README update

Author: adeadedoja

README.md

@@ -0,0 +1,44 @@
+# SocialPlaces Server
+
+Symfony 4 Contacts example app with RESTFUL API
+
+## Features
+
+1. User can add new contacts
+2. Users can view contact list
+3. API accepts new contact
+
+## Getting Started
+
+  1. `git clone https://github.com/adeadedoja/dami-social-places-server.git`
+  2. `cd dami-social-places-server`
+  3. `composer install`
+  4. `php bin/console doctrine:migrations:migrate`
+  5. `create a new database`
+  5. `set up env variables`
+  6. `php bin/console server:run`
+  7. `npm install to install dependencies`
+  8. `run 'gulp default'`
+
+The above will get you a copy of the project up and running on your local machine for development and testing purposes.
+
+## Dependencies
+
+  1. [MYSQL]
+  2. [PHP]
+  3. [Gulp]
+
+## API Endpoints
+
+
+| EndPoint                                |   Functionality                      |
+| --------------------------------------- | ------------------------------------:|
+| POST /api/contact/store                 | Store a new contact                  |
+
+## Responses
+
+The API responds with JSON data by default.
+
+## License
+
+This project is licensed under the MIT License - see the [LICENSE.md](https://opensource.org/licenses/MIT) file for details

composer.json

@@ -5,8 +5,10 @@
         "php": "^7.1.3",
         "ext-ctype": "*",
         "ext-iconv": "*",
+        "google/recaptcha": "1.2",
         "nelmio/cors-bundle": "^1.5",
         "sensio/framework-extra-bundle": "^5.2",
+        "symfony/apache-pack": "^1.0",
         "symfony/asset": "*",
         "symfony/console": "*",
         "symfony/expression-language": "*",

composer.lock

@@ -2,3 +2,5 @@ twig:
     paths: ['%kernel.project_dir%/templates']
     debug: '%kernel.debug%'
     strict_variables: '%kernel.debug%'
+    globals:
+        google_sitekey: '%env(GOOGLE_SITEKEY)%'

config/packages/twig.yaml

@@ -0,0 +1,68 @@
+# Use the front controller as index file. It serves as a fallback solution when
+# every other rewrite/redirect fails (e.g. in an aliased environment without
+# mod_rewrite). Additionally, this reduces the matching process for the
+# start page (path "/") because otherwise Apache will apply the rewriting rules
+# to each configured DirectoryIndex file (e.g. index.php, index.html, index.pl).
+DirectoryIndex index.php
+
+# By default, Apache does not evaluate symbolic links if you did not enable this
+# feature in your server configuration. Uncomment the following line if you
+# install assets as symlinks or if you experience problems related to symlinks
+# when compiling LESS/Sass/CoffeScript assets.
+# Options FollowSymlinks
+
+# Disabling MultiViews prevents unwanted negotiation, e.g. "/index" should not resolve
+# to the front controller "/index.php" but be rewritten to "/index.php/index".
+<IfModule mod_negotiation.c>
+    Options -MultiViews
+</IfModule>
+
+<IfModule mod_rewrite.c>
+    RewriteEngine On
+
+    # Determine the RewriteBase automatically and set it as environment variable.
+    # If you are using Apache aliases to do mass virtual hosting or installed the
+    # project in a subdirectory, the base path will be prepended to allow proper
+    # resolution of the index.php file and to redirect to the correct URI. It will
+    # work in environments without path prefix as well, providing a safe, one-size
+    # fits all solution. But as you do not need it in this case, you can comment
+    # the following 2 lines to eliminate the overhead.
+    RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
+    RewriteRule ^(.*) - [E=BASE:%1]
+
+    # Sets the HTTP_AUTHORIZATION header removed by Apache
+    RewriteCond %{HTTP:Authorization} .
+    RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+
+    # Redirect to URI without front controller to prevent duplicate content
+    # (with and without `/index.php`). Only do this redirect on the initial
+    # rewrite by Apache and not on subsequent cycles. Otherwise we would get an
+    # endless redirect loop (request -> rewrite to front controller ->
+    # redirect -> request -> ...).
+    # So in case you get a "too many redirects" error or you always get redirected
+    # to the start page because your Apache does not expose the REDIRECT_STATUS
+    # environment variable, you have 2 choices:
+    # - disable this feature by commenting the following 2 lines or
+    # - use Apache >= 2.3.9 and replace all L flags by END flags and remove the
+    #   following RewriteCond (best solution)
+    RewriteCond %{ENV:REDIRECT_STATUS} ^$
+    RewriteRule ^index\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]
+
+    # If the requested filename exists, simply serve it.
+    # We only want to let Apache serve files and not directories.
+    RewriteCond %{REQUEST_FILENAME} -f
+    RewriteRule ^ - [L]
+
+    # Rewrite all other queries to the front controller.
+    RewriteRule ^ %{ENV:BASE}/index.php [L]
+</IfModule>
+
+<IfModule !mod_rewrite.c>
+    <IfModule mod_alias.c>
+        # When mod_rewrite is not available, we instruct a temporary redirect of
+        # the start page to the front controller explicitly so that the website
+        # and the generated links can still be used.
+        RedirectMatch 307 ^/$ /index.php/
+        # RedirectTemp cannot be used instead
+    </IfModule>
+</IfModule>

public/.htaccess

@@ -10,6 +10,7 @@
 use Symfony\Component\Form\Extension\Core\Type\TextareaType;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\Routing\Annotation\Route;
+use ReCaptcha\ReCaptcha; 
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\Validator\Validator\ValidatorInterface;
 
