acrecio / angular-symfony Goto Github PK

Dear good morning

I have the following error

you have requested a non-existent service "fos_rest.serializer.jms" ??

is this for angular 1, 2, or 4?

Hi, first thanks for this wonderful angular-symfony template, i'm using it right now.
But i'm just wondering is it safe to save hashed password in cookies?

What was the purpose of using express for serving front-end? That additional layer appears to be unnecessary. Why front-end cannot be serve directly using httpd server?

I noticed that after the login the session lifetime is endless so the user will not be logged out after a specific idle time. I think this should be managed at client side because the rest endpoints are stateless and there is no server managed session. Do you have some ides for managing this? Could you help me out there? Thanks for this cool framework, n4uti.

In controller.js there should be return; statements after all $window.location = '#/login'; .Otherwise, the app will perform requests to secure urls for user, that is not even authenticated, which will result in 403 response.
PS. Guys, thank you for your work! :) It's very useful pice of code!

While using Math.floor( Math.random() * 1000 ) to calculate the seed for the next nonce i recognized a problem:

Math.floor( Math.random() * 1000 )
282
Math.floor( Math.random() * 1000 )
979
Math.floor( Math.random() * 1000 )
396
Math.floor( Math.random() * 1000 )
396

In fact its possible that the seed function returns the same value as before so the nonce calculation would result in the same string as before. The WsseProvider would throw new NonceExpiredException('Previously used nonce detected') and the WsseListener would catch this Exception and return a plain message to the client. This could also result in client JSON errors while it is expecting JSON data.

I would suggest to calculate the nonce string this way:

    tokenHandler.randomString = function(length) {
        var text = "";
        var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
        for(var i = 0; i < length; i++) {
            text += possible.charAt(Math.floor(Math.random() * possible.length));
        }
        return text;
    }

var nonce = tokenHandler.randomString(30);
var created = formatDate(new Date());
var hash = CryptoJS.SHA1(nonce + created + secret);
var digest = hash.toString(CryptoJS.enc.Base64);
var b64nonce = Base64.encode(nonce);
return 'UsernameToken Username="' + username + '", PasswordDigest="' + digest + '", Nonce="' + b64nonce + '", Created="' + created + '"';

Of course there are many ways to calculate, so this is only one suggestion provided by:
https://blog.nraboy.com/2015/03/create-a-random-nonce-string-using-javascript/

Thanks for the great work. Looking forward to see some solution for handling "session timeout" after idling some time to tell the client that the cookie data will be purged and the user has to login again.

is there a possibility to remove the crypto-js "feature"?

The app remains authenticated until page gets reloaded. After reload, the user has to be authenticated again.

Hi I followed the instructions in the readme, but I got an from the client container:

    client_1       | Could not find module "@angular-devkit/build-angular" from "/app".
    client_1       | Error: Could not find module "@angular-devkit/build-angular" from "/app".
    client_1       |     at Object.resolve (/usr/local/lib/node_modules/@angular/cli/node_modules/@angular-devkit/core/node/resolve.js:141:11)
    client_1       |     at Observable._subscribe (/usr/local/lib/node_modules/@angular/cli/node_modules/@angular-devkit/architect/src/architect-legacy.js:153:40)
    client_1       |     at Observable._trySubscribe (/usr/local/lib/node_modules/@angular/cli/node_modules/rxjs/internal/Observable.js:44:25)
    client_1       |     at Observable.subscribe (/usr/local/lib/node_modules/@angular/cli/node_modules/rxjs/internal/Observable.js:30:22)
    client_1       |     at /usr/local/lib/node_modules/@angular/cli/node_modules/rxjs/internal/Observable.js:99:19
    client_1       |     at new Promise (<anonymous>)
    client_1       |     at Observable.toPromise (/usr/local/lib/node_modules/@angular/cli/node_modules/rxjs/internal/Observable.js:97:16)
    client_1       |     at ServeCommand.initialize (/usr/local/lib/node_modules/@angular/cli/models/architect-command.js:67:96)
    client_1       |     at async ServeCommand.validateAndRun (/usr/local/lib/node_modules/@angular/cli/models/command.js:116:9)
    client_1       |     at async Object.runCommand (/usr/local/lib/node_modules/@angular/cli/models/command-runner.js:147:16)
    client_1       |     at async default_1 (/usr/local/lib/node_modules/@angular/cli/lib/cli/index.js:27:31)

My dirty workaround was to execute

npm install --save-dev @angular-devkit/build-angular

from the host inside the "back-end" folder

Hi,

First of all, thank you for sharing this very interesting example on angular and symfony.

