src/Controller/SecurityController.php line 47

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\DataStatus;
  6. use App\Entity\Patient;
  7. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  8. use Symfony\Component\HttpFoundation\Response;
  9. use Symfony\Component\HttpFoundation\Request;
  10. use Symfony\Component\Routing\Annotation\Route;
  11. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  12. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  13. use Symfony\Component\Routing\RouterInterface;
  14. use Symfony\Component\Routing\Exception\RouteNotFoundException;
  15. use Doctrine\Persistence\ManagerRegistry;
  16. use Symfony\Component\HttpFoundation\RequestStack;
  17. use Symfony\Component\Mailer\MailerInterface;
  18. use Symfony\Component\Mime\Email;
  19. use Symfony\Component\Mime\Address;
  20. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  22. use App\Service\Tool;
  23. use App\Entity\User;
  24. use App\Form\ProfileType;
  25. use App\Form\UserType;
  26. use App\Service\FileUploader;
  27. use Symfony\Component\EventDispatcher\EventDispatcher;
  28. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  29. use Symfony\Component\HttpFoundation\JsonResponse;
  30. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  31. use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
  33. class SecurityController extends AbstractController
  34. {
  35.     private $requestStack;
  36.     private $doctrine;
  38.     public function __construct(ManagerRegistry $doctrineRequestStack $requestStack)
  39.     {
  40.         $this->doctrine $doctrine;
  41.         $this->requestStack $requestStack;
  42.     }
  44.     /**
  45.      * @Route("/connexion", name="app_login")
  46.      */
  47.     public function index(AuthenticationUtils $authenticationUtils): Response
  48.     {
  49.         if ($this->getUser()) {
  50.             return $this->redirectToRoute('dashboard_index');
  51.         }
  53.         $error $authenticationUtils->getLastAuthenticationError();
  54.         $lastUsername $authenticationUtils->getLastUsername();
  56.         return $this->render('security/login.html.twig', ['last_username' => $lastUsername'error' => $error]);
  57.     }
  59.     /**
  60.      * @Route("/check-user", name="app_check_user")
  61.      */
  62.     public function checkUser(Request $request): Response
  63.     {
  64.         $em $this->doctrine->getManager();
  65.         $checkUser $em->getRepository(User::class)->findOneBy([
  66.             'email' => $request->get('email')
  67.         ]);
  68.         if ($checkUser) {
  69.             return new JsonResponse([
  70.                 'error' => true
  71.             ]);
  72.         }
  73.         return new JsonResponse([
  74.             'success' => true
  75.         ]);
  76.     }
  78.     /**
  79.      * @Route("/inscription", name="app_register")
  80.      */
  81.     public function register(Request $requestAuthenticationUtils $authenticationUtilsFileUploader $fileUploaderUserPasswordHasherInterface $passwordEncoderMailerInterface $mailer): Response
  82.     {
  83.         if ($this->getUser()) {
  84.             return $this->redirectToRoute('dashboard_index');
  85.         }
  87.         $error $authenticationUtils->getLastAuthenticationError();
  88.         $lastUsername $authenticationUtils->getLastUsername();
  89.         $em $this->doctrine->getManager();
  91.         $form $this->createForm(UserType::class, new User(), ["password" => true"is_register" => true]);
  93.         $form->handleRequest($request);
  95.         if ($form->isSubmitted() && $form->isValid()) {
  96.             $session $this->requestStack->getSession();
  97.             $checkUser $em->getRepository(User::class)->findOneBy([
  98.                 'email' => $form['email']->getData()
  99.             ]);
  100.             if ($checkUser != null) {
  101.                 $session->getFlashBag()->add('error'"L'adresse e-mail indiquée est déjà utilisée.");
  102.                 return $this->redirect($request->getUri());
  103.             }
  104.             $user $form->getData();
  105.             $user->setIsActive(true);
  106.             $user->setIsOptin(false);
  107.             $user->setOptinContact(false);
  108.             $user->setOptinConsentement(false);
  109.             $user->setIsDarkmode(false);
  110.             $user->setToken("");
  111.             $user->setCreatedAt(new \DateTimeImmutable());
