterface
+    {
+        $currentUserId = $context->getUserId();
+        $currentUserType = $context->getUserType();
+
+        if ($this->isUserGuest($currentUserId, $currentUserType) === true) {
+            throw new GraphQlAuthorizationException(__('The current customer isn\'t authorized.'));
+        }
+
+        try {
+            $customer = $this->customerRepository->getById($currentUserId);
+        } catch (NoSuchEntityException $e) {
+            throw new GraphQlNoSuchEntityException(
+                __('Customer with id "%customer_id" does not exist.', ['customer_id' => $currentUserId]),
+                $e
+            );
+        } catch (LocalizedException $e) {
+            throw new GraphQlInputException(__($e->getMessage()));
+        }
+
+        if (true === $this->authentication->isLocked($currentUserId)) {
+            throw new GraphQlAuthenticationException(__('The account is locked.'));
+        }
+
+        return $customer;
+    }
+
+    /**
+     * Checking if current customer is guest
+     *
+     * @param int|null $customerId
+     * @param int|null $customerType
+     * @return bool
+     */
+    protected function isUserGuest(?int $customerId, ?int $customerType): bool
+    {
+        if (null === $customerId || null === $customerType) {
+            return true;
+        }
+        return 0 === (int)$customerId || (int)$customerType === UserContextInterface::USER_TYPE_GUEST;
+    }
+}
diff --git a/src/Model/Resolver/ConfirmEmail.php b/src/Model/Resolver/ConfirmEmail.php
@@ -22,10 +22,18 @@
 use Magento\Customer\Api\AccountManagementInterface;
 use Magento\Customer\Api\CustomerRepositoryInterface;
 use Magento\Integration\Api\CustomerTokenServiceInterface;
+use Magento\Framework\Encryption\EncryptorInterface as Encryptor;
+use Magento\Customer\Model\AuthenticationInterface;
+use Magento\Customer\Model\CustomerRegistry;
 
 class ConfirmEmail implements ResolverInterface {
     const STATUS_TOKEN_EXPIRED = 'token_expired';
 
+    /**
+     * @var AuthenticationInterface
+     */
+    private $authentication;
+
     /**
      * @var Session
      */
@@ -46,24 +54,42 @@ class ConfirmEmail implements ResolverInterface {
      */
     protected $customerTokenService;
 
+    /**
+     * @var Encryptor
+     */
+    protected $encryptor;
+
+    /**
+     * @var CustomerRegistry
+     */
+    protected $customerRegistry;
+
     /**
      * ConfirmEmail constructor.
+     * @param AuthenticationInterface $authentication
      * @param Session $customerSession
      * @param AccountManagementInterface $customerAccountManagement
      * @param CustomerRepositoryInterface $customerRepository
      * @param CustomerTokenServiceInterface $customerTokenService
-     * @param CustomerDataProvider $customerDataProvider
+     * @param Encryptor $encryptor
+     * @param CustomerRegistry $customerRegistry
      */
     public function __construct(
+        AuthenticationInterface $authentication,
         Session $customerSession,
         AccountManagementInterface $customerAccountManagement,
         CustomerRepositoryInterface $customerRepository,
-        CustomerTokenServiceInterface $customerTokenService
+        CustomerTokenServiceInterface $customerTokenService,
+        Encryptor $encryptor,
+        CustomerRegistry $customerRegistry
     ) {
+        $this->authentication = $authentication;
         $this->customerTokenService = $customerTokenService;
         $this->session = $customerSession;
         $this->customerAccountManagement = $customerAccountManagement;
         $this->customerRepository = $customerRepository;
+        $this->encryptor = $encryptor;
+        $this->customerRegistry = $customerRegistry;
     }
 
     /**
@@ -78,26 +104,31 @@ public function resolve(
     )
     {
         if ($this->session->isLoggedIn()) {
-            return [ 'status' => AccountManagementInterface::ACCOUNT_CONFIRMATION_NOT_REQUIRED ];
+            $this->session->logOut();
         }
 
         try {
-            $customerId = $args['id'];
+            $customerEmail = $args['email'];
             $key = $args['key'];
             $password = $args['password'];
 
-            $customerEmail = $this->customerRepository->getById($customerId)->getEmail();
-            $customer = $this->customerAccountManagement->activate($customerEmail, $key);
-            $this->session->setCustomerDataAsLoggedIn($customer);
-            $token = $this->customerTokenService->createCustomerAccessToken($customer->getEmail(), $password);
+            $id = $this->customerRepository->get($customerEmail)->getId();
+            $currentPasswordHash = $this->customerRegistry->retrieveSecureData($id)->getPasswordHash();
+
+            if ($this->encryptor->validateHash($password, $currentPasswordHash)) {
+                $customer = $this->customerAccountManagement->activate($customerEmail, $key);
 
