vendor/boldr/users-bundle/src/Controller/SecurityController.php line 54

Open in your IDE?
  1. <?php
  3. namespace Boldr\Cms\UsersBundle\Controller;
  5. use Boldr\Cms\UsersBundle\Form\{ ForgotPasswordTypeResetPasswordType };
  6. use Boldr\Cms\UsersBundle\Entity\User;
  7. use Boldr\Cms\UsersBundle\EmailFactory;
  8. use Boldr\Cms\UsersBundle\Event\UserPasswordChangedEvent;
  10. use Symfony\Component\HttpFoundation\{ RequestResponse };
  11. use Symfony\Component\Routing\Annotation\Route;
  12. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  13. use Symfony\Component\Mailer\MailerInterface;
  14. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  15. use Symfony\Component\Form\FormError;
  16. use Symfony\Component\Form\Extension\Core\Type\{ FormTypeTextTypePasswordTypeCheckboxType };
  17. use Symfony\Contracts\Translation\TranslatorInterface;
  18. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  20. use Psr\EventDispatcher\EventDispatcherInterface;
  22. use DateTimeImmutable;
  23. use DateInterval;
  25. class SecurityController extends AbstractController
  26. {
  28.     public static function getSubscribedServices(): array
  29.     {
  30.         return array_merge(parent::getSubscribedServices(), [
  31.             MailerInterface::class,
  32.             AuthenticationUtils::class,
  33.             UserPasswordHasherInterface::class,
  34.             EmailFactory::class,
  35.             TranslatorInterface::class,
  36.             EventDispatcherInterface::class
  37.         ]);
  38.     }
  40.     /**
  41.      * @Route({
  42.      *     "nl": "/inloggen",
  43.      *     "de": "/anmelden",
  44.      *     "en": "/login"
  45.      * }, name="boldr_users_login")
  46.      */
  47.     public function login(Request $request): Response
  48.     {
  49.         if ($this->getUser())
  50.         {
  51.             return $this->redirectToRoute('cms_home');
  52.         }
  54.         $form $this->get('form.factory')->createNamedBuilder(''FormType::class, null, [
  55.             'translation_domain' => 'BoldrUsersBundle',
  56.             'csrf_field_name' => '_csrf_token',
  57.             'csrf_token_id' => 'authenticate'
  58.         ])
  59.             ->add('_username'TextType::class, [
  60.                 'label' => 'username',
  61.                 'attr' => [
  62.                     'autofocus' => 'autofocus'
  63.                 ]
  64.             ])
  65.             ->add('_password'PasswordType::class, [
  66.                 'label' => 'password'
  67.             ])
  68.             ->add('_remember_me'CheckboxType::class, [
  69.                 'label' => 'remember_me',
  70.                 'required' => false
  71.             ])
  72.             ->getForm();
  74.         $authenticationUtils $this->get(AuthenticationUtils::class);
  75.         $error $authenticationUtils->getLastAuthenticationError();
  76.         $lastUsername $authenticationUtils->getLastUsername();
  78.         $form->get('_username')->setData($lastUsername);
  80.         if ($error)
  81.         {
  82.             $form->addError(new FormError($this->get(TranslatorInterface::class)->trans($error->getMessageKey(), $error->getMessageData(), 'security')));
  83.         }
  85.         return $this->render('@BoldrUsers/login.html.twig', [
  86.             'error' => $error,
  87.             'form' => $form->createView()
  88.         ]);
  89.     }
  91.     /**
  92.      * @Route({
  93.      *    "nl": "/uitloggen",
  94.      *    "de": "/abmelden",
  95.      *    "en": "/logout"
  96.      * }, name="boldr_users_logout")
  97.      */
  98.     public function logout()
  99.     {
  100.         throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
  101.     }
  103.     /**
  104.      * @Route({
  105.      *     "en": "/forgot-password",
  106.      *     "nl": "/wachtwoord-vergeten",
  107.      *     "de": "/passwort-vergessen"
  108.      * }, name="boldr_users_forgot_password")
  109.      * @Route("/boldr-api/boldr-users/forgot-password", name="boldr_users_api_forgot_password")
  110.      */
  111.     public function forgotPassword(Request $request)
  112.     {
  113.         if ($this->getUser() !== null)
  114.         {
  115.             return $this->redirectToRoute('cms_home');
  116.         }
  118.         $form $this->createForm(ForgotPasswordType::class);
  119.         $form->handleRequest($request);
  121.         if ($form->isSubmitted() && $form->isValid())
  122.         {
  123.             $userRepository $this->getDoctrine()->getRepository(User::class);
  124.             $user $userRepository->createQueryBuilder('u')