  112.             $user->setStatus($em->getRepository(DataStatus::class)->findOneBy(["slug" => "en_attente"]));
  113.             $user->setRoles(["ROLE_CUSTOMER"]);
  114.             if ($form['password']->getData()) {
  115.                 $user->setPassword($passwordEncoder->hashPassword(
  116.                     $user,
  117.                     $form['password']->getData()
  118.                 ));
  119.             }
  121.             $logo $form->get('logo')->getData();
  122.             $dir $this->getParameter('kernel.project_dir') . '/public/uploads/logos/';
  123.             if (!is_dir($this->getParameter('kernel.project_dir') . '/public/uploads/logos/')) {
  124.                 mkdir($this->getParameter('kernel.project_dir') . '/public/uploads/logos/'0755true);
  125.             }
  126.             if ($logo) {
  127.                 $fileName $fileUploader->upload($logo$dir$logo->guessExtension());
  128.                 $user->setLogo($fileName);
  129.             }
  131.             $fileDiplome $form->get('diplome_copy')->getData();
  132.             $dir $this->getParameter('kernel.project_dir') . '/public/uploads/diplomes/';
  133.             if (!is_dir($this->getParameter('kernel.project_dir') . '/public/uploads/diplomes/')) {
  134.                 mkdir($this->getParameter('kernel.project_dir') . '/public/uploads/diplomes/'0755true);
  135.             }
  136.             if ($fileDiplome) {
  137.                 $fileName $fileUploader->upload($fileDiplome$dir$fileDiplome->guessExtension());
  138.                 $user->setDiplomeCopy($fileName);
  139.             }
  141.             $fileAdeli $form->get('adeli_certif')->getData();
  142.             $dir $this->getParameter('kernel.project_dir') . '/public/uploads/adeli/';
  143.             if (!is_dir($this->getParameter('kernel.project_dir') . '/public/uploads/adeli/')) {
  144.                 mkdir($this->getParameter('kernel.project_dir') . '/public/uploads/adeli/'0755true);
  145.             }
  146.             if ($fileAdeli) {
  147.                 $fileName $fileUploader->upload($fileAdeli$dir$fileAdeli->guessExtension());
  148.                 $user->setAdeliCertif($fileName);
  149.             }
  150.             
  151.             $file $form->get('signature')->getData();
  152.             $dir $this->getParameter('kernel.project_dir') . '/public/uploads/signatures/';
  153.             if(!is_dir($this->getParameter('kernel.project_dir') . '/public/uploads/signatures/')){
  154.                 mkdir($this->getParameter('kernel.project_dir') . '/public/uploads/signatures/',0755true);
  155.             }
  156.             if ($file) {
  157.                 $fileName $fileUploader->upload($file$dir$file->guessExtension());
  158.                 $user->setSignature($fileName);
  159.             }
  161.             // $user->setRegisterToken(uniqid());
  162.             // $url = $this->generateUrl('security_confirm_register', ['email' => $user->getEmail(), 'token' => $user->getRegisterToken()], UrlGeneratorInterface::ABSOLUTE_URL);
  164.             // $mail = (new Email())
  165.             //     ->subject('Bienvenue sur Profil-diet ! Veuillez activer votre compte')
  166.             //     ->from(new Address($_ENV['MAILER_ADDRESS'], $_ENV['MAILER_NAME']))
  167.             //     ->to($user->getEmail())
  168.             //     ->html($this->renderView('email/validation.html.twig', array('user' => $user, "link" => $url)));
  170.             // $mailer->send($mail);
  171.             
  172.             $mail = (new Email())
  173.                 ->subject('Bienvenue chez Profil-diet !')
  174.                 ->from(new Address($_ENV['MAILER_ADDRESS'], $_ENV['MAILER_NAME']))
  175.                 ->to($user->getEmail())
  176.                 ->html($this->renderView('email/en_attente_validation.html.twig', array('user' => $user)));
  178.             $mailer->send($mail);
  180.             $admins $em->getRepository(User::class)->findByRole("ROLE_ADMIN");
  181.             $adminEmails = [];
  182.             foreach($admins as $a) {
  183.                 $adminEmails[] = $a->getEmail();
  184.             }
  185.             $checkUrl $this->generateUrl('user_index', [], UrlGeneratorInterface::ABSOLUTE_URL);
  186.             $mail = (new Email())
  187.                 ->subject('PROFIL- DIET : une nouvelle demande d\'essai gratuit vous attend !')