-            return [
-                'customer' => $this->customerRepository->getById((int)$customer->getId()),
-                'status' => AccountManagementInterface::ACCOUNT_CONFIRMED,
-                'token' => $token
-            ];
+                $this->session->setCustomerDataAsLoggedIn($customer);
+                $token = $this->customerTokenService->createCustomerAccessToken($customerEmail, $password);
+                return [
+                    'status' => AccountManagementInterface::ACCOUNT_CONFIRMED,
+                    'token' => $token
+                ];
+            } else {
+                throw new GraphQlInputException(__('Password is incorrect'));
+            }
         } catch (StateException $e) {
-            return [ 'status' => self::STATUS_TOKEN_EXPIRED ];
+            return ['status' => self::STATUS_TOKEN_EXPIRED];
         } catch (\Exception $e) {
             throw new GraphQlInputException(__('There was an error confirming the account'), $e);
         }
diff --git a/src/etc/di.xml b/src/etc/di.xml
@@ -10,6 +10,10 @@
  */
 -->
 <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd">
+    <preference for="Magento\CustomerGraphQl\Model\Customer\ExtractCustomerData"
+                type="ScandiPWA\CustomerGraphQl\Model\Customer\ExtractCustomerData"/>
+    <preference for="Magento\CustomerGraphQl\Model\Customer\GetCustomer"
+                type="ScandiPWA\CustomerGraphQl\Model\Customer\GetCustomer"/>
     <preference for="Magento\CustomerGraphQl\Model\Resolver\GenerateCustomerToken"
                 type="ScandiPWA\CustomerGraphQl\Model\Resolver\GenerateCustomerToken"/>
 </config>
diff --git a/src/etc/email_templates.xml b/src/etc/email_templates.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0"?>
+<!--
+/**
+ * ScandiPWA - Progressive Web App for Magento
+ *
+ * Copyright © Scandiweb, Inc. All rights reserved.
+ * See LICENSE for license details.
+ *
+ * @license OSL-3.0 (Open Software License ("OSL") v. 3.0)
+ * @package scandipwa/module-customer-graph-ql
+ * @link https://github.com/scandipwa/module-customer-graph-ql
+ */
+-->
+<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Email:etc/email_templates.xsd">
+    <template id="customer_create_account_email_confirmation_template" label="New Account Confirmation Key" file="account_new_confirmation.html" type="html" module="ScandiPWA_CustomerGraphQl" area="frontend"/>
+    <template id="customer_create_account_email_confirmed_template" label="New Account Confirmed" file="account_new_confirmed.html" type="html" module="ScandiPWA_CustomerGraphQl" area="frontend"/>
+</config>
diff --git a/src/etc/schema.graphqls b/src/etc/schema.graphqls
@@ -12,8 +12,8 @@
 # See COPYING.txt for license details.
 
 type Mutation {
+    confirmCustomerEmail(key: String!, email: String!, password: String!): CreateCustomerType @resolver(class: "\\ScandiPWA\\CustomerGraphQl\\Model\\Resolver\\ConfirmEmail") @doc(description:"Confirm customer account")
     generateCustomerToken(email: String!, password: String!, guest_quote_id: String): CustomerToken @resolver(class: "\\ScandiPWA\\CustomerGraphQl\\Model\\Resolver\\GenerateCustomerToken") @doc(description:"Retrieve the customer token")
-    confirmCustomerEmail(key: String!, id: String!, password: String!): CreateCustomerType @resolver(class: "\\ScandiPWA\\CustomerGraphQl\\Model\\Resolver\\ConfirmEmail") @doc(description:"Confirm customer account")
     resendConfirmationEmail(email: String!): CustomerActionConfirmationType @resolver(class: "\\ScandiPWA\\CustomerGraphQl\\Model\\Resolver\\ResendConfirmationEmail") @doc(description:"Resend customer confirmation")
     forgotPassword(email: String!): CustomerActionConfirmationType @resolver(class: "\\ScandiPWA\\CustomerGraphQl\\Model\\Resolver\\ForgotPassword") @doc(description:"Resend customer confirmation")
     resetPassword(password: String!, token: String!, password_confirmation: String!): ResetPasswordType @resolver(class: "\\ScandiPWA\\CustomerGraphQl\\Model\\Resolver\\ResetPassword") @doc(description:"Resend customer confirmation")
@@ -37,3 +37,7 @@ type CreateCustomerType {
 type AvailabilityResponseType {
     isAvailable: Boolean
 }
+
+type Customer @doc(description: "Customer defines the customer name and address and other details") {
+    confirmation_required: Boolean @doc(description: "Email confirmation is required")
+}
diff --git a/src/view/frontend/email/account_new_confirmation.html b/src/view/frontend/email/account_new_confirmation.html
diff --git a/src/view/frontend/email/account_new_confirmed.html b/src/view/frontend/email/account_new_confirmed.html
