src/Controller/SecurityController.php line 54
<?php
namespace App\Controller;
use Doctrine\Persistence\ManagerRegistry;
use Ivory\CKEditorBundle\Exception\Exception;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
use Symfony\Component\HttpFoundation\JsonResponse;
use Doctrine\ORM\EntityManager;
use App\Manager\UserManager;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
use App\Entity\Users;
use BeSimple\I18nRoutingBundle\Routing\Annotation\I18nRoute;
use Symfony\Contracts\Translation\TranslatorInterface;
class SecurityController extends AbstractController
{
public TranslatorInterface $translator;
public function __construct(TranslatorInterface $translator, private ManagerRegistry $managerRegistry)
{
$this->translator = $translator;
}
/**
* @param Request $request
* @param AuthenticationUtils $authUtils
* @param TokenStorageInterface $tokenStorage
* @return Response|null
* @throws \Exception
*/
#[Route(path: '/login', name: 'login', methods: ['GET', 'POST'])]
public function loginAction(Request $request, AuthenticationUtils $authUtils, TokenStorageInterface $tokenStorage, RouterInterface $router)
{
// get the login error if there is one
$error = $authUtils->getLastAuthenticationError();
$socialConnectionEmailExistsOtherAccount = $request->getSession()->get('socialConnectionEmailExistsOtherAccount', 0);
if ($socialConnectionEmailExistsOtherAccount) {
$this->container->get('request_stack')->getSession()->remove('socialConnectionEmailExistsOtherAccount');
$this->addFlashMessage('error', $this->trans('social_login.alert.email_already_exists', [], 'messages'));
}
$socialOfferConnection = $request->getSession()->get('socialOfferConnection', 0);
if ($socialOfferConnection) {
// pokud stranka pro potvrzeni, tak presmeruj pote na homepage
$request->getSession()->set('_security.main.target_path', $router->generate('homepage'));
$request->getSession()->set('socialOfferConnection', 0);
return $this->redirectToRoute('confirm_social_login');
}
if ($disabled = $request->getSession()->get('disabled', false)) {
$request->getSession()->remove('disabled');
}
return $this->render('security/login.html.twig', array(
// 'last_username' => $lastUsername,
'error' => $error,
'disabled' => $disabled
));
}
/**
* @param Request $request
* @return Response|null
* @throws \Exception
*/
#[Route(path: '/reset-password', name: 'reset-password', methods: ['GET', 'POST'])]
public function resetPasswordAction(Request $request, UserManager $userManager)
{
$em = $this->managerRegistry->getManager();
$submit = $request->get('reset-submit', false);
if ($submit) {
$email = $request->get('password-reset-email', '');
$user = $em->getRepository(Users::class)->findOneBy(['email' => $email, 'isDeleted' => false]);
if (!$user) {
$user = $em->getRepository(Users::class)->findOneBy(['email' => $email]);
}
if ($user && $user->isIsDeleted() == false) {
$restoreUrl = $this->generateUrl('set-password', array('token' => '__TOKEN__'), UrlGeneratorInterface::ABSOLUTE_URL);
$userManager->sendResetLinkTo($user, $restoreUrl);
if ($request->isXmlHttpRequest()) {
return new JsonResponse(array('message' => $this->trans('reset_password.email_sent', [], 'login')));
} else {
$this->addFlashMessage('notice', 'reset_password.email_sent', [], 'login');
}
} elseif ($user && $user->isIsDeleted() == true){
if ($request->isXmlHttpRequest()) {
return new JsonResponse(array('message' => $this->trans('reset_password.user_disabled', [], 'login')));
} else {
$this->addFlashMessage('notice', 'reset_password.user_disabled', [], 'login');
}
} else {
if ($request->isXmlHttpRequest()) {
return new JsonResponse(array('message' => $this->trans('reset_password.user_not_found', [], 'login')));
} else {
$this->addFlashMessage('notice', 'reset_password.user_not_found', [], 'login');
}
}
}
return $this->render('security/reset_password.html.twig', array(
));
}
/**
* @param Request $request
* @param UserManager $userManager
* @return Response|null
* @throws \Exception
*/
#[Route(path: '/set-password', name: 'set-password', methods: ['GET', 'POST'])]
public function setPasswordAction(Request $request, UserManager $userManager): Response
{
$em = $this->managerRegistry->getManager();
$passwordUpdated = false;
$token = $request->get('token', '');
$user = $em->getRepository(Users::class)->findOneBy(['passwordResetHash' => $token]);
if (!$user) {
throw new NotFoundHttpException($this->trans('set_password.user_not_found', [], 'login'));
}
// check hash valid
$today = new \DateTime();
$tokenExpiration = $user->getHashValidUntil();
if ($today > $tokenExpiration) {
// token expired
$this->addFlashMessage('error', $this->trans('set_password.alert.token_expired', [], 'login'));
}
if ($request->getMethod() == 'POST') {
$formData = $request->request->all();
$password = $formData['new_password'];
if (!$password || $formData['new_password'] != $formData['repeat_password']) {
$this->addFlashMessage('error', $this->trans('set_password.alert.not_match', [], 'login'));
} else {
$checkResult = $userManager->isPasswordStrength($password, $user->getUserName(), $user->getEmail(), $user->getFirstName().$user->getLastName());
if (!$checkResult) {
$this->addFlashMessage('error', 'profile_weak_psswd', [], 'controller');
} else {
$this->updatePassword($user, $password, $userManager, $em);
$this->addFlashMessage('success', $this->trans('set_password.new_set', [], 'login'));
$passwordUpdated = true;
}
}
}
return $this->render('security/set_password.html.twig', array(
'token' => $token,
'passwordUpdated' => $passwordUpdated,
'user' => $user,
));
}
/**
* @param Request $request
*/
#[Route(path: '/logout', name: 'logout')]
public function logoutAction()
{
}
/**
* Methods enable translation of error|notice flash messages.
*
* @param $key
* @param array $params
* @param null $domain
* @return mixed
*/
public function trans($key, array $params = [], $domain = null)
{
return $this->translator->trans($key, $params, $domain);
}
public function addFlashMessage($type, $key, array $params = [], $domain = null){
$this->addFlash($type, $this->trans($key, $params, $domain));
}
/**
* @param Users $user
* @param string $password
* @param UserManager $userManager
*/
protected function updatePassword(Users $user, $password, UserManager $userManager) {
$em = $this->managerRegistry->getManager();
$userManager->setUserPassword($user, $password);
$user->setHashValidUntil(null);
$user->setPasswordResetHash('');
$em->flush();
}
}