src/ClientBundle/Controller/AuthController.php line 259

Open in your IDE?
  1. <?php
  2. namespace ClientBundle\Controller;
  4. use AdminBundle\Controller\BaseController;
  5. use AdminBundle\Entity\Account;
  6. use AdminBundle\Entity\Settings;
  7. use AdminBundle\Entity\User;
  8. use AdminBundle\Helpers\MandrillManager;
  9. use ClientBundle\Form\AuthType;
  10. use ClientBundle\Form\RegisterType;
  11. use FOS\UserBundle\Form\Factory\FactoryInterface;
  12. use FOS\UserBundle\Model\UserManagerInterface;
  13. use FOS\UserBundle\Util\TokenGeneratorInterface;
  14. use Symfony\Component\HttpFoundation\RedirectResponse;
  15. use Symfony\Component\HttpFoundation\Request;
  16. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  17. use Symfony\Component\Security\Core\Exception\AccountStatusException;
  18. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  21. class AuthController extends BaseController {
  23. public function loginAction(AuthenticationUtils $authenticationUtils) {
  24. $flash = $this->get('session')->getFlashBag();
  25. $error = $authenticationUtils->getLastAuthenticationError();
  26. if ($error) {
  27. $flash->add(
  28. 'danger',
  29. 'Something went wrong. '. $error->getMessage()
  30. );
  31. } else {
  32. $flash->add(
  33. 'info',
  34. '<strong>First time logging in?</strong> '.
  35. '<br/> * Use the "<b>Reset your password</b>" feature to receive a password reset link, or'.
  36. '<br/> * Use the "<b>Authentication Link</b>" feature to receive a quick-login link'.
  37. '<br/><b>Note:</b> The links expire once used.'
  38. );
  39. }
  40. $lastUsername = $authenticationUtils->getLastUsername();
  41. return $this->render('@Client/Auth/Login/login.html.twig', [
  42. 'last_username' => $lastUsername,
  43. 'error' => $error,
  44. ]);
  45. }
  47. public function resetRequestAction(Request $request) {
  48. $default = true;
  49. $flash = $this->get('session')->getFlashBag();
  50. $form = $this->createForm(
  51. AuthType::class
  52. );
  53. $form->handleRequest($request);
  54. if ($form->isSubmitted() && $form->isValid()) {
  55. $email = $form->get('email')->getData();
  56. $userManager = $this->get('sonata.user.user_manager');
  57. $user = $userManager->findUserByUsernameOrEmail($email);
  58. if (null === $user) {
  59. $default = false;
  60. $flash->add(
  61. 'danger',
  62. 'The provided email address "<b>'. $email. '</b>" does not belong to any existing users.'
  63. );
  64. } else {
  65. $ttl = $this->getParameter('fos_user.resetting.retry_ttl');
  66. if (!$user->isPasswordRequestNonExpired($ttl)) {
  67. /** @var $tokenGenerator TokenGeneratorInterface */
  68. $tokenGenerator = $this->get('fos_user.util.token_generator');
  69. $user->setConfirmationToken(
  70. $tokenGenerator->generateToken()
  71. );
  72. $user->setPasswordRequestedAt(new \DateTime());
  73. $userManager->save($user);
  74. $this->sendResettingEmail($user);
  75. $default = false;
  76. $flash->add(
  77. 'success',
  78. 'A password reset link has been sent to the provided email.<br/>
  79. Please access the link to reset your password.<br/>
  80. <b>Note:</b> You can only request a password reset link once every'.
  81. ' <b>'. ceil($ttl / 3600). '</b> hours.<br/>'.
  82. "If you didn't receive an email try checking your spam folder ".
  83. 'or try again later.'
  84. );
  85. } else {
  86. $default = false;
  87. $flash->add(
  88. 'warning',
  89. 'You can only request a password reset link once every'.
  90. ' <b>'. ceil($ttl / 3600). '</b> hours.<br/> Please try again later.'
