src/Controller/SecurityController.php line 111

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Event\AppEvents;
  6. use App\Event\UserResetPasswordEvent;
  7. use App\Model\Form\ChangePasswordForm;
  8. use App\Model\Form\ResetPasswordForm;
  9. use App\Repository\UserRepository;
  10. use DateTime;
  11. use App\Entity\User;
  12. use App\ValueObject\SearchCriteria\UserSearchCriteria;
  13. use Doctrine\ORM\EntityManagerInterface;
  14. use Ecommerce121\UtilBundle\Controller\ControllerBase;
  15. use Ecommerce121\UtilBundle\Controller\ControllerUtil;
  16. use Exception;
  17. use Symfony\Component\Routing\Annotation\Route;
  18. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
  19. use Symfony\Component\HttpFoundation\Request;
  20. use Symfony\Component\HttpFoundation\Session\Session;
  21. use Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactoryInterface;
  22. use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
  23. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  24. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  26. /**
  27.  * Class with version related actions.
  28.  */
  29. class SecurityController extends ControllerBase
  30. {
  31.     /**
  32.      * @var AuthenticationUtils
  33.      */
  34.     private $authenticationUtils;
  36.     /**
  37.      * @var PasswordHasherFactoryInterface
  38.      */
  39.     private $encoderFactory;
  40.     private EntityManagerInterface $entityManager;
  41.     private UserRepository $userRepository;
  43.     /**
  44.      * Constructor.
  45.      *
  46.      * @param ControllerUtil          $controllerUtil
  47.      * @param AuthenticationUtils     $authenticationUtils
  48.      * @param PasswordHasherFactoryInterface $encoderFactory
  49.      */
  50.     public function __construct(
  51.         ControllerUtil $controllerUtil,
  52.         AuthenticationUtils $authenticationUtils,
  53.         PasswordHasherFactoryInterface $encoderFactory,
  54.         EntityManagerInterface $entityManager,
  55.         UserRepository $userRepository
  56.     ) {
  57.         parent::__construct($controllerUtil);
  59.         $this->authenticationUtils $authenticationUtils;
  60.         $this->encoderFactory $encoderFactory;
  61.         $this->entityManager $entityManager;
  62.         $this->userRepository $userRepository;
  63.     }
  65.     /**
  66.      * @Route("/login", name="app_login")
  67.      * @Template("Security/login.html.twig")
  68.      */
  69.     public function loginAction()
  70.     {
  71.         if ($this->getUser() instanceof User) {
  72.             $dashboardPath $this->generateUrl('app_home');
  73.             return $this->redirect($dashboardPath);
  74.         }
  75.         return [
  76.             // last username entered by the user (if any)
  77.             'last_username' => $this->authenticationUtils->getLastUsername(),
  78.             // last authentication error (if any)
  79.             'error' => $this->authenticationUtils->getLastAuthenticationError(),
  80.         ];
  81.     }
  83.     /**
  84.      * @Route("/loginCheck", name="app_login_check")
  85.      *
  86.      * @throws \Exception
  87.      */
  88.     public function loginCheckAction()
  89.     {
  90.         throw new \RuntimeException('This should never be reached!');
  91.     }
  93.     /**
  94.      * @Route("/logout", name="app_logout")
  95.      *
  96.      * @throws \Exception
  97.      */
  98.     public function logoutAction()
  99.     {
  100.         throw new \RuntimeException('This should never be reached!');
  101.     }
  103.     /**
  104.      * @Route("/resetPassword", name="app_reset_password")
  105.      * @Template("Security/resetPassword.html.twig")
  106.      *
  107.      * @param Request $request
  108.      *
  109.      * @return array
  110.      */
  111.     public function resetPasswordAction(Request $request)
  112.     {
  113.         $form $this->createForm(ResetPasswordForm::class);
  114.         $form->handleRequest($request);
  116.         if ($form->isSubmitted() && $form->isValid()) {
  117.             $email $form->get('email')->getData();
  118.             /** @var User $user */
  119.             $user $this->getEntityManager()->getRepository(User::class)->findOneBy(['email' => $email]);
  121.             if ($user instanceof User) {
  122.                 $user->setForgetPasswordValidUntil(new DateTime('+7 days'));
  123.                 $user->setForgetPasswordCode(uniqid());
  125.                 $this->getEntityManager()->persist($user);
  126.                 $this->getEntityManager()->flush();
  128.                 $this->dispatchEvent(AppEvents::USER_RESET_PASSWORD, new UserResetPasswordEvent($user));
  129.             }
  130.         }
  132.         return [
  133.             'form' => $form->createView(),
  134.             'formIsValid' => $form->isSubmitted() && $form->isValid(),
  135.         ];
  136.     }
  138.     /** use common method */
  140.     /**
  141.      * @Route("/changePassword/{code}", name="app_change_password")
  142.      * @Template("Security/changePassword.html.twig")
  143.      */
  144.     public function changePasswordAction($codeRequest $request)
  145.     {
  146.         return $this->handlePasswordChange($code$request'resetPassword');
  147.     }
  149.     /**
  150.      * @Route("/update-password/{code}", name="app_update_user_password")
  151.      * @Template("Security/changePassword.html.twig")
  152.      */
  153.     public function updateUserPassword($codeRequest $request)
  154.     {
  155.         return $this->handlePasswordChange($code$request'updatePassword');
  156.     }
  158.     private function handlePasswordChange($codeRequest $requeststring $passwordAction) {
  159.         $this->forward404Unless($code);
  161.         /** @var User $user */
  162.         $user $this->userRepository->findOneBy(['forgetPasswordCode' => $code]);
  163.         $oldPassword $user->getPassword();
  165.         $homeUrl $this->generateUrl('app_home');
  167.         $updatePassUrl $this->generateUrl('app_update_user_password', ['code' => $code]);
  169.         if (!$user instanceof User) {
  170.             /** @var Session $session */
  171.             $session $request->getSession();
  172.             $session->getFlashBag()->add(
  173.                 'message_password',
  174.                 'You code have been already used or have expired.'
  175.             );
  177.             return $this->redirect($homeUrl);
  178.         }
  180.         $form $this->createForm(ChangePasswordForm::class);
  181.         $form->handleRequest($request);
  183.         if ($form->isSubmitted() && $form->isValid()) {
  184.             $encoder $this->encoderFactory->getPasswordHasher(User::class);
  185.             $encodedPassword $encoder->hash($form['newPassword']->getData(), $user->getSalt());
  186.             $user->changePassword($encodedPassword);
  187.             $user->setForgetPasswordCode(null);
  188.             $user->setForgetPasswordValidUntil(null);
  189.             $user->setPasswordValidUntil(new \DateTime('+90 days'));
  191.             $session $request->getSession();
  192.             $newPassword $form['newPassword']->getData();
  193.             $sameAsOldPassword $encoder->verify($oldPassword$newPassword);
  194.             if ($sameAsOldPassword) {
  195.                 $session->getFlashBag()->add('message_password''Please use different password. Old password and new password are same.');
  196.                 return $this->redirect($updatePassUrl);
  197.             }
  199.             $this->entityManager->persist($user);
  200.             $this->entityManager->flush();
  202.             $session $request->getSession();
  203.             $session->getFlashBag()->add('message_password''Your password has been updated.');
  204.             return $this->redirect($homeUrl);
  205.         }
  207.         return [
  208.             'form' => $form->createView(),
  209.             'code' => $code,
  210.             'user' => $user,
  211.             'updatePassword' => ($passwordAction === 'updatePassword')
  212.         ];
  213.     }
  214. }