src/Controller/UsersControllerFrontend.php line 59
<?php
namespace App\Controller;
use App\Form\UsersEditType;
use App\Form\UsersRegisterType;
use App\Entity\Users;
use Doctrine\ORM\OptimisticLockException;
use Doctrine\Persistence\ManagerRegistry;
use Exception;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use App\Manager\UserManager;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use BeSimple\I18nRoutingBundle\Routing\Annotation\I18nRoute;
use Symfony\Contracts\Translation\TranslatorInterface;
class UsersControllerFrontend extends AbstractController
{
public TranslatorInterface $translator;
public function __construct(TranslatorInterface $translator, private ManagerRegistry $managerRegistry, private TokenStorageInterface $usageTrackingTokenStorage)
{
$this->translator = $translator;
}
/**
* Methods enable translation of error|notice flash messages.
*
* @param $key
* @param array $params
* @param null $domain
* @return mixed
*/
public function trans($key, array $params = [], $domain = null)
{
return $this->translator->trans($key, $params, $domain);
}
public function addFlashMessage($type, $key, array $params = [], $domain = null){
$this->addFlash($type, $this->trans($key, $params, $domain));
}
/**
* @param Request $request
* @param UserPasswordHasherInterface $passwordEncoder
* @return RedirectResponse|Response
* @throws Exception
*/
#[Route(path: '/register', name: 'user_registration', methods: ['GET', 'POST'])]
public function registerAction(Request $request, UserPasswordHasherInterface $passwordEncoder, UserManager $userManager)
{
// 1) build the form
$user = new Users();
$form = $this->createForm(UsersRegisterType::class, $user);
// 2) handle the submit (will only happen on POST)
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$randomBytes = random_bytes(32);
$user->setSalt(bin2hex($randomBytes));
//check for passwd length
$psswdErr = FALSE;
if(!$userManager->hasPasswordMinimalLength($user->getPlainPassword())) {
$this->addFlashMessage('error', 'profile_short_psswd', [], 'controller');
$psswdErr = TRUE;
}
if(!$userManager->isPasswordStrength($user->getPlainPassword(), $user->getUserIdentifier(), $user->getEmail(), $user->getFirstName().$user->getLastName())) {
$this->addFlashMessage('error', 'profile_weak_psswd', [], 'controller');
$psswdErr = TRUE;
}
if($psswdErr){
return $this->render(
'frontend/registration.html.twig',
array('form' => $form)
);
}
//check for strength of password
// 3) Encode the password (you could also do this via Doctrine listener)
$password = $passwordEncoder->hashPassword($user, $user->getPlainPassword());
$user->setPassword($password);
// $user->setUsername($user->getEmail());
//$user->setUsername($user->getEmail());
$user->setAuthRole('ROLE_USER');
$user->setCreatedAt(new \DateTime());
$user->setLastvisitAt(new \DateTime());
//$user->setLastmodAt(new \DateTime()); // nevim proc ale nefunguje auto current
$user->setUsers($user);
// 4) save the User!
$em = $this->managerRegistry->getManager();
$em->persist($user);
$em->flush();
// ... do any other work - like sending them an email, etc
// maybe set a "flash" success message for the user
$this->addFlashMessage('notice', 'profile_created', [], 'controller');
// autologin https://stackoverflow.com/questions/5886713/automatic-post-registration-user-authentication
$token = new UsernamePasswordToken($user, 'main', $user->getRoles());
$this->usageTrackingTokenStorage->setToken($token);
$request->getSession()->set('_security_main', serialize($token));
$request->getSession()->set('player_id', $user->getId());
return $this->redirectToRoute('homepage');
} else {
$form->getErrors();
}
return $this->render(
'frontend/registration.html.twig',
array('form' => $form)
);
}
/**
* @param Request $request
* @param UserPasswordHasherInterface $passwordEncoder
* @return Response
* @throws OptimisticLockException
*/
#[Route(path: '/profile/edit/', name: 'user-edit', methods: ['GET', 'POST'])]
public function editAction(Request $request, UserPasswordHasherInterface $passwordEncoder, UserManager $userManager)
{
$em = $this->managerRegistry->getManager();
if(!$user = $this->getUser()) {
return $this->redirectToRoute('login');
}
/* possible options - TextType?
