src/Controller/SecurityController.php line 82

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\App\UserPasswordChange;
  6. use App\Entity\App\Users;
  7. use App\Repository\Tools\AppSettingsRepository;
  8. use App\Repository\UsersRepository;
  9. use App\Services\LogService;
  10. use App\Services\MailerService;
  11. use Doctrine\ORM\EntityManagerInterface;
  12. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  13. use Symfony\Component\HttpFoundation\Response;
  14. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  15. use Symfony\Component\Routing\Annotation\Route;
  16. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  17. use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException;
  18. use Symfony\Component\Security\Csrf\CsrfToken;
  19. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  20. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  21. use Symfony\Component\HttpFoundation\Request;
  22. use Symfony\Contracts\Translation\TranslatorInterface;
  24. class SecurityController extends AbstractController
  25. {
  26.     private $_AppSettings;
  27.     private $entityManager;
  28.     private $mailerService;
  29.     private $csrfTokenManager;
  30.     private $translator;
  32.     public function __construct(
  33.         AppSettingsRepository     $apRepository,
  34.         UsersRepository           $userRepository,
  35.         UrlGeneratorInterface     $urlGenerator,
  36.         EntityManagerInterface    $entityManager,
  37.         MailerService             $mailerService,
  38.         CsrfTokenManagerInterface $csrfTokenManager,
  39.         TranslatorInterface       $translator,
  40.         LogService $logService
  41.     ){
  42.         $this->entityManager $entityManager;
  43.         $this->mailerService $mailerService;
  44.         $this->csrfTokenManager $csrfTokenManager;
  45.         $this->translator $translator;
  46.         $this->userRepository $userRepository;
  47.         $this->urlGenerator $urlGenerator;
  48.         $this->_getAppSettings($apRepository);
  49.         $this->logService $logService;
  50.     }
  52.     public function generateRandomString($length 10) {
  53.         return substr(str_shuffle(str_repeat($x='0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'ceil($length/strlen($x)) )),1,$length);
  54.     }
  56.     public function _getAppSettings($apRepository){
  57.         $this->_AppSettings $apRepository->getAppSettings();
  58.     }
  60.     #[Route('/login'name'app_login')]
  61.     public function login(AuthenticationUtils $authenticationUtils): Response
  62.     {
  63.         $error $authenticationUtils->getLastAuthenticationError();
  65.         if ($error) {
  66.             $translatedError $this->translator->trans($error->getMessageKey(), $error->getMessageData(), 'security');
  68.             $this->addFlash('error'$translatedError);
  69.         }
  71.         $lastUsername $authenticationUtils->getLastUsername();
  72.         return $this->render('security/login.html.twig', ['app_settings' => $this->_AppSettings,'last_username' => $lastUsername'error' => $error]);
  73.     }
  75.     #[Route('/wyloguj'name'app_logout')]
  76.     public function logout(): void
  77.     {
  78.         throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
  79.     }
  81.     #[Route('/resetowanie-hasla/zgloszenie'name'app-reset-password-request'methods: ["GET""POST"])]
  82.     public function appResetPasswordRequest(Request $request): Response
  83.     {
  84.         if ($request->isMethod('POST')) {
  85.             $csrfToken $request->request->get('_csrf_token');
  87.             if (!$this->csrfTokenManager->isTokenValid(new CsrfToken('reset_request'$csrfToken))) {
  88.                 throw new InvalidCsrfTokenException();
  89.             }
  91.             $username = (string)$request->request->get('ress_username');
  92.             $email = (string)$request->request->get('ress_email');
  94.             if (empty($username) || empty($email)) {
  95.                 $this->addFlash('error''Login i adres e-mail są wymagane.');
  96.                 return $this->redirectToRoute('app-reset-password-request');
  97.             }
  99.             if (!filter_var($emailFILTER_VALIDATE_EMAIL)) {
  100.                 $this->addFlash('error''Podano niepoprawny adres e-mail.');
  101.                 return $this->redirectToRoute('app-reset-password-request');
  102.             }
  104.             $user $this->userRepository->findOneBy([
  105.                 'username' => $username,
  106.                 'email' => $email
  107.             ]);
  109.             if (!$user) {
  110.                 $this->addFlash('success''Jeśli dane zostały wprowadzone poprawnie, otrzymasz wiadomość e-mail z instrukcjami dotyczącymi resetowania hasła.');
