src/Controller/User/SecurityController.php line 146

Open in your IDE?
  1. <?php
  3. namespace App\Controller\User;
  5. use App\Entity\User\User;
  6. use App\Form\User\InscriptionType;
  7. use App\Repository\Fiche\FicheBatimentRepository;
  8. use App\Repository\User\UserRepository;
  9. use App\Security\User\FormLoginAuthenticator;
  10. use Doctrine\Persistence\ManagerRegistry;
  11. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  12. use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
  13. use Symfony\Component\Form\FormError;
  14. use Symfony\Component\HttpFoundation\Request;
  15. use Symfony\Component\HttpFoundation\Response;
  16. use Symfony\Component\Mailer\MailerInterface;
  17. use Symfony\Component\Mime\Email;
  18. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  19. use Symfony\Component\Routing\Annotation\Route;
  20. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  21. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  22. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  23. use App\Form\User\LoginType;
  24. use App\Form\User\MotDePasseOublieType;
  26. #[Route(path'/'name'user_security_')]
  27. class SecurityController extends AbstractController
  28. {
  29.     const MSG_ERROR_MAIL_INEXISTANT 'Cette adresse mail n\'est pas enregistrée dans la base de données.';
  30.     const MSG_PASSWORD_CHANGED 'Votre mot de passe a été modifié et envoyé à votre adresse mail.';
  31.     const MSG_ACTIVATION_SUCCESS 'Votre compte a bien été activé.';
  32.     const MSG_ACTIVATION_ERROR 'L\'activation n\'a pas pû être effectuée.';
  34.     private $pathAuthenticationHome;
  36.     public function __construct(ParameterBagInterface $theParameterBag)
  37.     {
  38.         $this->pathAuthenticationHome 'postConnexion';
  39.     }
  41.     #[Route(path'/login'name'login')]
  42.     public function login(
  43.         AuthenticationUtils $authenticationUtils,
  44.         Request $theRequest,
  45.         FicheBatimentRepository $theFicheBatimentRepository
  46.     ): Response
  47.     {
  48.         if ($this->getUser() != null) {
  49.             return $this->redirectToRoute($this->pathAuthenticationHome);
  50.         }
  52.         $theEM $this->getDoctrine()->getManager();
  54.         // retrouver une erreur d'authentification s'il y en a une
  55.         $error $authenticationUtils->getLastAuthenticationError();
  56.         // retrouver le dernier identifiant de connexion utilisé
  57.         $lastUsername $authenticationUtils->getLastUsername();
  59.         $theForm $this->createForm(LoginType::class, null, array('username' => $lastUsername));
  61.         $theForm->handleRequest($theRequest);
  62.         if ($theForm->isSubmitted()) {
  63.         }
  65.         if ($error != null) {
  66.             $theForm->addError(new FormError($error->getMessageKey()));
  67.         }
  69.         return $this->render('user/security/login.html.twig', [
  70.                 'theForm' => $theForm->createView(),
  71.                 'last_username' => $lastUsername,
  72.             ]
  73.         );
  74.     }
  76.     #[Route(path'/activation/{activationToken}'name'activation')]
  77.     public function activation(UserRepository $theUserRepositoryManagerRegistry $theManagerRegistry $activationToken)
  78.     {
  79.         $theUser $theUserRepository->findByActivationToken($activationToken);
  81.         if ($theUser != null) {
  82.             $theUser->setIsEnabled(true);
  83.             $theUser->setActivationToken(null);
  84.             $theManagerRegistry->getManager()->flush();
  85.             $this->addFlash('success'self::MSG_ACTIVATION_SUCCESS);
  86.         } else {
  87.             $this->addFlash('danger'self::MSG_ACTIVATION_ERROR);
  88.         }
  90.         return $this->redirectToRoute('user_security_login');
  91.     }
  93.     #[Route(path'/inscription'name'inscription')]
  94.     public function inscription(
  95.         Request $theRequest,
  96.         ManagerRegistry $theManagerRegistry,
  97.         UserPasswordHasherInterface $theUserPasswordHasherInterface,
  98.         TokenStorageInterface $theTokenStorage,
  99.         FormLoginAuthenticator $theFormLoginAuthenticator,
  100.         MailerInterface $theMailer
  101.     ): Response
  102.     {
  103.         if ($this->getUser() != null) {
  104.             return $this->redirectToRoute($this->pathAuthenticationHome);
  105.         }
  107.         $theUser = new User();