"action", "allow_extra_fields", "attr", "auto_initialize", "block_name", "by_reference", "compound", "constraints", "csrf_field_name", "csrf_message", "csrf_protection", "csrf_token_id", "csrf_token_manager",
"data", "data_class", "disabled", "empty_data", "error_bubbling", "error_mapping", "extra_fields_message", "inherit_data", "invalid_message", "invalid_message_parameters",
"label", "label_attr", "label_format", "mapped", "method", "post_max_size_message", "property_path", "required", "translation_domain", "trim", "upload_max_size_message", "validation_groups".
*/
$form = $this->createForm(UsersEditType::class, $user);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$user = $form->getData();
$psswdErr = FALSE;
$otherErr = false;
if($user->getPlainPassword()) {
if(!$userManager->isPasswordStrength($user->getPlainPassword(), $user->getUsername(), $user->getEmail(), $user->getFirstName().$user->getLastName())) {
$this->addFlashMessage('error', 'profile_weak_psswd', [], 'controller');
$psswdErr = TRUE;
}
if(!$userManager->hasPasswordMinimalLength($user->getPlainPassword())) {
$this->addFlashMessage('error', 'profile_short_psswd', [], 'controller');
$psswdErr = TRUE;
}
if($psswdErr) {
//error password length
$this->addFlashMessage('error', 'profile_short_psswd', [], 'controller');
}
$randomBytes = random_bytes(32);
$user->setSalt(bin2hex($randomBytes));
$password = $passwordEncoder->hashPassword($user, $user->getPlainPassword());
$user->setPassword($password);
}
if(strlen($user->getPersonalNumber()) > 64) {
$this->addFlashMessage('error', 'error.profile_personal_number_too_long', [], 'controller');
$otherErr = TRUE;
}
if($psswdErr || $otherErr) {
return $this->render('frontend/user_edit.html.twig', [
'user' => $user,
'form' => $form
]);
}
$user->setLastmodAt(new \DateTime());
$user->setUsers($user);
//$em->persist($user);
$em->flush($user);
$this->addFlashMessage('notice', 'user_update_success', [], 'controller');
return $this->redirectToRoute('user-detail');
} else {
// dump( $form->getErrors() );
if ($form->isSubmitted() && !$form->isValid()) {
$form->getErrors();
}
}
return $this->render('frontend/user_edit.html.twig', [
'user' => $user,
'form' => $form
]);
}
/**
* @param Request $request
* @param UserPasswordHasherInterface $passwordEncoder
* @return RedirectResponse|Response
*/
#[Route(path: '/profile', name: 'user-detail', methods: ['GET'])]
public function detailAction(UserPasswordHasherInterface $passwordEncoder)
{
if(!$user = $this->getUser()) {
return $this->redirectToRoute('login');
}
$user = $this->getUser();
return $this->render('frontend/user_detail.html.twig', [
'user' => $user
]);
}
/**
* Check password strength
*
* @return Response
*/
#[Route(path: '/check-password', name: 'userPasswordCheck', methods: ['GET'])]
public function checkPasswordAction(Request $request, TranslatorInterface $translator, UserManager $userManager): Response
{
//
$password = $request->query->get('password', '');
$email = $request->query->get('email', '');
$userName = $request->query->get('userName', '');
$name = $request->query->get('name', '');
$isCorrect = 0;
if (!$userManager->hasPasswordMinimalLength($password)) {
$message = $translator->trans('profile_short_psswd', [], 'controller');
} elseif (!$userManager->isPasswordStrength($password, $userName, $email, $name)) {
$message = $translator->trans('profile_weak_psswd', [], 'controller');
} else {
$isCorrect = 1;
$message = $translator->trans('profile_ok_psswd', [], 'controller');
}
$response = new JsonResponse();
$response->setData(array(
'isCorrect' => $isCorrect,
'message' => $message,
));
return $response;
}
}