src/Controller/AuthController.php line 134

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Model\DataObject\Business;
  6. use App\Model\DataObject\User;
  7. use Carbon\Carbon;
  8. use Pimcore\Controller\FrontendController;
  9. use Pimcore\Mail;
  10. use Pimcore\Model\DataObject;
  11. use Pimcore\Model\DataObject\Folder;
  12. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
  13. use Symfony\Component\HttpFoundation\Request;
  14. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  15. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  16. use Symfony\Component\Security\Core\Security as FrontSecurity;
  17. use Symfony\Component\Routing\Annotation\Route;
  18. use Symfony\Component\Validator\Constraints as Assert;
  19. use Symfony\Component\Validator\Validator\ValidatorInterface;
  20. use Pimcore\Model\Element\Service;
  22. class AuthController extends FrontendController
  23. {
  24.     /**
  25.      * @Template
  26.      * @param Request $request
  27.      * @param AuthenticationUtils $authenticationUtils
  28.      * @return array
  29.      * @Route(
  30.      *      "/{_locale}/login",
  31.      *      name="login",
  32.      *      methods={"GET","POST"}
  33.      * )
  34.      */
  35.     public function loginAction(Request $requestAuthenticationUtils $authenticationUtilsFrontSecurity $security)
  36.     {
  37.         $lang $request->getLocale();
  38.         $securityUser $security->getUser();
  39.         if ($securityUser) {
  40.             $user User::getByUsername($securityUser->getUserIdentifier())->load()[0];
  41.             if($user->getBusinesses()) {
  42.                 return $this->redirect($this->generateUrl('dashboard'));
  43.             }else {
  44.                 return $this->redirect('/'.$lang);
  45.             }
  46.         }
  47.         // get the login error if there is one
  48.         $error $authenticationUtils->getLastAuthenticationError();
  49.         // last username entered by the user
  50.         $lastUsername $authenticationUtils->getLastUsername();
  51.         // dd($lastUsername);
  52.         return [
  53.             '_username'       => $lastUsername,
  54.             'error'           => $error,
  55.             '_target_path'    => $request->get('_target_path')??null
  56.         ];
  57.     }
  58.     /**
  59.      * @Route(
  60.      *      "/{_locale}/afterLogin",
  61.      *      name="afterLogin",
  62.      *      methods={"GET"}
  63.      * )
  64.      */
  65.     public function afterLoginAction(Request $requestFrontSecurity $security)
  66.     {
  67.         $lang $request->getLocale();
  68.         $securityUser $security->getUser();
  69.         if ($securityUser) {
  70.             $roles $securityUser->getRoles();
  71.             if (in_array("ROLE_PRO",$roles)){
  72.                 return $this->redirect($this->generateUrl('dashboard'));
  73.             }else if(in_array("ROLE_USER",$roles)){
  74.                 return $this->redirect('/'.$lang);
  75.             }else {
  76.                 return $this->redirect('/'.$lang);
  77.             }
  79.         }else {
  80.             return $this->redirect('/'.$lang);
  81.         }
  82.     }
  84.     /**
  85.      * @Template
  86.      * @param Request $request
  87.      * @return \Symfony\Component\HttpFoundation\JsonResponse|\Symfony\Component\HttpFoundation\RedirectResponse
  88.      * @throws \Exception
  89.      * @Route(
  90.      *      "/{_locale}/reset/password/{renew_token}",
  91.      *      name="reset_password",
  92.      *      methods={"GET","POST"}
  93.      * )
  94.      */
  95.     public function resetPasswordAction(Request $request)
  96.     {
  97.         if ($request->isMethod('POST') && $request->get("new_password")) {
  98.             $user User::getById($request->get('user_id'));
  99.             if (!$user) {
  100.                 return ['error' => "Impossible de trouver l'utilisateur"];
  101.             }
  102.             $user->setPassword($request->get('new_password'));
  103.             $user->setRenewToken(null);
  104.             $user->setRenewExpire(null);
  105.             $user->save();
  106.             return $this->redirect($this->generateUrl("login"));
  107.         } elseif ($request->get("renew_token")) {
  108.             $user User::getByRenewToken($request->get("renew_token"))->load()[0];
  109.             if (!$user) {
  110.                 return $this->redirect($this->generateUrl('login'));
  111.             }
  112.             $expired false;