  111.                 return $this->redirectToRoute('app-reset-password-request');
  112.             }
  114.             if (!$user->isUserStatus()) {
  115.                 $this->addFlash('success''Jeśli dane zostały wprowadzone poprawnie, otrzymasz wiadomość e-mail z instrukcjami dotyczącymi resetowania hasła.');
  116.                 return $this->redirectToRoute('app-reset-password-request');
  117.             }
  119.             if ($user->getEmail() == null) {
  120.                 $this->addFlash('success''Jeśli dane zostały wprowadzone poprawnie, otrzymasz wiadomość e-mail z instrukcjami dotyczącymi resetowania hasła.');
  121.                 return $this->redirectToRoute('app-reset-password-request');
  122.             }
  124.             $data = [
  125.                 'user_change_password_code' => $user->getId() . uniqid(). $this->generateRandomString(130)
  126.             ];
  128.             try {
  129.                 $this->entityManager->beginTransaction();
  130.                 $this->userRepository->disableOldChangePassword($user->getId());
  132.                 $newReset = new UserPasswordChange();
  133.                 $newReset->setCreatedAt(new \DateTime());
  134.                 $newReset->setUserId($user->getId());
  135.                 $newReset->setUserPasswordChangeStatus(true);
  136.                 $newReset->setUserPasswordChangeCode($data['user_change_password_code']);
  138.                 $this->entityManager->persist($newReset);
  139.                 $this->entityManager->flush();
  141.                 $_queue $this->mailerService->createQueue(
  142.                     10,
  143.                     $user->getEmail(),
  144.                     [
  145.                         'user_login' => $user->getUserlogin(),
  146.                         'user_change_password_url' =>
  147.                             $this->urlGenerator->generate(
  148.                                 'app-reset-password',
  149.                                 ['token' => $data['user_change_password_code']],
  150.                                 UrlGeneratorInterface::ABSOLUTE_URL
  151.                             )
  152.                     ],
  153.                     0,
  154.                     null,
  155.                     $request->getClientIp()
  156.                 );
  158.                 $log $this->logService->createLog(
  159.                     48,
  160.                     [
  161.                         'userId' => $user->getId(),
  162.                         'tokenId' => $newReset->getUserPasswordChangeId()
  163.                     ],
  164.                     null,
  165.                     $request->getClientIp()
  166.                 );
  168.                 $this->entityManager->commit();
  170.                 $this->addFlash('success''Jeśli dane zostały wprowadzone poprawnie, otrzymasz wiadomość e-mail z instrukcjami dotyczącymi resetowania hasła.');
  172.             } catch (\Exception $e) {
  173.                 $this->entityManager->rollback();
  174.                 $this->addFlash('error''Wystąpił błąd podczas przetwarzania żądania. Prosimy spróbować ponownie.');
  175. //                $this->addFlash('error', $e->getMessage());
  176.             }
  178.             return $this->redirectToRoute('app-reset-password-request');
  179.         }
  180.         return $this->render('security/reset_password_registation.html.twig', ['app_settings' => $this->_AppSettings]);
  181.     }
  183.     #[Route('/resetowanie-hasla/zmiana/{token}'name'app-reset-password'methods: ["GET""POST"])]
  184.     public function appResetPassword(Request $requeststring $tokenUserPasswordHasherInterface  $passwordEncoder): Response
  185.     {
  186.         if ($request->isMethod('POST')) {
  187.             $csrfToken $request->request->get('_csrf_token');
  188.             if (!$this->csrfTokenManager->isTokenValid(new CsrfToken('reset_password'$csrfToken))) {
  189.                 throw new InvalidCsrfTokenException();
  190.             }
  192.             $userLogin = (string)$request->request->get('ress_username');
  193.             $password1 = (string)$request->request->get('reset_password1');
  194.             $password2 = (string)$request->request->get('reset_password2');
  196.             if (empty($password1) || empty($password2) || empty($userLogin)) {
  197.                 $this->addFlash('error''Wprowadzone dane są niekompletne.');
  198.                 return $this->redirectToRoute('app-reset-password', ['token' => $token]);
  199.             }
  200.             if ($password1 !== $password2) {
  201.                 $this->addFlash('error''Wprowadzone hasła różnią się.');
  202.                 return $this->redirectToRoute('app-reset-password', ['token' => $token]);