  91. );
  92. }
  93. }
  94. }
  95. if ($default) {
  96. $flash->add(
  97. 'success',
  98. 'Please insert your email address below to receive a password reset link.'
  99. );
  100. }
  101. return $this->render('@Client/Auth/Reset/request.html.twig',[
  102. 'form' => $form->createView(),
  103. ]);
  104. }
  106. public function resetProcessAction(Request $request, $token) {
  107. $flash = $this->get('session')->getFlashBag();
  108. $userManager = $this->get('sonata.user.user_manager');
  109. $user = $userManager->findUserByConfirmationToken($token);
  110. if (
  111. !$user ||
  112. !$user->isPasswordRequestNonExpired(
  113. $this->getParameter('fos_user.resetting.token_ttl')
  114. )
  115. ) {
  116. $flash->add(
  117. 'danger',
  118. 'The password reset link is invalid.'
  119. );
  120. $flash->add(
  121. 'info',
  122. 'Use the "<b>Reset your password</b>" feature below to receive a new reset link.'
  123. );
  124. return new RedirectResponse(
  125. $this->generateUrl('client_login')
  126. );
  127. }
  128. /** @var $formFactory \FOS\UserBundle\Form\Factory\FactoryInterface */
  129. $formFactory = $this->get('fos_user.resetting.form.factory');
  130. $form = $formFactory->createForm();
  131. $form->setData($user);
  132. $form->handleRequest($request);
  133. if ($form->isSubmitted() && $form->isValid()) {
  134. $user->setConfirmationToken(null);
  135. $user->setPasswordRequestedAt(null);
  136. $user->setEnabled(true);
  137. $message = $this->get('translator')->trans(
  138. 'resetting.flash.success',
  139. [],
  140. 'FOSUserBundle'
  141. );
  142. $flash->add('success', $message);
  143. $response = new RedirectResponse(
  144. $this->generateUrl('client_homepage')
  145. );
  146. return $this->authUser($user, $request, $response);
  147. } else {
  148. $flash->add(
  149. 'success',
  150. 'Please set and confirm your new password below.'
  151. );
  152. }
  153. return $this->render(
  154. '@Client/Auth/Reset/form.html.twig', [
  155. 'token' => $token,
  156. 'form' => $form->createView(),
  157. ]
  158. );
  159. }
  161. public function sendResettingEmail($user) {
  162. $em = $this->get('doctrine');
  163. $phone = $user->getPhone();
  164. $name = $user->getFullname();
  165. if (
  166. $client = $em->getRepository(Account::class)->findOneBy([
  167. 'user' => $user->getId(),
  168. ])
  169. ) {
  170. $phone = $client->getPhone();
  171. $name = $client->getName();
  172. }
  173. $url = $this->get('router')->generate(
  174. 'client_reset_process',[
  175. 'token' => $user->getConfirmationToken(),
  176. ], UrlGeneratorInterface::ABSOLUTE_URL
  177. );
  178. $from = $this->get('settings_repo')->getOfficeEmail();
  179. $mandrillManager = $this->get('mandrill.manager');
  180. $mandrillManager->sendTemplate(
  181. MandrillManager::$TEMPLATE_EMAIL_NOTIFICATION_GENERAL,
  182. [],
  183. [
  184. 'subject' => 'Twelve Transfers - Password Reset',
  185. 'from_email' => $from,
  186. 'to' => [
  187. 'email' => $user->getEmail(),
  188. 'name' => $user->getUsername(),
  189. 'type' => 'to',
  190. ],
  191. 'global_merge_vars' => [
  192. 'request_email' => $user->getEmail(),