  113.             if ($user->getRenewExpire()->lt(Carbon::now())) {
  114.                 $expired true;
  115.             }
  116.             $this->view->user $user;
  117.             return ["user" => $user"expired" => $expired];
  118.         } else {
  119.             return $this->redirect($this->generateUrl('login'));
  120.         }
  121.     }
  123.     /**
  124.      * @Template
  125.      * @param Request $request
  126.      * @return \Symfony\Component\HttpFoundation\JsonResponse
  127.      * @throws \Exception
  128.      * @Route(
  129.      *      "/{_locale}/reset/password",
  130.      *      name="ask_reset_password",
  131.      *      methods={"GET","POST"}
  132.      * )
  133.      */
  134.     public function askResetPasswordAction(Request $requestFrontSecurity $security\Pimcore\Config\Config $websiteConfig)
  135.     {
  136.         $lang $request->getLocale();
  137.         $securityUser $security->getUser();
  138.         if ($securityUser) {
  139.             $user User::getByUsername($securityUser->getUserIdentifier())->load()[0];
  140.             if($user->getBusinesses()) {
  141.                 return $this->redirect('/'.$lang.'/pro');
  142.             }else {
  143.                 return $this->redirect('/'.$lang);
  144.             }
  145.         }
  146.         if ($request->isMethod('POST') && $request->get('username')) {
  147.             $user User::getByUsername($request->get('username'))->load()[0];
  148.             if (!$user) {
  149.                 return ["error" => "Le compte n'existe pas"];
  150.             }
  152.             $token md5(time() * 10000);
  153.             $user->setRenewToken($token);
  154.             $nbrDays intval($websiteConfig->get('expirationDays')) === intval($websiteConfig->get('expirationDays'));
  155.             $user->setRenewExpire(Carbon::now()->addDay($nbrDays));
  156.             $user->save();
  158.             $mail = new Mail();
  159.             $mail->setDocument('/'.$lang."/emails/reset-password");
  160.             $mail->to($user->getUsername());
  161.             $mail->setParam('renewLink'$this->generateUrl("reset_password", ['renew_token' => $token],  UrlGeneratorInterface::ABSOLUTE_URL));
  162.             $mail->send();
  163.             return ["message" => "Vous avez reçu un lien pour modifier votre mot de passe par email."];
  164.         }
  165.     }
  167.     /**
  168.      * @Template
  169.      * @Route(
  170.      *      "/{_locale}/register",
  171.      *      name="register",
  172.      *      methods={"GET","POST"}
  173.      * )
  174.      */
  175.     public function registerAction(Request $requestFrontSecurity $security\Pimcore\Config\Config $websiteConfigValidatorInterface $validator)
  176.     {
  177.         $lang $request->getLocale();
  178.         $securityUser $security->getUser();
  179.         if ($securityUser) {
  180.             $user User::getByUsername($securityUser->getUserIdentifier())->load()[0];
  181.             if($user->getBusinesses()) {
  182.                 return $this->redirect('/'.$lang.'/pro');
  183.             }else {
  184.                 return $this->redirect('/'.$lang);
  185.             }
  186.         }
  188.         if ($request->isMethod('POST')) {
  189.             foreach (['gender''lastname''firstname''email''confirm-email''phone''password''confirm-password'] as $required_field) {
  190.                 $isSet false;
  191.                 if (is_array($required_field)) {
  192.                     foreach ($required_field as $field) {
  193.                         if ($request->get($field)) {
  194.                             $isSet true;
  195.                         }
  196.                     }
  197.                 } else {
  198.                     $isSet $request->get($required_field);
  199.                 }
  201.                 if (!$isSet) {
  202.                     return ["error" => "Vous devez remplir tous les champs.""previousValues" =>$request->request->all()];
  203.                 }
  204.             }
  206.             $email $request->get('email');
  207.             $confirmEmail $request->get('confirm-email');
  208.             if ($email !== $confirmEmail) {
  209.                 return ["error" => "Les 2 adresses email ne sont pas identiques""previousValues" =>$request->request->all()];
  210.             }
  212.             $password $request->get('password');
  213.             $confirmPassword $request->get('confirm-password');
  214.             if ($password !== $confirmPassword) {