  188.                 ->from(new Address($_ENV['MAILER_ADDRESS'], $_ENV['MAILER_NAME']))
  189.                 ->to(...$adminEmails)
  190.                 ->html($this->renderView('email/nouveau_client.html.twig', array('patient' => $user'url' => $checkUrl)));
  191.             $mailer->send($mail);
  193.             $em $this->doctrine->getManager();
  194.             $em->persist($user);
  195.             $em->flush();
  197.             $session->getFlashBag()->add('success'"Merci pour votre inscription, un administrateur va vérifier les données saisies avant d’activer le compte, vous recevrez une confirmation par e-mail");
  199.             return $this->redirectToRoute('app_login');
  200.         }
  202.         return $this->render('security/register.html.twig', ['form' => $form->createView(), 'last_username' => $lastUsername'error' => $error]);
  203.     }
  205.     /**
  206.      * @Route("/confirmation-inscription", name="security_confirm_register")
  207.      */
  208.     public function confirmRegister(Request $requestTool $toolUrlGeneratorInterface $routerMailerInterface $mailer)
  209.     {
  210.         $em $this->doctrine->getManager();
  211.         $session $this->requestStack->getSession();
  213.         $email $request->query->get('email');
  214.         $token $request->query->get('token');
  215.         $checkEmail $em->getRepository(User::class)->findOneBy(array("email" => $email));
  217.         if (!$checkEmail) {
  218.             $session->getFlashBag()->add('error'"L'adresse e-mail renseignée n'existe pas.");
  219.             return $this->redirectToRoute('app_register');
  220.         } else {
  221.             $checkEmail->setRegisterToken("");
  222.             $checkEmail->setIsActive(true);
  223.             $em->persist($checkEmail);
  224.             $em->flush();
  226.             $session $this->requestStack->getSession();
  227.             $session->getFlashBag()->add('success'"Félicitations, votre compte est bien validé, vous pouvez vous connecter");
  229.             return $this->redirectToRoute('app_login');
  230.         }
  231.     }
  233.     /**
  234.      * @Route("/confirmation-inscription-email", name="security_confirm_register_email")
  235.      */
  236.     public function confirmRegisterEmail(Request $requestTool $toolUrlGeneratorInterface $routerMailerInterface $mailer)
  237.     {
  238.         $em $this->doctrine->getManager();
  239.         $user $em->getRepository(User::class)->findOneBy(['email' => $request->request->get('email')]);
  240.         if(!$user) return $this->json(["success" => false"message" => "Adresse email invalide"]);
  242.         $user->setRegisterToken(uniqid());
  243.         $url $this->generateUrl('security_confirm_register', ['email' => $user->getEmail(), 'token' => $user->getRegisterToken()], UrlGeneratorInterface::ABSOLUTE_URL);
  245.         $mail = (new Email())
  246.             ->subject('Activation compte')
  247.             ->from(new Address($_ENV['MAILER_ADDRESS'], $_ENV['MAILER_NAME']))
  248.             ->to($user->getEmail())
  249.             ->html($this->renderView('email/template.html.twig', array('content' => 'Cliquez sur le bouton suivant pour activer votre compte et vous connecter.''user' => $user'button' => ["title" => "Me connecter""link" => $url])));
  251.         $mailer->send($mail);
  253.         $session $this->requestStack->getSession();
  255.         $em->persist($user);
  256.         $em->flush();
  258.         return $this->json(["success" => true"message" => "Email envoyé avec succès"]);
  259.     }
  261.     /**
  262.      * @Route("/mot-de-passe-perdu", name="security_reset_password")
  263.      */
  264.     public function resetPassword(Request $requestTool $toolUrlGeneratorInterface $routerMailerInterface $mailer)
  265.     {
  266.         if ($this->getUser()) {
  267.             return $this->redirectToRoute('dashboard_index');
  268.         }
  270.         if ($request->isMethod('post')) {
  271.             $em $this->doctrine->getManager();
  272.             $session $this->requestStack->getSession();
  275.             if (!$tool->captchaverify($request->get('recaptcha_response'))) {
  276.                 $session->getFlashBag()->add('error'"Erreur de sécurité avec le captcha code.");
  277.                 return $this->redirectToRoute('security_reset_password');
  278.             }
  280.             $email $request->request->get('email');
  281.             $checkEmail $em->getRepository(User::class)->findOneBy(array("email" => $email));
  283.             if (!$checkEmail) {
  284.                 $session->getFlashBag()->add('error'"L'adresse e-mail renseignée n'existe pas.");
  285.                 return $this->redirectToRoute('security_reset_password');
  286.             } else {
  288.                 $token $tool->generateToken();
  289.                 $checkEmail->setToken($token);
  290.                 $em->persist($checkEmail);
  291.                 $em->flush();
  293.                 $url $router->generate('security_update_password', ['email' => $checkEmail->getEmail(), 'token' => $checkEmail->getToken()], UrlGeneratorInterface::ABSOLUTE_URL);
