src/Controller/Front/SecurityController.php line 158

Open in your IDE?
  1. <?php
  3. namespace App\Controller\Front;
  5. use App\Entity\Profile;
  6. use App\Entity\User;
  7. use App\Service\Tools;
  8. use Doctrine\ORM\EntityManagerInterface;
  9. use Exception;
  10. use Symfony\Bridge\Twig\Mime\TemplatedEmail;
  11. use Symfony\Component\HttpFoundation\Session\Session;
  12. use Symfony\Component\Mailer\Exception\TransportExceptionInterface;
  13. use Symfony\Component\Mailer\MailerInterface;
  14. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  15. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  16. use Symfony\Component\HttpFoundation\RedirectResponse;
  17. use Symfony\Component\HttpFoundation\Request;
  18. use Symfony\Component\HttpFoundation\Response;
  19. use Symfony\Component\Mime\Address;
  20. use Symfony\Component\Routing\Annotation\Route;
  21. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  22. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  23. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  24. use Symfony\Component\Security\Http\SecurityEvents;
  26. /**
  27.  * Class SecurityController
  28.  * @package App\Controller
  29.  */
  30. class SecurityController extends AbstractController
  31. {
  32.     private EntityManagerInterface $em;
  34.     public function __construct(
  35.         EntityManagerInterface $em
  36.     ) {
  37.         $this->em $em;
  38.     }
  40.     /**
  41.      * @param AuthenticationUtils $authenticationUtils
  42.      * @param Request $request
  43.      * @param Tools $tools
  44.      * @param EventDispatcherInterface $eventDispatcher
  45.      * @return Response
  46.      * @Route("/login", name="login", options={"expose"=true})
  47.      */
  48.     public function login(
  49.         AuthenticationUtils $authenticationUtils,
  50.         Request $request,
  51.         Tools $tools,
  52.         EventDispatcherInterface $eventDispatcher
  53.     ): Response {
  54.         if ($autoLogin $request->get('al')) {
  55.             /** @var User $currentUser */
  56.             $currentUser $this->getUser();
  58.             /** @var User $user */
  59.             $user $this->em->getRepository(User::class)->find($tools->decrypt($autoLogin));
  61.             if ($user) {
  62.                 // On sauvegarde en session notre user de base
  63.                 if (!is_null($currentUser)) {
  64.                     if ($currentUser->getProfile()->getRole() == Profile::ROLE_EMPLOYEE) {
  65.                         $session = new Session();
  66.                         $session->set('connect_as_master_front'$currentUser->getId() . '|' md5($currentUser->getCreatedAt()->getTimestamp()));
  67.                         $session->set('connect_as_referer_front'$request->server->get('HTTP_REFERER'));
  68.                     }
  69.                 }
  71.                 //On se connecte à l'user
  72.                 $token = new UsernamePasswordToken($usernull'user_provider'$user->getRoles());
  73.                 $this->get('security.token_storage')->setToken($token);
  75.                 $event = new SecurityEvents($request);
  76.                 $eventDispatcher->dispatch($eventSecurityEvents::INTERACTIVE_LOGIN);
  78.                 return $this->redirectToRoute('app_index');
  79.             }
  80.         }
  82.         if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
  83.             return $this->redirectToRoute('app_index');
  84.         }
  86.         // get the login error if there is one
  87.         $error $authenticationUtils->getLastAuthenticationError();
  88.         // last username entered by the user
  89.         $lastUsername $authenticationUtils->getLastUsername();
  91.         return $this->render('front/security/login.html.twig', [
  92.             'last_username' => $lastUsername,
  93.             'error' => $error,
  94.         ]);
  95.     }
  97.     /**
  98.      * @param Request $request
  99.      * @param EventDispatcherInterface $eventDispatcher
  100.      * @return RedirectResponse
  101.      * @Route("/reconnect_as", name="reconnect_as")
  102.      */
  103.     public function reconnectAs(Request $requestEventDispatcherInterface $eventDispatcher): RedirectResponse
  104.     {
  105.         $session = new Session();
  106.         $hash $session->get('connect_as_master_front');
  107.         $redirect $session->get('connect_as_referer_front');
  109.         $reconnected false;
  111.         if (preg_match("/([0-9]+)\|(.*)/"$hash$matches)) {
  112.             $user $this->em->getRepository(User::class)->find($matches[1]);
  114.             if ($user instanceof User && $user->getId()) {
  115.                 if (md5($user->getCreatedAt()->getTimestamp()) == $matches[2]) {
  116.                     //On se reconnecte
