src/Controller/AuthController.php line 116

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\Data\User;
  6. use App\EventSubscriber\UserSecurityCheckSubscriber;
  7. use App\Form\LoginSecurityCheckType;
  8. use App\Form\RecoverPasswordNewType;
  9. use App\Form\RecoverPasswordRequestType;
  10. use App\Form\RegisterSecondType;
  11. use App\Form\RegisterThirdType;
  12. use App\Form\RegisterType;
  13. use App\Service\ActionAttemptManager;
  14. use App\Service\Emailer;
  15. use App\Service\Helper;
  16. use App\Service\SmsManager;
  17. use App\Service\UserManager;
  18. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  19. use Symfony\Component\Form\FormError;
  20. use Symfony\Component\HttpFoundation\Request;
  21. use Symfony\Component\HttpFoundation\Response;
  22. use Symfony\Component\Routing\Annotation\Route;
  23. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  24. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  25. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  26. use Symfony\Contracts\Translation\TranslatorInterface;
  28. class AuthController extends AbstractController
  29. {
  30.     /**
  31.      * @Route("/login", name="login")
  32.      */
  33.     public function login(AuthenticationUtils $authenticationUtilsRequest $requestActionAttemptManager $actionAttempt): Response
  34.     {
  35.         $actionAllowed $actionAttempt->isActionAllowed(ActionAttemptManager::ACTION_LOGIN);
  36.         $captchaRequired $actionAllowed === 'captcha';
  38.         if ($captchaRequired) {
  39.             $request->getSession()->set('captcha_whitelist_key', ['login']);
  40.         }
  42.         $error $authenticationUtils->getLastAuthenticationError();
  43.         $lastUsername $authenticationUtils->getLastUsername();
  45.         return $this->render('auth/login.html.twig', [
  46.             'last_username' => $lastUsername,
  47.             'error' => $error,
  48.             'captcha_key' => $captchaRequired 'login' null,
  49.             'login_blocked' => $actionAllowed === false
  50.         ]);
  51.     }
  53.     /**
  54.      * @Route("/login/security/check", name="login_security_check")
  55.      */
  56.     public function loginSecurityCheck(Request $requestActionAttemptManager $actionAttempt): Response
  57.     {
  58.         $actionAllowed $actionAttempt->isActionAllowed(ActionAttemptManager::ACTION_LOGIN);
  60.         $user $this->getUser();
  62.         $form $this->createForm(LoginSecurityCheckType::class, $user);
  63.         $form->handleRequest($request);
  65.         if ($form->isSubmitted() && $form->isValid()) {
  66.             $request->getSession()->set(UserSecurityCheckSubscriber::SESSION_KEYtrue);
  68.             return $this->redirectToRoute('home');
  69.         }
  71.         return $this->render('auth/loginSecurityCheck.html.twig', [
  72.             'form' => $form->createView(),
  73.             'login_blocked' => $actionAllowed === false
  74.         ]);
  75.     }
  77.     /**
  78.      * @Route("/register/email/resend/{email}/{code}", name="register_email_resend")
  79.      */
  80.     public function registerEmailResend(Request $requestActionAttemptManager $actionAttemptEmailer $emailerstring $emailstring $code): Response
  81.     {
  82.         $actionAllowed $actionAttempt->isActionAllowed(ActionAttemptManager::ACTION_LOGIN);
  84.         $em $this->getDoctrine()->getManager();
  85.         $email User::urlEmailDecode($email);
  87.         /** @var User $user */
  88.         $user $em->getRepository(User::class)->findOneBy([
  89.             'email' => $email,
  90.             'emailResendRequestCode' => $code,
  91.             'isEmailConfirmed' => false
  92.         ]);
  94.         $datNow = new \DateTime();
  95.         if ($user === null || $datNow $user->getEmailResendRequestCodeExpiryOn()) {
  96.             $this->addFlash('error''recover_password.token_wrong');
  97.             return $this->redirectToRoute('login');
  98.         }
  100.         $user->prepareEmailConfirmation();
  101.         $user->setEmailResendRequestCode(null);
  102.         $user->setEmailResendRequestCodeExpiryOn(null);
  103.         $em->flush();
  105.         $this->sendConfirmationEmail($user$emailer);
  107.         $this->addFlash('notice''registration.complete.1.msg.1');
  108.         $actionAttempt->resetAction(ActionAttemptManager::ACTION_LOGIN);
  110.         return $this->redirectToRoute('login');
  111.     }
  113.     /**
  114.      * @Route("/register", name="register")
  115.      */
  116.     public function register(Request $requestActionAttemptManager $actionAttemptUserManager $userManagerUserPasswordEncoderInterface $passwordEncoder): Response
  117.     {
  118. //        $this->addFlash('notice', 'Testing colors');
  119.         $actionAllowed $actionAttempt->isActionAllowed(ActionAttemptManager::ACTION_REGISTER);
  121.         $user = new User();
  123.         $form $this->createForm(RegisterType::class, $user);
  124.         $form->handleRequest($request);
  125. //        $this->addFlash('notice', 'registration.complete.1.msg.1');
