src/Controller/UserController.php line 50

Open in your IDE?
  1. <?php
  2. /**
  3.  * User controller class
  4.  *
  5.  * PHP version 7.4
  6.  *
  7.  * @category   App
  8.  * @package    App\Controller
  9.  * @author     Momcilo Radotic <m.radotic@outlook.com>
  10.  * @copyright  2021 MoravaPro
  11.  * @license    MoravaPro
  12.  */
  14. namespace App\Controller;
  16. use App\Entity\Organization;
  17. use App\Entity\User;
  18. use App\Entity\UserStatus;
  19. use App\Helper\UserUtils;
  20. use App\Validation\Form\ChangePasswordForm;
  21. use App\Validation\Form\LoginForm;
  22. use App\Validation\Form\LostPasswordForm;
  23. use App\Validation\Form\UserConfirmationForm;
  24. use FOS\RestBundle\Controller\Annotations as Rest;
  25. use Symfony\Component\Form\Extension\Core\Type\EmailType;
  26. use Symfony\Component\Form\Extension\Core\Type\HiddenType;
  27. use Symfony\Component\Form\Extension\Core\Type\PasswordType;
  28. use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
  29. use Symfony\Component\Form\Extension\Core\Type\TextType;
  30. use Symfony\Component\HttpFoundation\Request;
  31. use Symfony\Component\HttpFoundation\Response;
  33. /**
  34.  * User controller class
  35.  *
  36.  * @category   App
  37.  * @package    App\Controller
  38.  */
  39. class UserController extends BaseController
  40. {
  42.     /**
  43.      * Login action
  44.      *
  45.      * @Rest\Post("/login", name="user_login_post")
  46.      * @Rest\Get("/login", name="user_login_get")
  47.      *
  48.      * @return Response
  49.      */
  50.     public function loginAction() : Response
  51.     {
  52.         /** @var User $user */
  53.         $user $this->getUser();
  54.         if ($user) {
  55.             $page $user->getOrganization()->getStatus() == Organization::REGISTERED 'complete-registration' 'dashboard';
  56.             return $this->redirectToRoute(
  57.                 'index_application', ['page' => $page]
  58.             );
  59.         }
  61.         $loginForm = new LoginForm();
  62.         $formBuilder $this->createFormBuilder($loginForm);
  63.         $form $formBuilder->add('username'TextType::class)
  64.             ->add('password'PasswordType::class)
  65.             ->getForm();
  67.         return $this->render('view/login.html.twig', array('form' => $form->createView(), 'message' => '''language' => 'en'));
  68.     }
  70.     /**
  71.      * Action for rendering lost password form
  72.      *
  73.      * @Rest\Get("/lost-password", name="user_lost_password_get")
  74.      * @Rest\Post("/lost-password", name="user_lost_password_post")
  75.      *
  76.      * @param Request $request
  77.      * @param UserUtils $userUtils
  78.      *
  79.      * @return Response
  80.      */
  81.     public function lostPasswordAction(Request $requestUserUtils $userUtils) : Response
  82.     {
  83.         $lostPasswordForm = new LostPasswordForm();
  84.         $formBuilder $this->createFormBuilder($lostPasswordForm);
  85.         $form $formBuilder->add('email'EmailType::class)->getForm();
  86.         $form->handleRequest($request);
  88.         $errorMessage null;
  89.         if ($form->isSubmitted() && $form->isValid()) {
  90.             $user $this->getDoctrine()->getManager()->getRepository(User::class)->findOneBy(array('email' => strtolower($lostPasswordForm->getEmail())));
  92.             if (isset($user)) {
  93.                 $changePasswordKey $userUtils->generateUserHash($lostPasswordForm->getEmail() . time());
  94.                 $user->setPasswordKey($changePasswordKey);
  95.                 $ttl time() + $this->getParameter('change_password_ttl');
  96.                 $user->setPasswordKeyTtl((new \DateTime())->setTimestamp($ttl));
  97.                 $this->getDoctrine()->getManager()->flush();
  99.                 $result $this->mailer->sendSystemMail(
  100.                     $this->translator->trans('Password recovery'),
  101.                     $lostPasswordForm->getEmail(),
  102.                     $this->renderView(
  103.                         'view/email/lost-password.html.twig',
  104.                         array(
  105.                             'subject' => $this->translator->trans('Password recovery'),
  106.                             'content'=> $this->utils->getBaseUrl() . '/change-password/?active_key=' $changePasswordKey,
