<?php
namespace ARSHDF\UserBundle\Controller;
use ARSHDF\UserBundle\Entity\PasswordResetToken;
use ARSHDF\UserBundle\Entity\UserManager;
use ARSHDF\UserBundle\Form\ResetPasswordType;
use ARSHDF\UserBundle\Form\UserNewPasswordType;
use ARSHDF\UserBundle\Service\LogService;
use ARSHDF\UserBundle\Service\PasswordService;
use Exception;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
use Symfony\Component\Form\FormError;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
class SecurityController extends AbstractController
{
private PasswordService $passwordService;
private UserManager $userManager;
private ParameterBagInterface $parameterBag;
private LogService $logService;
public function __construct(PasswordService $passwordService, UserManager $userManager, ParameterBagInterface $parameterBag, LogService $logService)
{
$this->passwordService = $passwordService;
$this->userManager = $userManager;
$this->parameterBag = $parameterBag;
$this->logService = $logService;
}
/**
* @Route("/login", name="app_login")
*/
public function login(AuthenticationUtils $authenticationUtils): Response
{
if ($this->getUser()) {
return $this->redirectToRoute($this->parameterBag->get('user.gestion_admin.main_path'));
}
// get the login error if there is one
$error = $authenticationUtils->getLastAuthenticationError();
// last username entered by the user
$lastUsername = $authenticationUtils->getLastUsername();
return $this->render('@User/security/login.html.twig', ['last_username' => $lastUsername, 'error' => $error]);
}
/**
* @Route("/logout", name="app_logout")
*/
public function logout()
{
}
/**
* @throws Exception
*/
public function reset(AuthenticationUtils $authenticationUtils, Request $request){
$lastUsername = $authenticationUtils->getLastUsername();
$error = null;
$form = $this->createForm(ResetPasswordType::class, null, ['lastusername' => $lastUsername]);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()){
try {
$this->passwordService->resetPassword($form->get('email')->getData());
$this->addFlash('success', 'Les instructions pour réinitialiser votre mot de passe vous ont été envoyées');
return $this->redirectToRoute('arshdf_user_login');
} catch (Exception $e) {
$error = $e;
}
}
return $this->render('@User/security/password_reset.html.twig', [
'form' => $form->createView(),
'error' => $error,
]);
}
/**
* @throws Exception
*/
public function confirmReset($id, string $token, Request $request){
$user = $this->userManager->findUserById($id);
$user_by_token = $this->userManager->findOneByToken($token);
$password_expired = explode(".", $user->getToken())[0] === "r";
if (!$token || $this->passwordService->isExpired($user) || $user_by_token !== $user) {
$this->addFlash('error', 'Ce token a expiré');
return $this->redirectToRoute('arshdf_user_login');
}
$error = null;
$form = $this->createForm(UserNewPasswordType::class, $user);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
if (!$this->passwordService->validateStrength($form->get('plainPassword')->getData())){
$form->get('plainPassword')->addError(new FormError($this->passwordService->getPasswordPatternMessage()));
return $this->render('@User/security/password_reset_confirm.html.twig', [
'error' => $error,
'form' => $form->createView(),
'password_expired' => $password_expired,
'user' => $user,
]);
}
$this->passwordService->updatePassword($form->get('plainPassword')->getData(), $user);
$this->addFlash('success', 'Votre mot de passe a bien été réinitialisé');
$this->logService->generate(LogService::USER_PASSWORD_RESETED, $user);
return $this->redirectToRoute('arshdf_user_login');
}
return $this->render('@User/security/password_reset_confirm.html.twig', [
'error' => $error,
'form' => $form->createView(),
'password_expired' => $password_expired,
'user' => $user,
]);
}
}