]> Raphaƫl G. Git Repositories - userbundle/blobdiff - Resources/config/routes/rapsys_user.yaml
Remove mail and hash possible leak from failure_path context
[userbundle] / Resources / config / routes / rapsys_user.yaml
index 3fbe262df21dd523e73b9f8990db818c9c5408c5..304077065595e1b3f333232c2011987c9b170d03 100644 (file)
@@ -1,14 +1,28 @@
 rapsys_user_confirm:
 rapsys_user_confirm:
-    path: /confirm/{mail}/{hash}
-    controller: Rapsys\UserBundle\Controller\DefaultController::registerMail
+    path: /confirm/{hash}/{mail}
+    controller: Rapsys\UserBundle\Controller\UserController::registerMail
     requirements:
     requirements:
+        hash: '[a-zA-Z0-9=_-]+'
         mail: '[a-zA-Z0-9=_-]+'
         mail: '[a-zA-Z0-9=_-]+'
+    methods: GET|POST
+
+rapsys_user_edit:
+    path: /user/{hash}/{mail}
+    controller: Rapsys\UserBundle\Controller\UserController::edit
+    requirements:
         hash: '[a-zA-Z0-9=_-]+'
         hash: '[a-zA-Z0-9=_-]+'
+        mail: '[a-zA-Z0-9=_-]+'
     methods: GET|POST
 
 rapsys_user_login:
     methods: GET|POST
 
 rapsys_user_login:
-    path: /login
-    controller: Rapsys\UserBundle\Controller\DefaultController::login
+    path: /login/{hash}/{mail}
+    controller: Rapsys\UserBundle\Controller\UserController::login
+    defaults:
+        hash: ~
+        mail: ~
+    requirements:
+        hash: '[a-zA-Z0-9=_-]+'
+        mail: '[a-zA-Z0-9=_-]+'
     methods: GET|POST
 
 rapsys_user_logout:
     methods: GET|POST
 
 rapsys_user_logout:
@@ -16,36 +30,24 @@ rapsys_user_logout:
     methods: GET
 
 rapsys_user_recover:
     methods: GET
 
 rapsys_user_recover:
-    path: /recover/{mail}/pass/{hash}
-    controller: Rapsys\UserBundle\Controller\DefaultController::recover
+    path: /recover/{hash}/{pass}/{mail}
+    controller: Rapsys\UserBundle\Controller\UserController::recover
     defaults:
     defaults:
-        mail: ~
-        pass: ~
         hash: ~
         hash: ~
+        pass: ~
+        mail: ~
     requirements:
     requirements:
-        mail: '[a-zA-Z0-9=_-]+'
-        pass: '[a-zA-Z0-9=_-]+'
         hash: '[a-zA-Z0-9=_-]+'
         hash: '[a-zA-Z0-9=_-]+'
+        pass: '[a-zA-Z0-9=_-]+'
+        mail: '[a-zA-Z0-9=_-]+'
     methods: GET|POST
 
 rapsys_user_register:
     methods: GET|POST
 
 rapsys_user_register:
-    path: /register/{fields}/{hash}
-    controller: Rapsys\UserBundle\Controller\DefaultController::register
-    defaults:
-        fields: ~
-        hash: ~
-    requirements:
-        fields: '[a-zA-Z0-9=_-]+'
-        hash: '[a-zA-Z0-9=_-]+'
-    methods: GET|POST
-
-rapsys_user_edit:
-    path: /user/{mail}
-    controller: Rapsys\UserBundle\Controller\DefaultController::edit
-    requirements:
-        mail: '[a-zA-Z0-9=_-]+'
+    path: /register
+    controller: Rapsys\UserBundle\Controller\UserController::register
     methods: GET|POST
 
     methods: GET|POST
 
-rapsys_user_index:
+rapsys_user:
     path: /
     path: /
+    controller: Rapsys\UserBundle\Controller\UserController::index
     methods: GET
     methods: GET