I am actually trying to run this example on my machine (Ubuntu 16.04) on which I have LAMP up and running. Here, it is normal the port 3306 is being used by MySQL as shown by the command below:

$ netstat -pna | grep 3306
#(Not all processes could be identified, non-owned process info
# will not be shown, you would have to be root to see it all.)
#tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      - 

The error I am getting after typing $ docker-compose up -d is:

Starting dockerify_db_1
ERROR: driver failed programming external connectivity on endpoint dockerify_db_1 (aa5ef99767df6a36c59ff036e1386d41e504970dadb79bb9a326f86f8a1d47d2): Error starting userland proxy: listen tcp 0.0.0.0:3306: bind: address already in use

If I am well understanding the error, it is saying that there more than one application is using the port
3306 which is absolutely true. I tried to fix that by changing the ports in the [line 22] (https://github.com/FlyersWeb/angular-symfony/blob/master/dockerify/docker-compose.yml#L22) as follows 3307:3307

To solve the issue, I did the following:

• I deleted all the containers in my machine $ docker rm $(docker ps -a -q)
• I rebuilt the image by this command $ docker-compose build

but I still do have the same error !!!

Any idea to fix the issue?

Client:
 Version:      1.12.3
 API version:  1.24
 Go version:   go1.6.3
 Git commit:   6b644ec
 Built:        Wed Oct 26 22:01:48 2016
 OS/Arch:      linux/amd64

Server:
 Version:      1.12.3
 API version:  1.24
 Go version:   go1.6.3
 Git commit:   6b644ec
 Built:        Wed Oct 26 22:01:48 2016
 OS/Arch:      linux/amd64

Hi dears @FlyersWeb @isleshocky77 @lucacondotta @rodolfobandeira @vladapopster ,

I have already used docker-compose up -d to install all the required staff by the project.
Actually, I have these containers in my machine:

$ docker ps -a
CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS                     PORTS                                   NAMES
039c18dcab3a        nginx                   "nginx -g 'daemon off"   58 minutes ago      Up 16 minutes              443/tcp, 0.0.0.0:8080->80/tcp           dockerify_nginx-front_1
a445ab0ad5e2        dockerify_client        "npm start"              58 minutes ago      Exited (1) 3 minutes ago                                           dockerify_client_1
d255287d0f6a        nginx                   "nginx -g 'daemon off"   2 days ago          Up About an hour           80/tcp, 443/tcp, 0.0.0.0:81->8080/tcp   dockerify_nginx-back_1
82ec1b4a5bf3        dockerify_application   "php-fpm"                2 days ago          Up About an hour           9000/tcp                                dockerify_application_1
889ba2b8f8ff        mysql                   "docker-entrypoint.sh"   2 days ago          Up About an hour           0.0.0.0:3307->3306/tcp                  dockerify_db_1

In my opinion, I should open dockerify_nginx-back_1.... But, it did not worked as expected.
Actually, I am getting access to it all I am getting is:

<!doctype html>
<html lang="en" ng-app="myApp">
  <head>
    <meta charset="utf-8">
    <title>My AngularJS App</title>
  </head>
  <body>
  </body>
</html>

PS:

• I am getting the IP addresses of the container through the command docker inspect <container>
• I am getting access to the server through http://172.17.0.4:8080/

Thanks...

HI @ALL,

googlecode.com is returning a 404 for all crytojs files.

Is it a known issue??

Regards!

Hi I followed the instructions in the readme, but I got an error at

composer install 

within the container.

    PHP Fatal error:  Allowed memory size of 1610612736 bytes exhausted (tried to allocate 4096 bytes) in phar:///usr/local/bin/composer/src/Composer/DependencyResolver/Solver.php on line 223

    Fatal error: Allowed memory size of 1610612736 bytes exhausted (tried to allocate 4096 bytes) in phar:///usr/local/bin/composer/src/Composer/DependencyResolver/Solver.php on line 223

    Check https://getcomposer.org/doc/articles/troubleshooting.md#memory-limit-errors for more info on how to handle out of memory errors.

Setting
memory_limit = -1
in php.ini in the container might help, not sure where exactly, there isn no /etc/php...