  193. 'subject' => 'Password Reset',
  194. "content" => $this->renderView(
  195. '@Client/Auth/Reset/email.html.twig', [
  196. 'url' => $url
  197. ]
  198. ),
  199. ],
  200. ],
  201. true
  202. );
  203. }
  205. protected function authUser($user, $request, $response) {
  206. $userManager = $this->get('sonata.user.user_manager');
  207. /** @var $loginManager \FOS\UserBundle\Security\LoginManagerInterface */
  208. $loginManager = $this->get('fos_user.security.login_manager');
  209. try {
  210. $firewallName = 'client';
  211. $loginManager->logInUser($firewallName, $user, $response);
  212. $this->get(
  213. 'authentication.handler.login_success_handler'
  214. )->onAuthenticationSuccess(
  215. $request,
  216. $this->get('security.token_storage')->getToken()
  217. );
  218. $user->setLastLogin(new \DateTime());
  219. } catch (AccountStatusException $ex) {
  220. if ($this->has('logger')) {
  221. $this->get('logger')->warning(
  222. sprintf(
  223. 'Unable to login user %d',
  224. $user->getId()
  225. )
  226. );
  227. }
  228. }
  229. $userManager->save($user);
  230. return $response;
  231. }
  233. public function authProcessAction(Request $request, $token, $url) {
  234. $userManager = $this->get('sonata.user.user_manager');
  235. $user = $userManager->findUserByConfirmationToken($token);
  236. if (!$user) {
  237. $flash = $this->get('session')->getFlashBag();
  238. $flash->add(
  239. 'danger',
  240. 'The authentication link is invalid.'
  241. );
  242. return new RedirectResponse(
  243. $this->generateUrl('client_login')
  244. );
  245. }
  246. $user->setConfirmationToken(null);
  247. if ($url) {
  248. $url = urldecode($url);
  249. } else {
  250. $url = $this->generateUrl('client_homepage');
  251. }
  252. $response = new RedirectResponse($url);
  253. return $this->authUser($user, $request, $response);
  254. }
  256. public function authLinkAction(Request $request) {
  257. $default = true;
  258. $to = $request->query->get('to');
  259. $flash = $this->get('session')->getFlashBag();
  260. $form = $this->createForm(
  261. AuthType::class
  262. );
  263. $form->handleRequest($request);
  264. if ($form->isSubmitted() && $form->isValid()) {
  265. $email = $form->get('email')->getData();
  266. $userManager = $this->get('sonata.user.user_manager');
  267. $user = $userManager->findUserByUsernameOrEmail($email);
  268. if (null === $user) {
  269. $default = false;
  270. $flash->add(
  271. 'danger',
  272. 'The provided email address "<b>'. $email.'</b>" does not belong to any existing users.'
  273. );
  274. } else {
  275. /** @var $tokenGenerator TokenGeneratorInterface */
  276. $tokenGenerator = $this->get('fos_user.util.token_generator');
  277. $user->setConfirmationToken(
  278. $tokenGenerator->generateToken()
  279. );
  280. $userManager->save($user);
  281. $this->sendAuthEmail($user, $to);
  282. $default = false;
  283. $flash->add(
  284. 'success',
  285. 'The authentication link has been sent. Please check your email.'
  286. );
  287. }
  288. }
  289. if ($default) {
  290. $flash->add(
  291. 'success',
  292. 'Please insert your email address below to receive an authentication link.'