  127.         if ($form->isSubmitted() && $form->isValid() && $actionAllowed) {
  128.             $em $this->getDoctrine()->getManager();
  130.             // check if PRE_USER exists and delete it
  131.             $userDb $em->getRepository(User::class)->findOneByEmail($user->getEmail());
  132.             if ($userDb !== null && $userDb->hasRole('PRE_USER')) {
  133.                 $em->remove($userDb);
  134.                 $em->flush();
  135.             }
  137.             // encode password
  138.             $user->setPassword($passwordEncoder->encodePassword($user$user->getNewPassword()));
  139.             $user->setEmail(strtolower($user->getEmail()));
  140.             // generate email confirmation code
  141.             $user->prepareEmailConfirmation();
  143.             // add PRE_USER role
  144.             $user->addRole('ROLE_PRE_USER');
  146.             // save user in db
  147.             $em->persist($user);
  148.             $em->flush();
  150.             $userManager->sendUserConfirmationEmail($user);
  152.             $this->addFlash('notice''registration.complete.1.msg.1');
  153.             $request->getSession()->set('registerOk'true);
  155.             return $this->redirectToRoute('register');
  156.         }
  158.         return $this->render('auth/register.html.twig', [
  159.             'action_blocked' => !$actionAllowed,
  160.             'form' => $form->createView()
  161.         ]);
  162.     }
  164.     /**
  165.      * @Route("/register/activate/{email}/{code}", name="register_activate")
  166.      */
  167.     public function registerActivate(Request $requestActionAttemptManager $actionAttemptUserPasswordEncoderInterface $passwordEncoderTranslatorInterface $translatorSmsManager $smsManager$email$code): Response
  168.     {
  169.         $actionAllowed $actionAttempt->isActionAllowed(ActionAttemptManager::ACTION_LOGIN);
  171.         $email User::urlEmailDecode($email);
  172.         $em $this->getDoctrine()->getManager();
  174.         $user $em->getRepository(User::class)->findOneBy(['email' => $email'emailConfirmationCode' => $code]);
  175.         $datNow = new \DateTime();
  177.         if ($user === null || $user->getIsEmailConfirmed() || $user->getEmailConfirmationExpiryOn() < $datNow) {
  178.             throw $this->createNotFoundException();
  179.         }
  181.         if ($user->hasRole('PRE_USER')) {
  182.             $user->setLocale($request->getLocale());
  184.             $form $this->createForm(RegisterSecondType::class, $user);
  185.             $form->handleRequest($request);
  187.             if ($form->isSubmitted() && $form->isValid() && $actionAllowed) {
  188.                 $user->setSecurityAnswer1($passwordEncoder->encodePassword($userstrtolower($user->getNewSecurityAnswer1())));
  189.                 $user->setSecurityAnswer2($passwordEncoder->encodePassword($userstrtolower($user->getNewSecurityAnswer2())));
  190.                 $user->setEmailAlternative(strtolower($user->getEmailAlternative()));
  192.                 $otp Helper::randomNumber();
  193.                 $user->setOtp($otp);
  195.                 $em->flush();
  197.                 // send sms
  198.                 $smsMsg $translator->trans('otp.registration') . ' ' $user->getOtp();
  199.                 $smsManager->sendOtp($user->getMobile(), $smsMsg$user->getOtp());
  201.                 return $this->redirectToRoute('register_activate2', ['email' => $user->getUrlEmail(), 'code' => $code]);
  202.             }
  204.             return $this->render('auth/register2.html.twig', [
  205.                 'action_blocked' => !$actionAllowed,
  206.                 'form' => $form->createView()
  207.             ]);
  208.         }
  210.         $user->setIsEmailConfirmed(true);
  211.         $em->flush();
  212.         $this->addFlash('notice''registration.complete.2.msg.1');
  214.         return $this->redirectToRoute('login');
  215.     }
  217.     /**
  218.      * @Route("/register/activate/{email}/{code}/2", name="register_activate2")
  219.      */
  220.     public function registerActivate2(Request $requestActionAttemptManager $actionAttemptUserPasswordEncoderInterface $passwordEncoder$email$code): Response
  221.     {
  222.         $actionAllowed $actionAttempt->isActionAllowed(ActionAttemptManager::ACTION_LOGIN);
  224.         $email User::urlEmailDecode($email);
  225.         $em $this->getDoctrine()->getManager();
  227.         $user $em->getRepository(User::class)->findOneBy(['email' => $email'emailConfirmationCode' => $code]);
  228.         if ($user === null) {
  229.             throw $this->createNotFoundException();
  230.         }
  232.         $datNow = new \DateTime();
  233.         if ($user->getEmailConfirmationExpiryOn() < $datNow || !$user->hasRole('PRE_USER')) {
  234.             throw $this->createNotFoundException();
  235.         }
  237.         $user->setLocale($request->getLocale());
  239.         $form $this->createForm(RegisterThirdType::class, $user);
  240.         $form->handleRequest($request);
  242.         if ($form->isSubmitted() && $form->isValid() && $actionAllowed) {