  294.                 $message = (new Email())
  295.                     ->subject('Récupération de votre mot de passe')
  296.                     ->from(new Address($_ENV['MAILER_ADDRESS'], $_ENV['MAILER_NAME']))
  297.                     ->to($checkEmail->getEmail())
  298.                     ->html($this->renderView('email/reset_pwd.html.twig', array('user' => $checkEmail'url' => $url)));
  300.                 $mailer->send($message);
  301.                 $session->getFlashBag()->add('success'"Un e-mail de récupération de mot de passe a été envoyé.");
  302.                 return $this->redirectToRoute('app_logout');
  303.             }
  304.         }
  306.         return $this->render('security/reset_password.html.twig', []);
  307.     }
  309.     /**
  310.      * @Route("/mise-a-jour-mot-de-passe/{email}/{token}", name="security_update_password")
  311.      */
  312.     public function updatePassword(Request $request$email$tokenUserPasswordHasherInterface $hasherEventDispatcherInterface $eventDispatcher)
  313.     {
  314.         $em $this->doctrine->getManager();
  315.         $session $this->requestStack->getSession();
  316.         $checkUser $em->getRepository(User::class)->findOneBy(array("email" => $email"token" => $token));
  318.         if (!$checkUser) {
  319.             $session->getFlashBag()->add('error'"La page demandée n'existe pas.");
  320.             return $this->redirectToRoute('security_reset_password');
  321.         }
  323.         if ($request->isMethod('post')) {
  324.             $password $request->request->get('password');
  325.             if (!hash_equals($request->request->get('password'), $request->request->get('confirm_password'))) {
  326.                 $session->getFlashBag()->add('error'"Les deux mots de passe sont différents");
  327.                 return $this->redirectToRoute('security_update_password', ['email' => $checkUser->getEmail(), 'token' => $checkUser->getToken()]);
  328.             } else if (!$password) {
  329.                 $session->getFlashBag()->add('error'"Le mot de passe est obligatoire");
  330.                 return $this->redirectToRoute('security_update_password', ['email' => $checkUser->getEmail(), 'token' => $checkUser->getToken()]);
  331.             } else {
  333.                 $password $hasher->hashPassword($checkUser$request->request->get('password'));
  334.                 $checkUser->setPassword($password);
  335.                 $checkUser->setToken(null);
  336.                 $checkUser->setIsActive(true);
  338.                 $token = new UsernamePasswordToken($checkUser'main'$checkUser->getRoles());
  339.                 $this->container->get('security.token_storage')->setToken($token);
  340.                 $session->set('_security_main'serialize($token));
  342.                 $event = new InteractiveLoginEvent($request$token);
  343.                 $eventDispatcher->dispatch($event'security.interactive_login');
  344.         
  345.                 $em->persist($checkUser);
  346.                 $em->flush();
  347.                 $session->getFlashBag()->add('success'"Votre mot de passe a été mis à jour !");
  348.                 // $session->invalidate();
  349.                 return $this->redirectToRoute('dashboard_index');
  350.             }
  351.         }
  353.         return $this->render('security/update_password.html.twig', []);
  354.     }
  356.     /**
  357.      * @Route("/changement-agence/{id}/{role_id}", name="switch_agency")
  358.      */
  359.     public function switchCustomer(AuthenticationUtils $authenticationUtils$id$role_id)
  360.     {
  361.         $em $this->doctrine->getManager();
  362.         $session $this->requestStack->getSession();
  363.         $user $this->container->get('security.token_storage')->getToken()->getUser();
  365.         $agency $em->getRepository(Agency::class)->find($id);
  366.         $role $em->getRepository(DataRole::class)->find($role_id);
  368.         $checkUserRole $em->getRepository(UserAgency::class)->findOneBy(array("agency" => $agency"role" => $role));
  372.         if ($checkUserRole) {
  373.             $user->setAgency($agency);
  374.             $user->setRole($role);
  375.             $em->persist($user);
  376.             $em->flush();
  377.         } else if ($id == && $role_id == && $this->isGranted('ROLE_ADMIN')) {
  378.             $user->setAgency(NULL);
  379.             $user->setRole(NULL);
  380.             $em->persist($user);
  381.             $em->flush();
  382.         }
  383.         //echo $user->getAgency()->getId();die;
  385.         return $this->redirectToRoute('dashboard_index');
  386.     }
  388.     /**
  389.      * @Route("/logout", name="app_logout")
  390.      */
  391.     public function logout()
  392.     {
  393.         $session $this->requestStack->getSession();
  394.         $session->getFlashBag()->add('success'"Déconnexion !");
  396.         return $this->redirectToRoute('app_login');
  397.     }
  398. }