src/AppBundle/Controller/SecurityController.php line 20

Open in your IDE?
  1. <?php
  3. namespace AppBundle\Controller;
  5. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  6. use Symfony\Component\HttpFoundation\Request;
  7. use AppBundle\Form\RequestPasswordType;
  8. use AppBundle\Entity\Website;
  9. use Doctrine\ORM\EntityManagerInterface;
  10. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  11. use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
  12. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  13. use Symfony\Component\Mailer\MailerInterface;
  14. use Symfony\Component\Mime\Email;
  15. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  16. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  18. class SecurityController extends AbstractController
  19. {
  20.     public function loginAction(Request $requestAuthenticationUtils $authenticationUtils)
  21.     {
  22.         $template $this->renderProperTemplate($request$authenticationUtils);
  24.         return $this->render($template[0], $template[1]);
  25.     }
  27.     public function loginCheckAction()
  28.     {
  29.     }
  31.     public function authenticateTokenAction(Request $requestEntityManagerInterface $em$authenticationToken$tuto false)
  32.     {
  33.         $website $em->getRepository(Website::class)->findOneByAuthenticationToken($authenticationToken);
  34.         
  35.         if(!$website) {
  36.             throw $this->createNotFoundException("Cet utilisateur n'existe pas.");
  37.         }
  39.         $token = new UsernamePasswordToken($website''"website_secured_area"$website->getRoles());
  40.         $this->get("security.token_storage")->setToken($token);
  41.      
  42.         $website->setAuthenticationToken(null);
  43.         $this->getDoctrine()->getManager()->persist($website);
  44.         $this->getDoctrine()->getManager()->flush();
  46.         //now dispatch the login event
  47.         // $event = new InteractiveLoginEvent($request, $token);
  48.         // $this->get("event_dispatcher")->dispatch("security.interactive_login", $event);
  49.         if($this->getParameter('current_website_by_domain') === true) {
  50.             if($tuto === "tuto") {
  51.                 $url $this->generateUrl('website_home_intro');
  52.             }
  53.             else {
  54.                 $url $this->generateUrl('website_home');
  55.             }
  56.         }
  57.         else {
  58.             if($tuto === "tuto") {
  59.                 $url $this->generateUrl('website_home_intro', ['website' => $website->getSlug()]);
  60.             }
  61.             else { 
  62.                 $url $this->generateUrl('website_home', ['website' => $website->getSlug()]);
  63.             }
  64.         }
  65.         return $this->redirect($url);
  66.     }
  68.     /**
  69.      * Renders proper template
  70.      *
  71.      * @param Request $request
  72.      *
  73.      * @return array
  74.      */
  75.     private function renderProperTemplate(Request $requestAuthenticationUtils $authenticationUtils)
  76.     {
  77.         $session $request->getSession();
  78.         
  79.         $route $request->attributes->get('_route');
  80.         $routeTemplatesArray = ['admin_login'      => 'Admin/login.html.twig''webmaster_login'       => 'Website/login.html.twig'];
  82.         // get the login error if there is one
  83.         $error $authenticationUtils->getLastAuthenticationError();
  85.         // last username entered by the user
  86.         $lastUsername $authenticationUtils->getLastUsername();
  87.         $form null;
  88.         if($route == "webmaster_login") {
  89.             $form $this->createForm(RequestPasswordType::class);
  90.             $form $form->createView();
  91.         }
  92.         return [$routeTemplatesArray[$route], ['error' => $error'last_username' => $lastUsername'form' => $form]];
  93.     }
  95.     public function requestNewPasswordAction(Request $requestUserPasswordHasherInterface $encoderMailerInterface $mailer)
  96.     {
  97.         $error null;
  98.         $form $this->createForm(RequestPasswordType::class);
  100.         $form->handleRequest($request);
  101.         if($form->isSubmitted() && $form->isValid()) {
  102.             $email $form->get('email')->getData();
  103.             $websiteUser $this->getDoctrine()->getRepository(Website::class)->findOneByEmail($email);
  104.             if(!$websiteUser) {
  105.                 $error "Aucun utilisateur n'existe avec cet email.";
  106.             }
  107.             else {
  108.                 // generating new password and encoding it
  109.                 $newPassword substr(base_convert(uniqid('pass'true), 1036), 05);
  110.                 $encoded $encoder->hashPassword($websiteUser$newPassword);
  111.                 $websiteUser->setPassword($encoded);
  113.                 $em $this->getDoctrine()->getManager();
  114.                 $em->persist($websiteUser);
  115.                 $em->flush();
  117.                 $this->sendNewPasswordEmail($websiteUser$newPassword$mailer);
  118.                 $this->addFlash('success''Votre mot de passe a bien été mis à jour, il vous a été envoyé par email');
  120.                 return $this->redirectToRoute('homepage');
  121.             }
  122.         }
  124.         return $this->render('Security/requestNewPassword.html.twig', [
  125.             'form' => $form->createView(),
  126.             'error' => $error
  127.         ]);
  128.     }
  130.     private function sendNewPasswordEmail(Website $website$newPasswordMailerInterface $mailer)
  131.     {
  132.         $mailFrom $this->getParameter('mail_from');
  134.         $email = (new Email())
  135.             ->from($mailFrom)
  136.             ->to($website->getEmail())
  137.             ->subject('FFS - Les informations de connexion à l’administration de votre site')
  138.             ->html($this->renderView('Mail/requestPassword.html.twig', ['newPassword' => $newPassword'website' => $website]));
  140.         $mailer->send($email);
  141.     }
  143.     public function switchUserAction($userId)
  144.     {
  145.         $this->get('session')->set('userid_to_switch'$userId);
  146.         
  147.         return $this->redirectToRoute('user_switch');
  148.     }
  150.     public function switchAction(Request $request)
  151.     {
  152.         if ($this->get('session')->get('userid_to_switch'))
  153.         {
  154.             $user $this->getDoctrine()->getEntityManager()->find(Website::class, $this->get('session')->get('userid_to_switch'));
  155.             if ($user)
  156.             {
  157.                 $token = new UsernamePasswordToken($user'''website_secured_area'$user->getRoles());
  159.                 $this->get('security.token_storage')->setToken($token);
  161.                 $event = new InteractiveLoginEvent($request$token);
  162.                 $this->get('event_dispatcher')->dispatch('security.interactive_login'$event);
  164.                 if($this->getParameter('current_website_by_domain') === true) {
  165.                     $url $this->generateUrl('website_home');
  166.                 }
  167.                 else {
  168.                     $url $this->generateUrl('website_home', ['website' => $user->getSlug()]);
  169.                 }
  170.                 return $this->redirect($url);
  171.             }
  172.         }
  174.         return $this->redirectToRoute('sonata_admin_dashboard');
  175.     }
  177.     public function exitSwitchAction()
  178.     {
  179.         $this->get('session')->set('userid_to_switch'null);
  181.         $this->get('security.token_storage')->setToken(null);
  183.         return $this->redirectToRoute('sonata_admin_dashboard');
  184.     }
  185. }