  203.             }
  204.             if (strlen($password1) < 10) {
  205.                 $this->addFlash('error''Hasło musi zawierać przynajmniej 10 znaków.');
  206.                 return $this->redirectToRoute('app-reset-password', ['token' => $token]);
  207.             }
  208.             if (!preg_match('/[0-9]/'$password1)) {
  209.                 $this->addFlash('error''Hasło musi zawierać cyfrę.');
  210.                 return $this->redirectToRoute('app-reset-password', ['token' => $token]);
  211.             }
  212.             if (!preg_match('/[@$%&!#*()_+-]/'$password1)) {
  213.                 $this->addFlash('error''Hasło musi zawierać znaki specjalne.');
  214.                 return $this->redirectToRoute('app-reset-password', ['token' => $token]);
  215.             }
  216.             if (!preg_match('/[a-z]/'$password1)) {
  217.                 $this->addFlash('error''Hasło musi zawierać co najmniej jedną małą literę!');
  218.                 return $this->redirectToRoute('app-reset-password', ['token' => $token]);
  219.             }
  220.             if (!preg_match('/[A-Z]/'$password1)) {
  221.                 $this->addFlash('error''Hasło musi zawierać co najmniej jedną wielką literę!');
  222.                 return $this->redirectToRoute('app-reset-password', ['token' => $token]);
  223.             }
  225.             $resetRequest $this->entityManager->getRepository(UserPasswordChange::class)
  226.                 ->findOneBy(['userPasswordChangeCode' => $token'userPasswordChangeStatus' => true]);
  228.             if (!$resetRequest) {
  229.                 $this->addFlash('error''Błędny login lub kod resetowania hasła wygasł. Sprawdź dane i spróbuj ponownie.');
  230.                 return $this->redirectToRoute('app-reset-password', ['token' => $token]);
  231.             }
  233.             $expiryTime = (clone $resetRequest->getCreatedAt())->modify('+6 hours');
  234.             if (new \DateTime() > $expiryTime) {
  235. //                $this->addFlash('error', 'Błędny lub wykorzystany klucz zmiany hasła.');
  236.                 $this->addFlash('error''Błędny login lub kod resetowania hasła wygasł. Sprawdź dane i spróbuj ponownie.');
  237.                 return $this->redirectToRoute('app-reset-password', ['token' => $token]);
  238.             }
  240.             $user $this->entityManager->getRepository(Users::class)
  241.                 ->find($resetRequest->getUserId());
  244.             if (!$user) {
  245.                 //            $this->addFlash('error', 'Nie znaleziono użytkownika.');
  246.                 $this->addFlash('error''Błędny login lub kod resetowania hasła wygasł. Sprawdź dane i spróbuj ponownie.');
  247.                 return $this->redirectToRoute('app-reset-password', ['token' => $token]);
  248.             }
  250.             if($user->getUserIdentifier() != $userLogin){
  251.                 $this->addFlash('error''Błędny login lub kod resetowania hasła wygasł. Sprawdź dane i spróbuj ponownie.');
  252.                 return $this->redirectToRoute('app-reset-password', ['token' => $token]);
  253.             }
  255.             if (!$user->isUserStatus()) {
  256.                 //            $this->addFlash('error', 'Twoje konto jest zablokowane. Skontaktuj się z administratorem.');
  257.                 $this->addFlash('error''Błędny login lub kod resetowania hasła wygasł. Sprawdź dane i spróbuj ponownie.');
  258.                 return $this->redirectToRoute('app-reset-password', ['token' => $token]);
  259.             }
  261.             $hashedPassword $passwordEncoder->hashPassword($user$password1);
  262.             $user->setPassword($hashedPassword);
  263.             $user->setPasswordChangedAt(new \DateTime());
  264.             $user->setTryLogin(0);
  265.             $user->setUserStatus(true);
  266.             $user->setUpdatedAt(new \DateTime());
  268.             $resetRequest->setUserPasswordChangeStatus(false);
  269.             $resetRequest->setUserPasswordChangeDateUsed(new \DateTime());
  271.             $this->entityManager->flush();
  273.             $log $this->logService->createLog(
  274.                 47,
  275.                 [
  276.                     'userId' => $user->getId(),
  277.                     'tokenId' => $resetRequest->getUserPasswordChangeId(),
  278.                 ],
  279.                 null,
  280.                 $request->getClientIp()
  281.             );
  283.             $this->addFlash('success''Hasło zostało pomyślnie zresetowane.');
  285.             return $this->redirectToRoute('app_login');
  286.         }
  287.         return $this->render('security/reset_password.html.twig', ['app_settings' => $this->_AppSettings]);
  288.     }
  289. }