src/Controller/Security/SecurityController.php line 83

Open in your IDE?
  1. <?php
  3. namespace App\Controller\Security;
  5. use App\Repository\TManagerRepository;
  6. use App\Utils\Globals;
  7. use App\Utils\ResponseMessage;
  8. use App\Entity\TManager;
  9. use App\Service\DefaultService;
  10. use Exception;
  11. use Swift_Mailer;
  12. use Swift_Message;
  13. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  14. use Symfony\Component\HttpFoundation\JsonResponse;
  15. use Symfony\Component\HttpFoundation\RedirectResponse;
  16. use Symfony\Component\Routing\Annotation\Route;
  17. use Symfony\Component\HttpFoundation\Response;
  18. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  19. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  20. use Symfony\Component\Security\Csrf\TokenStorage\TokenStorageInterface;
  21. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  22. use Transliterator;
  24. class SecurityController extends  AbstractController {
  25.     private Globals $globals;
  26.     private TManagerRepository $managerRepo;
  27.     public function __construct(Globals $globalsTManagerRepository $managerRepo)
  28.     {
  29.         $this->globals $globals;
  30.         $this->managerRepo $managerRepo;
  31.     }
  33.     /**
  34.      * @Route("/login", name="security_login")
  35.      * @param AuthenticationUtils $helper
  36.      * @return Response
  37.      */
  38.     public function login(AuthenticationUtils $helper){
  39.         return $this->render('security/login.html.twig', [
  40.             'last_username' => $helper->getLastUsername(),
  41.             'error' => $helper->getLastAuthenticationError(),
  42.         ]);
  43.     }
  45.     /**
  46.      * @Route("/checklogin", name="security_check_login")
  47.      * @param UserPasswordEncoderInterface $passwordEncoder
  48.      * @return JsonResponse
  49.      */
  50.     public function checklogin(UserPasswordEncoderInterface $passwordEncoder): JsonResponse
  51.     {
  52.         $data json_decode(file_get_contents('php://input'), false);
  53.         if (!isset($data->username$data->password))
  54.             return new JsonResponse(ResponseMessage::MSG_FORM_INVALID200);
  55.         $username $data->username;
  56.         $password $data->password;
  58.         $login $this->managerRepo->findOneBy(['username' => $username'active' =>  true]);
  59.         if (!$login)
  60.             $login $this->managerRepo->findBy(array('email' => $username'active' =>  true));
  61.         if (!$login)
  62.             return new JsonResponse(ResponseMessage::MSG_LOGIN_NOT_FOUND200);
  64.         if (!$passwordEncoder->isPasswordValid($login$password))
  65.             return new JsonResponse(ResponseMessage::MSG_PASSWORD_NOTMATCH200);
  66.         $this->authenticateUser($login);
  68.         return new JsonResponse(array('status' => 1'message' => ResponseMessage::MSG_SUCCESS'url' => $this->generateUrl('dashbord')), 200);
  69.     }
  71.     /**
  72.      * @Route("/logout", name="security_logout")
  73.      * @throws Exception
  74.      */
  75.     public function logout(): void {
  76.         throw new Exception('This should never be reached!');
  77.     }
  79.     /**
  80.      * @Route("/invitation/", name="invitation")
  81.      */
  82.     public function resetPassword(): Response {
  83.         return $this->render('security/password/invitation.html.twig');
  84.     }
  86.     /**
  87.      * @Route("/getinvitation/", name="getInvitation")
  88.      * @param Swift_Mailer $mailer
  89.      * @param TokenStorageInterface $tokenStorage
  90.      * @return JsonResponse
  91.      */
  92.     public function getInvitation(Swift_Mailer $mailer): JsonResponse{
  93.         $postdata file_get_contents('php://input');
  94.         $request json_decode($postdata);
  95.         if (!isset($request->email)) return new JsonResponse(ResponseMessage::MSG_FORM_INVALID200);
  96.         $user $request->email;
  97.         $user $this->managerRepo->findOneBy(['username' => $user]);
  98.         if (!$user) return new JsonResponse('email not found'200);