  293. );
  294. }
  295. return $this->render(
  296. '@Client/Auth/Login/link.html.twig', [
  297. 'form' => $form->createView()
  298. ]
  299. );
  300. }
  302. public function sendAuthEmail($user, $to = null) {
  303. $url = $this->get('router') ->generate(
  304. 'client_auth_process', [
  305. 'token' => $user->getConfirmationToken(),
  306. 'url' => urlencode($to)
  307. ], UrlGeneratorInterface::ABSOLUTE_URL
  308. );
  309. $from = $this->get('settings_repo')->getOfficeEmail();
  310. $mandrillManager = $this->get('mandrill.manager');
  311. $mandrillManager->sendTemplate(
  312. MandrillManager::$TEMPLATE_EMAIL_NOTIFICATION_GENERAL,
  313. [],
  314. [
  315. 'subject' => 'Twelve Transfers - Authentication Link',
  316. 'from_email' => $from,
  317. 'to' => [
  318. 'email' => $user->getEmail(),
  319. 'name' => $user->getUsername(),
  320. 'type' => 'to',
  321. ],
  322. 'global_merge_vars' => [
  323. "content" => $this->renderView(
  324. '@Client/Auth/Login/email.html.twig', [
  325. 'url' => $url
  326. ]
  327. ),
  328. 'request_email' => $user->getEmail(),
  329. 'subject' => 'Authentication Link',
  330. ],
  331. ],
  332. true
  333. );
  334. }
  336. public function signUpAction(Request $request) {
  337. $error = false;
  338. $flash = $this->get('session')->getFlashBag();
  339. $form = $this->createForm(
  340. AuthType::class
  341. );
  342. $form->handleRequest($request);
  343. if ($form->isSubmitted() && $form->isValid()) {
  344. $email = $form->get('email')->getData();
  345. $userManager = $this->get('sonata.user.user_manager');
  346. $user = $userManager->findUserByUsernameOrEmail($email);
  347. if (null === $user) {
  348. $now = new \DateTime();
  349. $user = $userManager->create();
  350. $user->setUsername($email);
  351. $user->setUsernameCanonical($email);
  352. $user->setEmail($email);
  353. $user->setEmailCanonical($email);
  354. $user->setPassword(md5(uniqid()));
  355. $user->addRole('ROLE_CLIENT');
  356. $user->setCreatedAt($now);
  357. $user->setUpdatedAt($now);
  358. $user->setEnabled(true);
  359. $userManager->save($user);
  360. $flash->add(
  361. 'success',
  362. 'Your account has been created!'
  363. );
  364. return new RedirectResponse(
  365. $this->generateUrl('client_login')
  366. );
  367. } else {
  368. $error = true;
  369. $flash->add(
  370. 'danger',
  371. 'This email is already being used. Use a different email address.'
  372. );
  373. }
  374. }
  375. if (!$error) {
  376. $flash->add(
  377. 'success',
  378. 'Please insert your email address below to create an account.'
  379. );
  380. }
  381. return $this->render('@Client/Auth/Register/signup.html.twig',[
  382. 'form' => $form->createView(),
  383. ]);
  384. }
  386. public function registerAction(
  387. Request $request
  388. ) {
  389. $error = false;
  390. $flash = $this->get('session')->getFlashBag();
  391. $userManager = $this->get('sonata.user.user_manager');
  392. $user = $userManager->create();
  393. $form = $this->createForm(
  394. RegisterType::class,
  395. $user
  396. );
  397. $form->handleRequest($request);
  398. if ($form->isSubmitted() && $form->isValid()) {
  399. $now = new \DateTime();
  400. $user = $form->getData();
  401. $email = $user->getEmail();
  402. $found = $userManager->findUserByUsernameOrEmail($email);
  403. if (null === $found) {
  404. $user->setUsername($email);
  405. $user->setUsernameCanonical($email);
  406. $user->setEmail($email);
  407. $user->setEmailCanonical($email);
  408. $user->addRole('ROLE_CLIENT');
  409. $user->setCreatedAt($now);
  410. $user->setUpdatedAt($now);
  411. $user->setEnabled(true);
  412. $userManager->save($user);
  413. $flash->add(
  414. 'success',
  415. 'Your account has been created!'
  416. );
  417. $response = new RedirectResponse(
  418. $this->generateUrl('client_homepage')
  419. );
  420. return $this->authUser($user, $request, $response);
  421. } else {
  422. $error = true;
  423. $flash->add(
  424. 'danger',
  425. 'This email is already being used. Use a different email address.'
  426. );
  427. }
  428. }
  429. if (!$error) {
  430. $flash->add(
  431. 'success',
  432. 'Please fill in your details below to create an account.'
  433. );
  434. }
  435. return $this->render(
  436. '@Client/Auth/Register/register.html.twig', [
  437. 'form' => $form->createView()
  438. ]
  439. );
  440. }
  442. }