  125.                 ->andWhere('u.username = ?1 OR u.emailAddress = ?1')
  126.                 ->setMaxResults(1)
  127.                 ->setParameter(1$form['usernameOrEmailAddress']->getData())
  128.                 ->getQuery()
  129.                 ->getOneOrNullResult();
  131.             if ($user !== null)
  132.             {
  133.                 if ($user->getForgotPasswordToken() === null || $user->getTimeForgotPasswordTokenExpires() < new DateTimeImmutable)
  134.                 {
  135.                     $forgotPasswordToken bin2hex(random_bytes(32));
  136.                     $timeForgotPasswordTokenExpires = (new DateTimeImmutable)->add(new DateInterval('PT24H'));
  138.                     $user->setForgotPasswordToken($forgotPasswordToken);
  139.                     $user->setTimeForgotPasswordTokenExpires($timeForgotPasswordTokenExpires);
  141.                     $this->getDoctrine()->getManager()->flush();
  142.                 }
  144.                 $email $this->get(EmailFactory::class)->createForgotPasswordEmail($user);
  145.                 try
  146.                 {
  147.                     $this->get(MailerInterface::class)->send($email);
  148.                 }
  149.                 catch (\Exception $ex)
  150.                 {
  151.                     // could not send
  152.                 }
  153.             }
  155.             if (in_array('application/json'$request->getAcceptableContentTypes()))
  156.             {
  157.                 return $this->json(['success' => true]);
  158.             }
  160.             return $this->render('@BoldrUsers/password-link-sent.html.twig');
  161.         }
  163.         return $this->render('@BoldrUsers/forgot-password.html.twig', [
  164.             'form' => $form->createView()
  165.         ]);
  166.     }
  168.     /**
  169.      * @Route({
  170.      *     "en": "/reset-password/{token}",
  171.      *     "nl": "/wachtwoord-opnieuw-instellen/{token}",
  172.      *     "de": "/passwort-zurucksetzen/{token}"
  173.      * }, name="boldr_users_reset_password")
  174.      * @Route("/boldr-api/boldr-users/reset-password", name="boldr_users_api_reset_password", methods={"POST"})
  175.      */
  176.     public function resetPassword(Request $request, ?string $token null)
  177.     {
  178.         $isJsonRequest in_array('application/json'$request->getAcceptableContentTypes());
  180.         if ($token === null)
  181.         {
  182.             if (!$request->request->has('token'))
  183.             {
  184.                 return $this->json(['success' => false'error' => 'missing_token_parameter']);
  185.             }
  186.             $token $request->request->get('token');
  187.         }
  189.         $userRepository $this->getDoctrine()->getRepository(User::class);
  190.         $user $userRepository->createQueryBuilder('u')
  191.             ->andWhere('u.forgotPasswordToken = :token AND u.timeForgotPasswordTokenExpires >= :now')
  192.             ->setParameter('token'$token)
  193.             ->setParameter('now', new DateTimeImmutable)
  194.             ->setMaxResults(1)
  195.             ->getQuery()
  196.             ->getOneOrNullResult();
  198.         if ($user === null)
  199.         {
  200.             if ($isJsonRequest)
  201.             {
  202.                 return $this->json(['success' => false'error' => 'invalid_or_expired_token']);
  203.             }
  205.             return $this->render('@BoldrUsers/reset-link-expired.html.twig');
  206.         }
  208.         $form $this->createForm(ResetPasswordType::class, null, ['allow_extra_fields' => true]);
  209.         $form->handleRequest($request);
  211.         $newPassword null;
  212.         if ($form->isSubmitted() && $form->isValid())
  213.         {
  214.             $newPassword $form['newPassword']->getData();
  215.         }
  217.         if ($request->request->has('new_password'))
  218.         {
  219.             $newPassword $request->request->get('new_password');
  220.         }
  222.         if ($newPassword !== null)
  223.         {
  224.             $passwordHash $this->get(UserPasswordHasherInterface::class)->hashPassword($user$newPassword);
  225.             $user->setPasswordHash($passwordHash);
  227.             $user->setForgotPasswordToken(null);
  228.             $user->setTimeForgotPasswordTokenExpires(null);
  230.             $this->getDoctrine()->getManager()->flush();
  232.             $event = new UserPasswordChangedEvent($user$newPasswordtrue);
  233.             $this->get(EventDispatcherInterface::class)->dispatch($event);