  117.                     $token = new UsernamePasswordToken($usernull'user_provider'$user->getRoles());
  118.                     $this->get('security.token_storage')->setToken($token);
  120.                     $event = new SecurityEvents($request);
  121.                     $eventDispatcher->dispatch($eventSecurityEvents::INTERACTIVE_LOGIN);
  123.                     $reconnected true;
  124.                 }
  125.             }
  126.         }
  128.         $session->remove('connect_as_master_front');
  129.         $session->remove('connect_as_referer_front');
  131.         if (!$reconnected) {
  132.             return $this->redirectToRoute('logout');
  133.         }
  135.         if ($redirect) {
  136.             return $this->redirect($redirect);
  137.         }
  139.         return $this->redirectToRoute('front_index');
  140.     }
  142.     /**
  143.      * @throws Exception
  144.      * @Route("/logout", name="logout")
  145.      */
  146.     public function logout(): void
  147.     {
  148.         throw new Exception('This should never be reached!');
  149.     }
  151.     /**
  152.      * @param Request $request
  153.      * @param MailerInterface $mailer
  154.      * @return RedirectResponse|Response
  155.      * @Route("/password-forget", name="password_forget")
  156.      * @throws TransportExceptionInterface
  157.      */
  158.     public function passwordForget(Request $requestMailerInterface $mailer): RedirectResponse|Response
  159.     {
  160.         if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
  161.             return $this->redirectToRoute('app_index');
  162.         }
  164.         $email $request->get('email');
  165.         $error "";
  167.         if ($request->get('submit_password_forget')) {
  168.             /** @var User $user */
  169.             $user $this->em->getRepository(User::class)->findOneBy([
  170.                 'email' => $email
  171.             ]);
  173.             if ($user) {
  174.                 $hash md5(uniqid('pf'));
  176.                 $user->setHash($hash);
  178.                 $message = (new TemplatedEmail())
  179.                     ->from(new Address($this->getParameter('MAILER_FROM'), $this->getParameter('MAILER_FROM_NAME')))
  180.                     ->to($user->getEmail())
  181.                     ->subject("Mot de passe oublié")
  182.                     ->htmlTemplate('email/user/password_forget.html.twig')
  183.                     ->context([
  184.                         'user' => $user,
  185.                         'hash' => $hash,
  186.                     ]);
  188.                 $mailer->send($message);
  190.                 $this->em->persist($user);
  191.                 $this->em->flush();
  192.             }
  194.             $this->addFlash('success'"Un mail vient d'être envoyé à " $email);
  196.             return $this->redirectToRoute('login');
  197.         }
  199.         return $this->render('front/security/password_forget.html.twig', [
  200.             'email' => $email,
  201.             'error' => $error,
  202.             'body_class' => 'login-container',
  203.         ]);
  204.     }
  206.     /**
  207.      * @param string $hash
  208.      * @param Request $request
  209.      * @param UserPasswordEncoderInterface $passwordEncoder
  210.      * @return RedirectResponse|Response
  211.      * @Route("/password-reset/{hash}", name="password_reset")
  212.      */
  213.     public function passwordReset(string $hashRequest $requestUserPasswordEncoderInterface $passwordEncoder): RedirectResponse|Response
  214.     {
  215.         if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
  216.             return $this->redirectToRoute('app_index');
  217.         }
  219.         $error "";
  221.         /** @var User $user */
  222.         $user $this->em->getRepository(User::class)->findOneBy([
  223.             'hash' => $hash
  224.         ]);
  226.         if ($user && $request->get('submit_password_reset') && ($password $request->get('password'))) {
  227.             if (strlen($password) > 5) {
  228.                 $password $passwordEncoder->encodePassword($user$password);
  229.                 $user->setPassword($password);
  230.                 $user->setHash(null);
  232.                 $this->em->persist($user);
  233.                 $this->em->flush();
  235.                 return $this->redirectToRoute('login');
  236.             } else {
  237.                 $error "Veuillez saisir un mot de passe d'au moins 6 caractères";
  238.             }
  239.         }
  241.         return $this->render('front/security/password_reset.html.twig', [
  242.             'error' => $error,
  243.             'body_class' => 'login-container',
  244.         ]);
  245.     }
  246. }