  107.                             'base_url' => $this->utils->getBaseUrl()
  108.                         )
  109.                     )
  110.                 );
  112.                 if ($result 0) {
  113.                     return $this->redirectToRoute('user_reset_password_email_sent');
  114.                 } else {
  115.                     $errorMessage $this->translator->trans('Failed to send email to email address');
  116.                 }
  117.             } else {
  118.                 $this->logger->info($this->translator->trans("No user found")." ".$lostPasswordForm->getEmail());
  119.                 $errorMessage $this->translator->trans('Invalid email');
  120.             }
  121.         }
  123.         return $this->render(
  124.             'view/lost-password.html.twig',
  125.             array(
  126.                 'form' => $form->createView(),
  127.                 'error_message' => $errorMessage
  128.             )
  129.         );
  130.     }
  132.     /**
  133.      * Action for rendering change password form
  134.      *
  135.      * @Rest\Get("/change-password", name="user_change_password_get")
  136.      * @Rest\Post("/change-password", name="user_change_password_post")
  137.      *
  138.      * @param Request $request
  139.      * @param UserUtils $userUtils
  140.      *
  141.      * @return Response
  142.      */
  143.     public function changePasswordAction(Request $requestUserUtils $userUtils) : Response
  144.     {
  145.         $changePasswordForm = new ChangePasswordForm();
  146.         $formBuilder $this->createFormBuilder($changePasswordForm);
  148.         $passwordKey $request->query->get('active_key');
  149.         $user $this->getDoctrine()->getManager()->getRepository(User::class)
  150.             ->findOneBy(['password_key' => $passwordKey]);
  151.         if (!$user || $user->getPasswordKeyTtl() < new \DateTime()) {
  152.             if ($user) {
  153.                 $user->setPasswordKey(null);
  154.                 $user->setPasswordKeyTtl(null);
  156.                 $this->getDoctrine()->getManager()->flush();
  157.             }
  159.             $errorMessage $user 'Change password key has expired.' 'Invalid request';
  160.             return $this->render(
  161.                 'view/error-400.html.twig',
  162.                 ['error_message' => $errorMessage]
  163.             );
  164.         }
  166.         $form $formBuilder->add('active_key'HiddenType::class, array('attr' => array('value' => $passwordKey)))
  167.             ->add('password'RepeatedType::class,
  168.                 array(
  169.                     'type' => PasswordType::class,
  170.                     'invalid_message' => 'The password fields must match',
  171.                     'first_options'  => array('label' => 'Password'),
  172.                     'second_options' => array('label' => 'Repeat Password'),
  173.                 )
  174.             )->getForm();
  176.         $form->handleRequest($request);
  178.         $errorMessage null;
  179.         if ($form->isSubmitted() && $form->isValid()) {
  180.             $password $userUtils->generatePassword($user$changePasswordForm->getPassword());
  181.             $user->setPassword($password);
  182.             $user->setModified(new \DateTime());
  183.             $this->getDoctrine()->getManager()->flush();
  185.             $content "Your password is changed, click on this link to recover ...";
  186.             $this->mailer->sendSystemMail(
  187.                 $this->translator->trans('Change password'),
  188.                 $user->getEmail(),
  189.                 $this->renderView(
  190.                     'view/email/changed-password.html.twig',
  191.                     array(
  192.                         'subject' => $this->translator->trans('Password changed'),
  193.                         'content'=>$content,
  194.                         'base_url' => $this->utils->getBaseUrl()
  195.                     )
  196.                 ),
  197.             );
  199.             return $this->redirectToRoute('user_password_changed');
  200.         }
  202.         return $this->render(
  203.             'view/change-password.html.twig',
  204.             array('form' => $form->createView(),
  205.                 'error_message' => $errorMessage,