  99.         if ($user->getPasswordState() !== 'tochange' || empty($user->getPasswordToken())){
  100.             $user->setPasswordToken(uniqid(mt_rand(), true));
  101.             $user->setPasswordState('tochange');
  102.             $this->globals->em()->persist($user);
  103.             $this->globals->em()->flush();
  104.         }
  106.         $message = (new Swift_Message('OPAIE - Invitation'))
  107.             ->setFrom(DefaultService::$EMAIL_FROM)
  108.             ->setTo($user->getUsername())
  109.             ->setBody(
  110.                 $this->renderView(
  111.                     'email/opaie/passwordToken.html.twig', array('fullname' => $user->getPsoeudo(), 'token' => $user->getPasswordToken())
  112.                 ),
  113.                 'text/html'
  114.             );
  115.         $sent $mailer->send($message);
  116.         if ($sent === 0)
  117.             return new JsonResponse(ResponseMessage::MSG_MAIL_NOT_SENT200);
  118.         return new JsonResponse(array('status' => ResponseMessage::MSG_SUCCESS'data' => $sent), 200);
  119.     }
  121.     /**
  122.      * @Route("/validChangePassword/", name="validChangePassword")
  123.      * @param UserPasswordEncoderInterface $passwordEncoder
  124.      * @param TokenStorageInterface $tokenStorage
  125.      * @return JsonResponse
  126.      */
  127.     public function validChangePassword(UserPasswordEncoderInterface $passwordEncoder): JsonResponse {
  128.         $postdata file_get_contents('php://input');
  129.         $request json_decode($postdata);
  130.         if (!isset($request->password1$request->password2$request->token)){
  131.             return new JsonResponse(ResponseMessage::MSG_FORM_INVALID200);
  132.         }
  133.         $password1 $request->password1$password2 $request->password2$token $request->token;
  134.         if ($password1 !== $password2) { return new JsonResponse('password not match'); }
  135.         if (strlen($password1) < 4) { return new JsonResponse('password too short'); }
  136.         $user $this->managerRepo->findBy(['password_token' => $token'password_state' => 'tochange']);
  137.         if (!$user) { return new JsonResponse('token invalid'200); }
  138.         $user $user[0];
  139.         $user->setPassword($passwordEncoder->encodePassword($user$password1));
  140.         $user->setPasswordState('changed');
  141.         $user->setPasswordToken(null);
  142.         $this->globals->em()->persist($user);
  143.         $this->globals->em()->flush();
  145.         return new JsonResponse(array('status' => ResponseMessage::MSG_SUCCESS'data' => null), 200);
  146.     }
  148.     /**
  149.      * @Route("/resetPasword/{token}/", name="security_reset_password")
  150.      * @param $token
  151.      * @param TokenStorageInterface $tokenStorage
  152.      * @return RedirectResponse|Response
  153.      */
  154.     public function resetPasword($token) {
  155.         if (!$token) return $this->redirectToRoute('dashbord');
  156.         $user $this->managerRepo->findBy(['password_token' => $token]);
  157.         if (!$user) return $this->redirectToRoute('dashbord');
  158.         $user $user[0];
  160.         return $this->render('security/password/resetPassword.html.twig', array('user' => $user));
  161.     }
  163.     private function authenticateUser(TManager $user){
  164.         $providerKey 'database_users'// your firewall name
  165.         $token = new UsernamePasswordToken($usernull$providerKey$user->getRoles());
  166.         $this->get('security.token_storage')->setToken($token);
  167.         $this->get('session')->set('_security_main'serialize($token));
  168.     }
  170.     /**
  171.      * @param $string
  172.      * @return string|string[]|null
  173.      */
  174.     public function slugify($string) {
  175.         $rule 'NFD; [:Nonspacing Mark:] Remove; NFC';
  176.         $transliterator Transliterator::create($rule);
  177.         $string $transliterator->transliterate($string);
  178.         return preg_replace(
  179.             '/[^a-z0-9]/',
  180.             '',
  181.             strtolower(trim(strip_tags($string)))
  182.         );
  183.     }
  185. }