My workaround was to execute "composer install" from the host inside the "back-end" folder

But then I got:

    Script cache:clear returned with error code 1
    !!  
    !!  In ArrayNode.php line 327:
    !!                                                                                 
    !!    Unrecognized options "dir_name, namespace" under "doctrine_migrations". Ava  
    !!    ilable options are "all_or_nothing", "check_database_platform", "connection  
    !!    ", "custom_template", "em", "factories", "migrations", "migrations_paths",   
    !!    "organize_migrations", "services", "storage".                                
    !!                                                                                 
    !!  
    !!  
    Script @auto-scripts was called via post-install-cmd

My workaround was to execute

    composer recipes:install --force -v
    composer install 

from the host inside the "back-end" folder

Hi I followed the instructions in the readme, but I got an error at

php bin/console doctrine:schema:create

saying:

    In ToolsException.php line 34:
                                                                                                                                                                                          
      Schema-Tool failed with Error 'An exception occurred in driver: SQLSTATE[HY000] [2002] Connection refused' while executing DDL: CREATE TABLE fos_user (id INT AUTO_INCREMENT NOT N  
      ULL, username VARCHAR(180) NOT NULL, username_canonical VARCHAR(180) NOT NULL, email VARCHAR(180) NOT NULL, email_canonical VARCHAR(180) NOT NULL, enabled TINYINT(1) NOT NULL, sa  
      lt VARCHAR(255) DEFAULT NULL, password VARCHAR(255) NOT NULL, last_login DATETIME DEFAULT NULL, confirmation_token VARCHAR(180) DEFAULT NULL, password_requested_at DATETIME DEFAU  
      LT NULL, roles LONGTEXT NOT NULL COMMENT '(DC2Type:array)', UNIQUE INDEX UNIQ_957A647992FC23A8 (username_canonical), UNIQUE INDEX UNIQ_957A6479A0D96FBF (email_canonical), UNIQUE   
      INDEX UNIQ_957A6479C05FB297 (confirmation_token), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8mb4 COLLATE `utf8mb4_unicode_ci` ENGINE = InnoDB                                       
                                                                                                                                                                                          

    In AbstractMySQLDriver.php line 112:
                                                                                  
      An exception occurred in driver: SQLSTATE[HY000] [2002] Connection refused  
                                                                                  

    In Exception.php line 18:
                                                 
      SQLSTATE[HY000] [2002] Connection refused  
                                                 

    In PDOConnection.php line 37:
                                                 
      SQLSTATE[HY000] [2002] Connection refused  

and (maybe related) when loading the fixtures

php bin/console doctrine:fixtures:load

I get

    In AbstractMySQLDriver.php line 112:
                                                                                  
      An exception occurred in driver: SQLSTATE[HY000] [2002] Connection refused  
                                                                                  

    In Exception.php line 18:
                                                 
      SQLSTATE[HY000] [2002] Connection refused  
                                                 

    In PDOConnection.php line 37:
                                                 
      SQLSTATE[HY000] [2002] Connection refused  

(DB container is running and accessible from host via port 5432)

I cloned the repository into /htdocs using MAMP. If I go through the commands listed in the readme I get the following errors:

1. Going to http://localhost:8888/angular-symfony/web/#/login or http://localhost:8888/angular-symfony/web/app_dev.php/#/login the js does not find the templates.
2. Playing around with the paths in app.js I will get /username/salt not defined.
3. Which symfony2 version do u used? "SecurityContextInterface" is deprecated at me (See WsseListener) UPDATE: version 2.6.x cleares this problem.

Do I missed some setup step?
U.I Symfony2 version 2.7.10

For demo purpose, password are stored as plaintext but I need to change this to use encryption (sha256 with seed)

Hi,

thanks for your code it is very helpful, but how can I do login myself? I see that the TokenHandler service has a private tokenWrapper function with getCredentials hadcoded admin and adminpass... In this video https://www.youtube.com/watch?v=br1EQck0wQ0 there is simple method of doing somethink similar, could you can extend your code about login functionality? it will be even better helpful :)

It looks like templateUrl in app.js does not recognize that the page is located in subdirectory.
I made an alias in Apache config to directory where my application is being developed:

Alias "/mysite" "E:/work/mysite/web"
<Directory "E:/work/mysite/web">
Options FollowSymLinks Indexes
AllowOverride All
</Directory>
But when I visit http://127.0.0.1/mysite firebug reports 404 error because script want to access http://127.0.0.1/bundles/app/partials/login.html which is wrong, because login.html should be accessed using http://127.0.0.1/mysite/bundles/app/partials/login.html

Was it intended? Do I have to enter prefix to the angular routing by myself?

For some reason, I had a hard time getting php and js side encoders agree to each other.

After change
security: encoders: FOS\UserBundle\Model\UserInterface: sha512
to
security: encoders: FOS\UserBundle\Model\UserInterface: algorithm: sha512 encode_as_base64: true iterations: 5000

Things start to work.

I think my symfony default setting somehow screwed up. But maybe it is a good idea to not rely on default setting and set the encoder details in security.yml.

Just want to highlight the issue I got, maybe helpful to others.

PS: Thanks for this project!

Hi,

I think there is a problem with your code.
The secret variable on the client side is in plain format, but on the server side the secret is encoded.

So the generated digest and the expected not the same.