  109.         $theForm $this->createForm(InscriptionType::class, $theUser);
  110.         $theForm->handleRequest($theRequest);
  112.         if ($theForm->isSubmitted() && $theForm->isValid()) {
  113.             $theUser->setPassword(
  114.                 $theUserPasswordHasherInterface->hashPassword($theUser$theUser->getPlainPassword())
  115.             );
  116.             $theUser->setActivationToken(bin2hex(random_bytes(16)));
  117.             $theUser->setRolePrincipal('ROLE_UTILISATEUR');
  118.             $theEM $theManagerRegistry->getManager();
  119.             $theEM->persist($theUser);
  120.             $theEM->flush();
  122.             $theEmail $this->getTheEmailInscription($theUser);
  123.             $theMailer->send($theEmail);
  125.             $theToken = new UsernamePasswordToken($theUsernull'main'$theUser->getRoles());
  126.             $theTokenStorage->setToken($theToken);
  127.             $theRequest->getSession()->set('_security_main'serialize($theToken));
  129.             return $theFormLoginAuthenticator->onAuthenticationSuccess($theRequest$theToken'app_user_provider');
  130.         } else {
  131.             $theResponse $this->render('user/security/inscription.html.twig', [
  132.                     'theForm' => $theForm->createView(),
  133.                 ]
  134.             );
  135.         }
  137.         return $theResponse;
  138.     }
  140.     /**
  141.      * @param Request $theRequest
  142.      * @param UserRepository $theUserRepository
  143.      * @return Response
  144.      */
  145.     #[Route(path'/mot-de-passe-oublie'name'mot_de_passe_oublie')]
  146.     public function motDePasseOublie(
  147.         Request $theRequest,
  148.         UserRepository $theUserRepository,
  149.         UserPasswordHasherInterface $theUserPasswordHasherInterface,
  150.         MailerInterface $theMailer,
  151.         ManagerRegistry $theManagerRegistry
  152.     )
  153.     {
  154.         $theForm $this->createForm(MotDePasseOublieType::class);
  156.         $theForm->handleRequest($theRequest);
  158.         if ($theForm->isSubmitted() && $theForm->isValid()) {
  159.             $email $theForm->get('email')->getData();
  160.             $theUser $theUserRepository->findOneByEmail($email);
  162.             if ($theUser == null) {
  163.                 $theForm->addError(new FormError(self::MSG_ERROR_MAIL_INEXISTANT));
  164.             } else {
  165.                 $theUser->setPlainPassword(bin2hex(random_bytes(8)));
  167.                 $theEmail $this->getTheEmailMotDePasseOublie($theUser);
  169.                 $theMailer->send($theEmail);
  171.                 $encodedPassword $theUserPasswordHasherInterface->hashPassword($theUser$theUser->getPlainPassword());
  172.                 $theUser->setPassword($encodedPassword);
  173.                 $theManagerRegistry->getManager()->flush();
  175.                 $this->addFlash('success'self::MSG_PASSWORD_CHANGED);
  176.             }
  177.         }
  179.         return $this->render('user/security/mot-de-passe-oublie.html.twig', array(
  180.             'theForm' => $theForm->createView()
  181.         ));
  182.     }
  184.     private function getTheEmailMotDePasseOublie(User $theUser)
  185.     {
  186.         $theEmail = new Email();
  187.         $theEmail
  188.             ->subject('SOBRO - Nouveau mot de passe')
  189.             ->text($this->renderView('user/security/mot-de-passe-oublie.txt.twig', array(
  190.                 'theUser' => $theUser
  191.             )))
  192.             ->addTo($theUser->getEmail())
  193.             ->addFrom('admin@sobro.fr');
  194.         return $theEmail;
  195.     }
  197.     private function getTheEmailInscription(User $theUser)
  198.     {
  199.         $theEmail = new Email();
  200.         $theEmail
  201.             ->subject('SOBRO - Inscription')
  202.             ->text($this->renderView('user/security/inscription.txt.twig', array(
  203.                 'theUser' => $theUser
  204.             )))
  205.             ->addTo($theUser->getEmail())
  206.             ->addCc('admin@sobro.fr')    
  207.             ->addFrom('admin@sobro.fr');
  208.         return $theEmail;
  209.     }
  211.     #[Route(path'/logout'name'logout')]
  212.     public function logout(Request $theRequest): void
  213.     {
  214.         throw new \Exception('This should never be reached!');
  215.     }
  216. }