src/Controller/SecurityController.php line 44

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\User;
  6. use App\Form\EmailResetType;
  7. use App\Form\UserResetPasswordType;
  8. use App\Form\ResetType;
  9. use App\Utils\ProfileUtils;
  10. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  11. use Symfony\Component\HttpFoundation\Request;
  12. use Symfony\Component\HttpFoundation\Response;
  13. use Symfony\Component\Mailer\MailerInterface;
  14. use Symfony\Component\Mime\Address;
  15. use Symfony\Component\Mime\Email;
  16. use Symfony\Component\Routing\Annotation\Route;
  17. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  18. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  21. class SecurityController extends AbstractController
  22. {
  23.     /**
  24.     * @Route("/login", name="app_login")
  25.     */
  26.     public function login(AuthenticationUtils $authenticationUtils): Response
  27.     {
  28.         if ($this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')){
  29.             return $this->redirectToRoute('home_index');
  30.         }
  31.         // get the login error if there is one
  32.         $error $authenticationUtils->getLastAuthenticationError();
  33.         // last username entered by the user
  34.         $lastUsername $authenticationUtils->getLastUsername();
  35.     
  36.         return $this->render('security/login.html.twig', ['last_username' => $lastUsername'error' => $error]);
  37.     }
  39.     /**
  40.     * @Route("/reset", name="reset_login")
  41.     */
  42.     public function resetPassword(Request $requestMailerInterface $mailer)
  43.     {
  44.         $entityManager $this->getDoctrine()->getManager();
  45.         $form $this->createForm(EmailResetType::class);
  46.         $ipRequest $request->server->get('REMOTE_ADDR');
  47.         $dateRequest = new  \Datetime("now");
  48.         $form->handleRequest($request);
  49.         
  50.         if ($form->isSubmitted() && $form->isValid()) {
  51.             $user $entityManager->getRepository(User::class)->findOneByEmail($form->getData()['email']);
  52.             if ($user !== null) {
  53.                 $token uniqid();
  54.                 $user->setResetPassword($token);
  55.                 $entityManager->persist($user);
  56.                 $entityManager->flush();
  57.                 $mailTo $user->getEmail();
  58.                 $message = (new Email())
  59.                     ->from(new Address('no-reply@skaze.fr''Skaze Tools Suite'))
  60.                     ->to($mailTo)
  61.                     ->subject('Request from Skaze Tools')
  62.                     ->html($this->renderView('email/reset.password.html.twig', array('user' => $user,'token' => $token'ipRequest' => $ipRequest'dateRequest' => $dateRequest)))
  63.                 ;
  64.                 $result $mailer->send($message);
  66.                 return $this->render('security/reset.password.confirmation.html.twig');
  67.             }
  68.         }
  70.         return $this->render('generic_forms/_form_bootstrap_without_variables.html.twig', array(
  71.             'form' => $form->createView(),
  72.             'title' => "Reset password",
  73.             'message' => "Please fill in your email below, we will send you a link to update your password."
  74.         ));
  75.     }
  77.      /**
  78.     * @Route("/reset/password/token", name="reset_password_token")
  79.     */
  80.     public function resetPasswordToken(Request $requestUserPasswordHasherInterface $encoderAuthenticationUtils $authenticationUtils)
  81.     {
  82.         $token $request->query->get('token');
  83.    
  84.         if ($token !== null) {
  85.             $entityManager $this->getDoctrine()->getManager();
  86.             $user $entityManager->getRepository(User::class)->findOneByResetPassword($token);
  87.             if ($user !== null) {
  89.                 // Return to login page with error message if token > 15 minutes
  90.                 $lastupdatedDate $user->getUpdatedAt();
  91.                 $lastUpdateT $lastupdatedDate->getTimestamp();
  92.                 $now = new \Datetime;
  93.                 $nowT $now->getTimestamp();
  94.                 $diff abs($nowT $lastUpdateT); 
  95.                 // 900 seconds = 15 minutes
  96.                 if(intval($diff) > 900) {
  97.                     $error "Your mail has be sent more 15 minutes ago, click in forgotten password again and we will send you a new mail to reset your password";
  98.                 return $this->render('security/login.html.twig', ['errorArchived' => $error]);
  99.                 }
  101.                 // Else, user can change his password
  102.                 $form $this->createForm(UserResetPasswordType::class, $user);
  104.                 $form->handleRequest($request);
  105.                 if ($form->isSubmitted() && $form->isValid()) {
  106.                     $plainPassword $_POST['user_reset_password']['password']['first'];
  107.                     $encoded $encoder->hashPassword($user$plainPassword);
  108.                     $user->setPassword($encoded);
  109.                     $entityManager->persist($user);
  110.                     $entityManager->flush();
  111.                     return $this->redirectToRoute('app_login');
  112.                 }
  114.                 return $this->render('generic_forms/_form_bootstrap_without_variables.html.twig', array(
  115.                     'form' => $form->createView(),
  116.                     'title' => "Enter your new password",
  117.                     "message" => "Please fill your new password."
  118.                 ));       
  119.             }
  120.         }
  121.         // get the login error if there is one
  122.         $error $authenticationUtils->getLastAuthenticationError();
  123.         // last username entered by the user
  124.         $lastUsername $authenticationUtils->getLastUsername();
  125.         
  126.         return $this->render('security/login.html.twig', ['last_username' => $lastUsername'error' => $error]);
  127.     }
  129.      /**
  130.     * @Route("/report/token", name="report_token")
  131.     */
  132.     public function reportToken(Request $requestMailerInterface $mailer)
  133.     {
  134.         $ipReport $request->server->get('REMOTE_ADDR');
  135.         $token $request->query->get('token');
  136.         $ipRequest $request->query->get('ipRequest');
  137.         $dateRequest $request->query->get('dateRequest');
  139.         if ($token !== null) {
  140.             $entityManager $this->getDoctrine()->getManager();
  141.             $user $entityManager->getRepository(User::class)->findOneByResetPassword($token);
  143.             if ($user !== null) {
  144.                 //As the demand is not from the user, remove token
  145.                 $user->setResetPassword("");
  146.                 $entityManager->persist($user);
  147.                 $entityManager->flush();
  148.                 $admin "dev.skaze@algorun.com";
  149.                 $mailTo $admin;
  150.                 $message = (new Email())
  151.                     ->from(new Address('no-reply@skaze.fr''Skaze Tools Suite'))
  152.                     ->to($mailTo)
  153.                     ->subject('Report Skaze Tools')
  154.                     ->html(
  155.                       $this->renderView('email/report.token.html.twig', array('user' => $user,'token' => $token'ipRequest' => $ipRequest'dateRequest' => $dateRequest["date"], 'ipReport' => $ipReport'date' => new \Datetime("now"))))
  156.                 ;
  157.    
  158.                 $result $mailer->send($message);
  160.                // Render view to confirm he can have a connexion with the old password
  161.                return $this->render('security/report.token.confirmation.html.twig', array(
  162.                    'token' => $token,
  163.                ));
  164.            }
  165.         }
  166.         // if $token exists, return the login form
  167.         return $this->render('security/report.token.confirmation.html.twig');
  168.     }
  169. }