src/Controller/Back/SecurityController.php line 53

Open in your IDE?
  1. <?php
  3. namespace App\Controller\Back;
  5. use App\Entity\BackUser;
  6. use App\Entity\BackUserLog;
  7. use App\Form\ForgotPasswordType;
  8. use App\Form\Model\ForgotPassword;
  9. use App\Form\Model\ResetPassword;
  10. use App\Form\ResetPasswordType;
  11. use App\Repository\BackUserRepository;
  12. use App\Service\MailService;
  13. use App\Utils\FormHelper;
  14. use DateInterval;
  15. use DateTime;
  16. use Doctrine\ORM\NonUniqueResultException;
  17. use Doctrine\Persistence\ManagerRegistry;
  18. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  19. use Symfony\Component\HttpFoundation\RedirectResponse;
  20. use Symfony\Component\HttpFoundation\Request;
  21. use Symfony\Component\HttpFoundation\Response;
  22. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  23. use Symfony\Component\Routing\Annotation\Route;
  24. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  25. use Twig\Error\LoaderError;
  26. use Twig\Error\RuntimeError;
  27. use Twig\Error\SyntaxError;
  29. #[Route('/back')]
  30. class SecurityController extends AbstractController
  31. {
  32.     /**
  33.      * SecurityController constructor.
  34.      */
  35.     public function __construct(
  36.         protected MailService $mailer,
  37.         protected UserPasswordHasherInterface $passwordEncoder,
  38.         protected ManagerRegistry $registry
  39.     ) {
  40.     }
  42.     /**
  43.      * @throws \Exception
  44.      */
  45.     #[Route('/login'name'back_security_login')]
  46.     public function login(Request $requestAuthenticationUtils $helper): Response
  47.     {
  48.         $session $request->getSession();
  50.         $date = new DateTime();
  51.         $date->sub(new DateInterval('P5M'));
  53.         $locked $session->get('locked'false);
  55.         if ($locked && $locked $date->format('YmdHis')) {
  56.             $session->set('locked'false);
  57.         }
  59.         return $this->render('back/security/login.html.twig', [
  60.             'last_username' => $helper->getLastUsername(),
  61.             'error'         => $helper->getLastAuthenticationError(),
  62.             'locked'        => $session->get('locked'false),
  63.         ]);
  64.     }
  66.     /**
  67.      * @throws NonUniqueResultException
  68.      * @throws LoaderError
  69.      * @throws RuntimeError
  70.      * @throws SyntaxError
  71.      */
  72.     #[Route('/forgot-password'name'back_security_forgotPassword')]
  73.     public function forgotPassword(Request $request): Response
  74.     {
  75.         $forgotPassword = new ForgotPassword();
  77.         $form $this->createForm(ForgotPasswordType::class, $forgotPassword);
  79.         if ('POST' == $request->getMethod()) {
  80.             $form->handleRequest($request);
  82.             if ($form->isSubmitted() && $form->isValid()) {
  83.                 $mail $forgotPassword->getEmail();
  85.                 /** @var BackUserRepository $repository */
  86.                 $repository $this->registry->getRepository(BackUser::class);
  88.                 /** @var BackUser $user */
  89.                 $user $repository->findOneByMail($mail);
  91.                 if (null !== $user) {
  92.                     $user->generateResetPasswordHash();
  94.                     $em $this->registry->getManager();
  95.                     $em->persist($user);
  96.                     $em->flush();
  98.                     $this->mailer->resetPassword($user);
  99.                 }
  101.                 return $this->render('back/security/forgot-password-success.html.twig');
  102.             }
  104.             $errors FormHelper::getErrorMessages($form);
  105.         }
  107.         $form FormHelper::getData($form);
  109.         return $this->render('back/security/forgot-password.html.twig', [
  110.             'form'   => $form['forgot_password']['children'],
  111.             'errors' => $errors ?? null,
  112.         ]);
  113.     }
  115.     /**
  116.      * @throws \Exception
  117.      */
  118.     #[Route('/reset-password/{resetPasswordHash}'name'back_security_resetPassword')]
  119.     public function resetPassword(Request $requestBackUser $user): Response
  120.     {
  121.         $resetPassword = new ResetPassword();
  123.         $form $this->createForm(ResetPasswordType::class, $resetPassword);
  125.         if ('POST' == $request->getMethod()) {
  126.             $form->handleRequest($request);
  128.             if ($form->isSubmitted() && $form->isValid()) {
  129.                 $em $this->registry->getManager();
  131.                 $user->setPassword($this->passwordEncoder->hashPassword($user$resetPassword->getPassword()));
  132.                 $user->setResetPasswordHash();
  133.                 $em->persist($user);
  135.                 $userLog = new BackUserLog();
  136.                 $userLog->setType(BackUserLog::TYPE_RESET_PASSWORD);
  137.                 $userLog->setUser($user);
  138.                 $userLog->setIp($user->getLastIp());
  139.                 $userLog->setDate(new DateTime());
  140.                 $em->persist($userLog);
  142.                 $em->flush();
  144.                 return new RedirectResponse($this->generateUrl('back_security_login'));
  145.             }
  146.             $errors FormHelper::getErrorMessages($form);
  147.         }
  149.         $form FormHelper::getData($form);
  151.         return $this->render('back/security/reset-password.html.twig', [
  152.             'form'   => $form['reset_password']['children'],
  153.             'errors' => $errors ?? null,
  154.             'hash'   => $user->getResetPasswordHash(),
  155.         ]);
  156.     }
  158.     /**
  159.      * @throws \Exception
  160.      */
  161.     #[Route('/unlock-account/{unlockingHash}'name'back_security_unlockAccount')]
  162.     public function unlockAccount(BackUser $user): Response
  163.     {
  164.         $em $this->registry->getManager();
  166.         $user->setEnabled(true);
  167.         $user->setUnlockingHash();
  168.         $em->persist($user);
  170.         $userLog = new BackUserLog();
  171.         $userLog->setType(BackUserLog::TYPE_UNLOCK);
  172.         $userLog->setUser($user);
  173.         $userLog->setIp($user->getLastIp());
  174.         $userLog->setDate(new DateTime());
  175.         $em->persist($userLog);
  177.         $em->flush();
  179.         return new RedirectResponse($this->generateUrl('back_security_login'));
  180.     }
  182.     /**
  183.      * @throws \Exception
  184.      */
  185.     #[Route('/logout'name'back_security_logout')]
  186.     public function logout(): never
  187.     {
  188.         throw new \Exception('This should never be reached!');
  189.     }
  190. }