src/Controller/SecurityController.php line 67

  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\TokenUser;
  6. use App\Entity\User;
  7. use App\Form\ConfirmRecuperatePasswordType;
  8. use App\Form\LoginType;
  9. use App\Form\RecuperatePasswordType;
  10. use App\Services\EmailSender;
  11. use DateTime;
  12. use Doctrine\ORM\EntityManagerInterface;
  13. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  14. use Symfony\Component\HttpFoundation\RedirectResponse;
  15. use Symfony\Component\HttpFoundation\Request;
  16. use Symfony\Component\HttpFoundation\Response;
  17. use Symfony\Component\Mailer\Exception\TransportExceptionInterface;
  18. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  19. use Symfony\Component\Routing\Annotation\Route;
  20. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  21. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  22. use Symfony\Contracts\Translation\TranslatorInterface;
  24. class SecurityController extends AbstractController
  25. {
  26.     /**
  27.      * @param AuthenticationUtils $authenticationUtils
  28.      * @return Response
  29.      * @Route("/login", name="login")
  30.      */
  31.     public function index(AuthenticationUtils $authenticationUtils): Response
  32.     {
  33.         // get the login error if there is one
  34.         $error $authenticationUtils->getLastAuthenticationError();
  36.         // last username entered by the user
  37.         $lastUsername $authenticationUtils->getLastUsername();
  38.         $form $this->createForm(LoginType::class, null, [
  39.             'lastUsername' => $lastUsername,
  40.         ]);
  42.         return $this->render('security/login.html.twig', [
  43.             'last_username' => $lastUsername,
  44.             'error'         => $error,
  45.             'form' => $form->createView()
  46.         ]);
  47.     }
  49.     /**
  50.      * @Route("/logout", name="app_logout")
  51.      */
  52.     public function logout(): void
  53.     {
  54.     }
  57.     /**
  58.      * @Route("/recuperate-password", name="forgot")
  59.      *
  60.      * @param Request $request
  61.      * @param EntityManagerInterface $em
  62.      * @param TranslatorInterface $translator
  63.      * @param EmailSender $mailer
  64.      * @return Response
  65.      * @throws TransportExceptionInterface
  66.      */
  67.     public function recuperatePassword(Request $requestEntityManagerInterface $emTranslatorInterface $translatorEmailSender $mailer): Response
  68.     {
  69.         $form $this->createForm(RecuperatePasswordType::class);
  70.         $form->handleRequest($request);
  71.         $success $request->get('success');
  72.         if ($form->isSubmitted() and $form->isValid()) {
  73.             //get user by email
  74.             $user $em->getRepository(User::class)->findOneBy(['email' => $form->getData()['email']]);
  75.             if(!$user){
  76.                 $this->addFlash(
  77.                     'success',
  78.                     $translator->trans('security.no_user')
  79.                 );
  80.                 return $this->render('security/recuperate_password.html.twig', [
  81.                     'form' => $form->createView(),
  82.                     'title' => $translator->trans('security.recuperate_password'),
  83.                     // 'success' => true
  84.                 ]);
  85.             }
  86.             //create Token
  87.             $token = new TokenUser();
  88.             $token->setType(TokenUser::TOKEN_RECUPERATE_PASSWORD);
  89.             $user->addToken($token);
  90.             $em->persist($token);
  91.             $em->flush();
  93.             $data = [
  94.                 'path' => $this->generateUrl('confirm_recuperate_password', [
  95.                     'token' => $token->getToken(),
  96.                 ], UrlGeneratorInterface::ABSOLUTE_URL),
  97.             ];
  99.             //send email
  100.             $mailer->sendEmail(
  101.                 'mails/recuperate_password.html.twig',
  102.                 $translator->trans('general.app_name'),
  103.                 $user->getEmail(),
  104.                 null,
  105.                 null,
  106.                 $data
  107.             );
  109.             //Add flash success
  110.             $this->addFlash(
  111.                 'success',
  112.                 $translator->trans('security.recuperate_password_success')
  113.             );
  114.         }
  116.         return $this->render('security/recuperate_password.html.twig', [
  117.             'form' => $form->createView(),
  118.             'title' => $translator->trans('security.recuperate_password'),
  119.            // 'success' => true
  120.         ]);
  121.     }
  123.     /**
  124.      * @Route("/confirm/recuperate-password/{token}/{_locale}", name="confirm_recuperate_password")
  125.      *
  126.      * @param Request $request
  127.      * @param $token
  128.      * @param UserPasswordHasherInterface $encoder
  129.      * @param EntityManagerInterface $em
  130.      * @return RedirectResponse|Response
  131.      */
  132.     public function confirmRecuperatePassword(
  133.         Request $request,
  134.         $token,
  135.         UserPasswordHasherInterface $encoder,
  136.         EntityManagerInterface $em
  137.     ): RedirectResponse|Response
  138.     {
  139.         $tokenUser $em->getRepository(TokenUser::class)->findOneBy([
  140.             'token' => $token,
  141.         ]);
  143.         $now = new DateTime();
  144.         if (!$tokenUser->getEnabled() or
  145.             $now >= $tokenUser->getExpiredAt() or
  146.             TokenUser::TOKEN_RECUPERATE_PASSWORD !== $tokenUser->getType()) {
  147.             return $this->redirectToRoute('forgot');
  148.         }
  150.         $form $this->createForm(ConfirmRecuperatePasswordType::class);
  151.         $form->handleRequest($request);
  153.         if ($form->isSubmitted() and $form->isValid()) {
  154.             //Disabled token
  155.             $tokenUser->setEnabled(false);
  156.             //get user from token
  157.             $user $tokenUser->getUser();
  158.             $user->setPassword($encoder->hashPassword($user$form->getData()['password']));
  160.             $em->persist($tokenUser);
  161.             $em->persist($user);
  162.             $em->flush();
  164.             return $this->render('security/confirm_recuperate_password.html.twig', [
  165.                 'form' => $form->createView(),
  166.                 'success' => true
  167.             ]);
  168.         }
  170.         return $this->render('security/confirm_recuperate_password.html.twig', [
  171.             'form' => $form->createView()
  172.         ]);
  173.     }
  174. }