  235.             $email $this->get(EmailFactory::class)->createPasswordResetEmail($user);
  237.             try
  238.             {
  239.                 $this->get(MailerInterface::class)->send($email);
  240.             }
  241.             catch (\Exception $ex)
  242.             {
  243.                 // could not send email
  244.             }
  246.             if ($isJsonRequest)
  247.             {
  248.                 return $this->json(['success' => true]);
  249.             }
  251.             return $this->render('@BoldrUsers/password-reset.html.twig');
  252.         }
  254.         if ($isJsonRequest)
  255.         {
  256.             return $this->json(['success' => false'error' => 'missing_fields']);
  257.         }
  259.         return $this->render('@BoldrUsers/reset-password.html.twig', [
  260.             'form' => $form->createView()
  261.         ]);
  262.     }
  264.     /**
  265.      * @Route({
  266.      *     "en": "/confirm-email-address/{token}",
  267.      *     "nl": "/bevestig-email-adres/{token}",
  268.      *     "de": "/bestatige-email-adresse/{token}"
  269.      * }, name="boldr_users_confirm_email_address")
  270.      */
  271.     public function confirmEmailAddress(Request $requeststring $token): Response
  272.     {
  273.         $userRepository $this->getDoctrine()->getRepository(User::class);
  274.         $user $userRepository->findOneBy([
  275.             'emailAddressIsConfirmed' => false,
  276.             'confirmEmailAddressToken' => $token
  277.         ]);
  279.         if ($user === null)
  280.         {
  281.             return $this->render('@BoldrUsers/invalid-confirm-token.html.twig');
  282.         }
  284.         $user->setEmailAddressIsConfirmed(true);
  285.         $user->setConfirmEmailAddressToken(null);
  287.         $this->getDoctrine()->getManager()->flush();
  289.         if (in_array('application/json'$request->getAcceptableContentTypes()))
  290.         {
  291.             return $this->json(['success' => true]);
  292.         }
  294.         /** @FIXME Make sure it does not redirect to outside URL */
  295.         if ($request->query->has('redirect'))
  296.         {
  297.             return $this->redirect($request->query->get('redirect'));
  298.         }
  300.         return $this->render('@BoldrUsers/confirmed.html.twig', [
  301.             'user' => $user
  302.         ]);
  303.     }
  305.     /**
  306.      * @Route({
  307.      *     "en": "/resend-confirmation-email",
  308.      *     "nl": "/verstuur-bevestigingsemail-opnieuw",
  309.      *     "de": "/bestatigungsmail-erneut-senden"
  310.      * }, name="boldr_users_resend_confirmation_email")
  311.      * @Route("/boldr-api/boldr-users/resend-confirmation-email", name="boldr_users_api_resend_confirmation_email")
  312.      */
  313.     public function resendConfirmationEmail(Request $request): Response
  314.     {
  315.         $this->denyAccessUnlessGranted('ROLE_USER');
  316.         $isJsonRequest in_array('application/json'$request->getAcceptableContentTypes());
  318.         /** @var User */
  319.         $user $this->getUser();
  321.         if ($user->getEmailAddressIsConfirmed())
  322.         {
  323.             if ($isJsonRequest)
  324.             {
  325.                 return $this->json(['success' => false'error' => 'already_confirmed']);
  326.             }
  328.             return $this->render('@BoldrUsers/already-confirmed.html.twig');
  329.         }
  331.         // Generate a confirmation token if it does not exist yet
  332.         if ($user->getConfirmEmailAddressToken() === null)
  333.         {
  334.             $confirmEmailAddressToken bin2hex(random_bytes(32));
  335.             $user->setConfirmEmailAddressToken($confirmEmailAddressToken);
  337.             $this->getDoctrine()->getManager()->flush();
  338.         }
  340.         $email $this->get(EmailFactory::class)->createResendConfirmationEmail($user);
  341.         try
  342.         {
  343.             $this->get(MailerInterface::class)->send($email);
  344.         }
  345.         catch (\Exception $ex)
  346.         {
  347.             // could not send email
  348.         }
  350.         if ($isJsonRequest)
  351.         {
  352.             return $this->json(['success' => true]);
  353.         }
  355.         /** @FIXME Make sure it does not redirect to outside URL */
  356.         if ($request->query->has('redirect'))
  357.         {
  358.             return $this->redirect($request->query->get('redirect'));
  359.         }
  361.         return $this->render('@BoldrUsers/confirmation-email-resent.html.twig');
  362.     }
  364. }