  215.                 return ["error" => "Les 2 mots de passe ne sont pas identiques""previousValues" =>$request->request->all()];
  216.             }
  218.             $emailConstraint = new Assert\Email();
  219.             $errors $validator->validate($email$emailConstraint);
  220.             if (count($errors) > 0) {
  221.                 return ["error" => $errors[0]->getMessage(), "previousValues" =>$request->request->all()];
  222.             }
  224.             $checkUser User::getByUsername($email, ['limit' => 1,'unpublished' => true]);
  225.             if ($checkUser) {
  226.                 return ["message" => 'Le compte existe déjà, <a href="'$this->generateUrl('login') .'">connectez-vous</a> ou <a href="'$this->generateUrl('ask_reset_password') .'">cliquez ici</a> pour réinitialiser votre mot de passe'];
  227.             }
  229.             $gender $request->get('gender');
  230.             $firstName $request->get('firstname');
  231.             $lastName $request->get('lastname');
  232.             $phone $request->get('phone');
  235.             $user = new User();
  236.             $user->setGender($gender);
  237.             $user->setFirstname($firstName);
  238.             $user->setLastname($lastName);
  239.             $user->setPhone($phone);
  240.             $user->setUsername($email);
  241.             $user->setPassword($password);
  242.             $businesses Business::getByEmail($email);
  243.             if(!$businesses) {
  244.                 $user->setRoles(["ROLE_USER"]);
  245.             }else {
  246.                 $user->setRoles(["ROLE_PRO"]);
  247.                 $businesses->load();
  248.                 $businessesToAdd = [];
  249.                 foreach($businesses as $business) {
  250.                     $businessesToAdd = [...$businessesToAdd$business];
  251.                 }
  252.                 $user->setBusinesses($businessesToAdd);
  253.             }
  254.             $keyname Service::getValidKey($email'object');
  255.             $user->setKey($keyname);
  256.             $user->setParent(Folder::getByPath('/users') ?? Folder::create(['o_parentId' => 1'o_key' => 'users']));
  257.             $user->setPublished(false);
  258.             $token md5(uniqid('renew_token'true));
  259.             $user->setRenewToken($token);
  260.             $nbrDays intval($websiteConfig->get('expirationDays')) === intval($websiteConfig->get('expirationDays'));
  261.             $user->setRenewExpire(Carbon::now()->addDays($nbrDays));
  262.             $user->save();
  265.             $mail = new Mail();
  266.             $mail->setDocument('/'.$request->getLocale()."/emails/verify-email");
  267.             $mail->to($user->getUsername());
  268.             $mail->setParam('Link'$this->generateUrl('verify_email', ['renew_token' => $user->getRenewToken()], UrlGeneratorInterface::ABSOLUTE_URL));
  269.             $mail->send();
  271.             return ["message" => "Votre adresse email doit être confirmée, vous allez recevoir un email de confirmation"];
  273.         }
  275.         return ["previousValues" => ["gender"=> """firstname" => """lastname" => """email" => """confirm-email" =>"""phone" => ""]];
  276.     }
  278.     /**
  279.      * @Template
  280.      * @Route(
  281.      *      "/verify-email/{renew_token}",
  282.      *      name="verify_email",
  283.      *      methods={"GET"}
  284.      * )
  285.      */
  286.     public function verifyEmailAction(Request $request\Pimcore\Config\Config $websiteConfig)
  287.     {
  288.         if ($request->get('renew_token')) {
  289.             $user User::getByRenewToken($request->get("renew_token"), ['limit' => 1,'unpublished' => true]);
  290.             if (!$user) {
  291.                 return ["error" => "Vous devez définir un token valide""message" => false];
  292.             }
  293.             $user->setPublished(true);
  294.             $user->setRenewToken(null);
  295.             $user->setRenewExpire(null);
  296.             $user->save();
  297.             return ["message" => "Merci d'avoir validé votre compte, vous pouvez désormais vous connecter"];
  298.         } else {
  299.             return ["error" => "Vous devez définir un token valide""message" => false];
  300.         }
  301.     }
  304.     /**
  305.      * @Route("/logout", name="logout", methods={"GET"})
  306.      */
  307.     public function logout()
  308.     {
  309.         // controller can be blank: it will never be executed!
  310.         throw new \Exception('Don\'t forget to activate logout in security.yaml');
  311.     }
  313. }