<?php
namespace Diplix\KMGBundle\Controller;
use Diplix\Commons\DataHandlingBundle\Repository\SysLogRepository;
use Diplix\KMGBundle\Entity\User;
use Diplix\KMGBundle\Form\ForgotPasswordForm;
use Diplix\KMGBundle\Form\ResetPasswordForm;
use Diplix\KMGBundle\Helper\ClientConfigProvider;
use Diplix\KMGBundle\Service\MailHelper;
use Doctrine\ORM\NonUniqueResultException;
use Symfony\Component\Form\FormError;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
class AuthController extends BaseController
{
public function __construct(
protected ClientConfigProvider $ccp,
protected MailHelper $mailHelper,
protected UserPasswordHasherInterface $hasher,
private readonly \Doctrine\Persistence\ManagerRegistry $managerRegistry
)
{
}
/**
* Set encrypted pw using the default provider
* @param User $row
* @param string $newPw
* @return true
*/
protected function setEncryptedUserPw(User $row, $newPw)
{
$password = $this->hasher->hashPassword($row,$newPw);
$row->setPassword($password);
return true;
}
public function loginAction(Request $request,AuthenticationUtils $authenticationUtils)
{
// get the login error if there is one
$error = $authenticationUtils->getLastAuthenticationError();
// last username entered by the user
$lastUsername = $authenticationUtils->getLastUsername();
return $this->render(
'Auth/login.html.twig',
array(
// last username entered by the user
'last_username' => $lastUsername,
'error' => $error,
'platformSetup' => $this->ccp
)
);
}
public function forgotPasswordAction(Request $request)
{
$rep = $this->managerRegistry->getManager()->getRepository(User::class);
$form = $this->createForm(ForgotPasswordForm::class);
$form->handleRequest($request);
if ($form->isSubmitted())
{
$valid = $form->isValid();
$email = $form->get('email')->getData();
/** @var User $row */
try
{
$row = $rep->loadUserByUsername($email);
}
catch (\Throwable $x)
{
$row = false;
$this->addFlash('danger',$x->getMessage());
}
if ( (!$valid) || (!is_object($row)) )
{
$form->addError(new FormError("message.please-check-email"));
return $this->render('@DiplixKMG/forgot_password.html.twig',array (
"form" => $form->createView(),
));
}
$row->setMailActionMode(User::MAIL_ACTION_RESET_PASSWORD);
$row->setMailActionHash( sha1(uniqid('',true)) );
$rep->flush($row);
$mh = $this->mailHelper;
try {
$mh->ResetPasswordMail($row);
}
catch (\Throwable $ex)
{
SysLogRepository::logError($this->managerRegistry->getConnection(),$ex->getMessage(),null,0,'Mail');
$this->addFlash('warning',$ex->getMessage());
}
$this->addFlash('success', "message.reset-instructions-by-mail");
return $this->redirect($this->generateUrl('forgot_password'));
}
else
{
$e = $request->query->get("email","");
if ($e!="") $form->get('email')->setData($e);
return $this->render('@DiplixKMG/forgot_password.html.twig',array (
"form" => $form->createView()
));
}
}
public function resetPasswordAction(Request $request, $email,$hash)
{
$rep = $this->managerRegistry->getManager()->getRepository(User::class);
/** @var User $row */
$row = $rep->getPendingPasswordResetUser($email,$hash);
if (is_object($row))
{
$form = $this->createForm(ResetPasswordForm::class);
$form->handleRequest($request);
if ($form->isSubmitted())
{
if ($form->isValid())
{
$this->setEncryptedUserPw($row, $form->get('password')->getData());
$row->setMailActionMode(User::MAIL_ACTION_NONE);
$row->setMailActionHash("");
$row->setLastPasswordChange(new \DateTime());
$row->setSharedKey(''); // key was encrypted with old pw - it is not usable any more anyway - remove it
$rep->flush($row);
$this->addFlash('info', "message.password-was-reset");
return $this->redirect($this->generateUrl("sys-login"));
}
}
return $this->render('@DiplixKMG/reset_password.html.twig',array (
"form" => $form->createView(),
'show_key_warning' => ($row->getSharedKey()!==''),
"row"=> $row,
));
}
else
{
$this->addFlash("warning","message.invalid-link");
return $this->redirectToRoute("kmg_home");
}
}
public function registerAction(Request $request)
{
return $this->render('@DiplixKMG/register.html.twig');
}
public function unregisterAction(Request $request)
{
$ff = $this->createForm(ForgotPasswordForm::class);
$ff->handleRequest($request);
if ($ff->isSubmitted()&&$ff->isValid())
{
$mh = $this->get('diplix.mailhelper');
try {
$mh->sendUserRemovalRequest($ff->get('email')->getData());
}
catch (\Throwable $ex)
{
SysLogRepository::logError($this->managerRegistry->getConnection(),$ex->getMessage(),null,0,'Mail');
//$this->addFlash('warning',$ex->getMessage());
}
$this->addFlash('success','Vielen Dank. Wir haben Ihre Anfrage erhalten und werden Sie in Kürze kontaktieren.');
return $this->redirectToRoute('unregister');
}
return $this->render('@DiplixKMG/unregister.html.twig',
[
'form'=>$ff->createView()
]);
}
public function jsonLoginAction(Request $request)
{
/** @var User $user */
$user = $this->getUser();
return $this->json([
'username' => $user->getUserIdentifier(),
'success' => true,
]);
}
}