  243.             $user->removeRole('PRE_USER');
  244.             $user->addRole('FULL_USER');
  245.             $user->setIsEmailConfirmed(true);
  247.             $em->flush();
  249.             $this->addFlash('notice''registration.complete.2.msg.1');
  251.             return $this->redirectToRoute('login');
  252.         }
  254.         return $this->render('auth/register3.html.twig', [
  255.             'action_blocked' => !$actionAllowed,
  256.             'form' => $form->createView()
  257.         ]);
  258.     }
  260.     /**
  261.      * @Route("/recover/password/request", name="password_recover")
  262.      */
  263.     public function passwordRecoverRequest(Request $requestActionAttemptManager $actionAttemptEmailer $emailerUrlGeneratorInterface $urlGenerator): Response
  264.     {
  265.         $actionAllowed $actionAttempt->isActionAllowed(ActionAttemptManager::ACTION_RECOVER_PASSWORD);
  267.         $form $this->createForm(RecoverPasswordRequestType::class);
  268.         $form->handleRequest($request);
  270.         if ($form->isSubmitted() && $form->isValid()) {
  272.             $em $this->getDoctrine()->getManager();
  273.             $email strtolower($form->get('email')->getData());
  274.             $user $em->getRepository(User::class)->findOneByEmail($email);
  275.             $isAltEmail false;
  276.             if ($user === null) {
  277.                 $user $em->getRepository(User::class)->findOneByEmailAlternative($email);
  278.                 $isAltEmail true;
  279.             }
  281.             if ($user !== null) {
  283.                 $user->setRecoverPasswordCode(Helper::generateString());
  284.                 $datNow = new \DateTime();
  285.                 $datNow->add(new \DateInterval('PT4H'));
  286.                 $user->setRecoverPasswordCodeExpiryOn($datNow);
  288.                 $em->flush();
  290.                 $url $urlGenerator->generate('password_recover_process', [ 'code' => $user->getRecoverPasswordCode(), 'email' => $user->getUrlEmail() ], UrlGeneratorInterface::ABSOLUTE_URL);
  292.                 $emailer->sendRecoverPassword($user$url$isAltEmail);
  293.             }
  295.             $this->addFlash('notice''recover_password.request_completed');
  297.             return $this->redirectToRoute('password_recover');
  298.         }
  300.         return $this->render('auth/recoverPasswordRequest.html.twig', [
  301.             'action_blocked' => !$actionAllowed,
  302.             'form' => $form->createView()
  303.         ]);
  304.     }
  306.     /**
  307.      * @Route("/recover/password/process/{email}/{code}", name="password_recover_process")
  308.      */
  309.     public function passwordRecoverNew(Request $requestActionAttemptManager $actionAttemptUserPasswordEncoderInterface $passwordEncoder$email$code): Response
  310.     {
  311.         $actionAllowed $actionAttempt->isActionAllowed(ActionAttemptManager::ACTION_RECOVER_PASSWORD);
  313.         $email User::urlEmailDecode($email);
  315.         $em $this->getDoctrine()->getManager();
  316.         $user $em->getRepository(User::class)->findOneBy(['email' => $email'recoverPasswordCode' => $code]);
  317.         if ($user === null) {
  318.             $user $em->getRepository(User::class)->findOneBy(['emailAlternative' => $email'recoverPasswordCode' => $code]);
  319.         }
  320.         $datNow = new \DateTime();
  322.         if ($user === null || $user->getRecoverPasswordCodeExpiryOn() === null || $user->getRecoverPasswordCodeExpiryOn() < $datNow) {
  323.             $this->addFlash('notice''recover_password.token_wrong');
  325.             return $this->redirectToRoute('password_recover');
  326.         }
  328.         $form $this->createForm(RecoverPasswordNewType::class, $user);
  329.         $form->handleRequest($request);
  331.         if ($form->isSubmitted()) {
  332.             if ($user->getNewPassword() !== null && $passwordEncoder->isPasswordValid($user$user->getNewPassword())) {
  333.                 $form->get('newPassword')->get('first')->addError(new FormError('validate.is_previous_password'));
  334.             }
  335.         }
  337.         if ($form->isSubmitted() && $form->isValid()) {
  338.             $encPassword $passwordEncoder->encodePassword($user$user->getNewPassword());
  339.             $user->setPassword($encPassword);
  340.             $user->setRecoverPasswordCodeExpiryOn(null);
  341.             $user->setRecoverPasswordCode(null);
  342.             $em->flush();
  344.             $this->addFlash('notice''recover_password.completed');
  346.             return $this->redirectToRoute('login');
  347.         }
  349.         return $this->render('auth/recoverPasswordNew.html.twig', [
  350.             'action_blocked' => !$actionAllowed,
  351.             'form' => $form->createView()
  352.         ]);
  353.     }
  355.     /**
  356.      * @Route("/logout", name="logout")
  357.      */
  358.     public function logout()
  359.     {
  360.         throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
  361.     }
  362. }