  206.             )
  207.         );
  208.     }
  210.     /**
  211.      * User confirmation
  212.      *
  213.      * @Rest\Get("/user/confirm", name="user_confirm" )
  214.      * @Rest\Post("/user/confirm", name="user_confirm_post" )
  215.      *
  216.      * @param Request $request
  217.      * @param UserUtils $userUtils
  218.      *
  219.      * @return Response
  220.      */
  221.     public function inviteConfirmAction(Request $requestUserUtils $userUtils) : Response
  222.     {
  223.         $activeKey $request->query->get('active_key');
  224.         $user $this->getDoctrine()->getManager()->getRepository(User::class)
  225.             ->findOneBy(array('activation_key' => $activeKey'status' => UserStatus::REGISTERED));
  227.         if (isset($user)) {
  228.             $userConfirmationForm = new UserConfirmationForm();
  229.             $userConfirmationForm->setEmail($user->getEmail());
  230.             $userConfirmationForm->setFirstName($user->getFirstName());
  231.             $userConfirmationForm->setLastName($user->getLastName());
  233.             $formGenerator = function() use ($userConfirmationForm$user) {
  234.                 $formBuilder $this->createFormBuilder($userConfirmationForm);
  235.                 return $formBuilder->add(
  236.                     'password',
  237.                     RepeatedType::class,
  238.                     array(
  239.                         'type' => PasswordType::class,
  240.                         'invalid_message' => $this->translator->trans('The password fields must match'),
  241.                         'first_options'  => array('label' => $this->translator->trans('Password')),
  242.                         'second_options' => array('label' => $this->translator->trans('Repeat Password')),
  243.                     )
  244.                 )->add('email'EmailType::class, ['attr'=> [ 'readonly' => true'disabled' => true]])
  245.                     ->add('first_name'TextType::class)
  246.                     ->add('last_name'TextType::class)
  247.                     ->getForm();
  248.             };
  250.             $errorMessage null;
  251.             $form $formGenerator();
  252.             $form->handleRequest($request);
  254.             if ($form->isSubmitted() && $form->isValid()) {
  255.                 $user->setPassword($userUtils->generatePassword($user$userConfirmationForm->getPassword()));
  256.                 $user->setModified(new \DateTime());
  257.                 $user->setFirstName($userConfirmationForm->getFirstName());
  258.                 $user->setLastName($userConfirmationForm->getLastName());
  259.                 $user->setStatus($this->getDoctrine()->getManager()->getRepository(UserStatus::class)->find(UserStatus::ACTIVE));
  260.                 $this->getDoctrine()->getManager()->flush();
  262.                 return $this->redirectToRoute('app_logout');
  263.             } else if ($form->isSubmitted()) {
  264.                 $errorMessage $this->translator->trans('Error during user confirmation');
  265.                 $userConfirmationForm->setEmail($user->getEmail());
  266.                 $form $formGenerator();
  267.             }
  269.             return $this->render(
  270.                 'view/user-confirmation.html.twig',
  271.                 array(
  272.                     'form' => $form->createView(),
  273.                     'error_message' => $errorMessage
  274.                 )
  275.             );
  276.         } else {
  277.             return $this->render(
  278.                 'view/error-400.html.twig',
  279.                 ['error_message' => 'Invalid request']
  280.             );
  281.         }
  282.     }
  284.     /**
  285.      * Reset email sent
  286.      *
  287.      * @Rest\Get("/reset-password-email-sent", name="user_reset_password_email_sent")
  288.      */
  289.     public function resetEmailSentAction()
  290.     {
  291.         return $this->render('view/email-sent.html.twig');
  292.     }
  294.     /**
  295.      * Password successfully changed
  296.      *
  297.      * @Rest\Get("/password-changed", name="user_password_changed")
  298.      */
  299.     public function passwordChangedAction()
  300.     {
  301.         return $this->render('view/password-changed.html.twig');
  302.     }
  304. }