@@ -34,9 +35,21 @@ public function index(Request $request, ValidatorInterface $validator, MailContr
 
         $form->handleRequest($request);
 
-        //checks if submitted and valid
-        if ($form->isSubmitted() && $form->isValid()) {
+        
 
+        //checks if submitted and valid
+        if ($form->isSubmitted() && $form->isValid()){
+            
+            //captcha check
+            if (!$this->captchaverify($request)){
+                $this->addFlash(
+                        'error-flash',
+                        'Captcha Required'
+                    ); 
+                return $this->render('contact/index.html.twig', [
+                    'form' => $form->createView(),
+                ]);
+            }
             //checks errors in object
             $errors = $validator->validate($form);
 
@@ -55,15 +68,17 @@ public function index(Request $request, ValidatorInterface $validator, MailContr
             $entityManager->flush();
 
             //call sendMail method to send mail
-            $mailController->sendMail($contact->getName(), $contact->getEmail());
+            $mailController->sendMail($contact->getName(), $contact->getEmail(),'confirm');
+            //call sendMail method to send mail to admin to alert of new contact
+            $mailController->sendMail('admin', getenv('MAIL_ADMIN'),'contact-alert');
 
             return $this->render('contact/success.html.twig', [
                 'name' => ucfirst($contact->getName()),
             ]);
         }
 
         return $this->render('contact/index.html.twig', [
-             'form' => $form->createView(),
+             'form' => $form->createView()
         ]);
     }
 
@@ -78,4 +93,11 @@ public function contacts()
             'contacts' => $contacts,
         ]);
     }
+
+    # get success response from recaptcha and return it to controller
+    public function captchaverify($request){
+        $recaptcha = new ReCaptcha(getenv('GOOGLE_SECRET'));
+        $resp = $recaptcha->verify($request->request->get('g-recaptcha-response'), $request->getClientIp());
+        return $resp->isSuccess();
+    }
 }

social-places-server.zip

@@ -41,8 +41,10 @@ public function store(MailController $mailController, ApiController $apiControll
         $em->persist($contact);
         $em->flush();
 
-        //call sendMail method to send mail
-        $mailController->sendMail($data['name'], $data['email']);
+        //call sendMail method to send mail to client to confirm
+        $mailController->sendMail($data['name'], $data['email'],'confirm');
+        //call sendMail method to send mail to admin to alert of new contact
+        $mailController->sendMail('admin', getenv('MAIL_ADMIN'),'contact-alert');
 
         //return name for display
         return $apiController->respond([

src/Controller/ContactController.php

@@ -14,22 +14,30 @@ class MailController extends AbstractController
      * @param array $recipient
      *
      */
-    public function sendMail($name, $recipient)
+    public function sendMail($name, $recipient, $type)
     {
+        if($type == 'confirm'){
+            $view = 'contact-confirmation';
+            $subject = getenv('MAIL_SUBJECT');
+        }elseif($type == 'contact-alert'){
+            $view = 'contact-alert';
+            $subject = 'You Got a New Contact';
+        }
+        $url =  getenv('BASE_URL')."/contacts";
         // Create the Transport
         $transport = (new \Swift_SmtpTransport(getenv('MAIL_HOST'), getenv('MAIL_PORT'),getenv('MAIL_ENCRYPTION')))->setUsername(getenv('MAIL_USERNAME'))->setPassword(getenv('MAIL_PASSWORD'));
 
         // Create the Mailer using your created Transport
         $mailer = new \Swift_Mailer($transport);
 
         // Create a message
-        $message = (new \Swift_Message(getenv('MAIL_SUBJECT')))
-        ->setFrom(array(getenv('MAIL_SUBJECT') => getenv('MAIL_FROM')))
+        $message = (new \Swift_Message($subject))
+        ->setFrom(array(getenv('MAIL_USERNAME') => getenv('MAIL_FROM')))
         ->setTo(array($recipient => $name))
         ->setBody(
                         $this->renderView(
-                            "emails/contact-confirmation.html.twig",
-                            array('name' => ucfirst($name), 'year' => date('Y'))
+                            "emails/".$view.".html.twig",
+                            array('name' => ucfirst($name), 'year' => date('Y'), 'url' => $url)
                         ),
                         'text/html'
                     );

src/Dami/SocialPlacesBundle/Controller/ContactController.php

@@ -137,6 +137,15 @@
     "swiftmailer/swiftmailer": {
         "version": "v6.1.2"
     },
+    "symfony/apache-pack": {
+        "version": "1.0",
+        "recipe": {
+            "repo": "github.com/symfony/recipes-contrib",
+            "branch": "master",
+            "version": "1.0",
+            "ref": "c82bead70f9a4f656354a193df7bf0ca2114efa0"
+        }
+    },
     "symfony/asset": {
         "version": "v4.1.3"
     },