src/Controller/SecurityController.php line 91

Open in your IDE?
  1. <?php
  2. /**
  3.  * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
  4.  *
  5.  * Copyright (C) 2019 - 2020 Jan Böhmer (https://github.com/jbtronics)
  6.  *
  7.  * This program is free software: you can redistribute it and/or modify
  8.  * it under the terms of the GNU Affero General Public License as published
  9.  * by the Free Software Foundation, either version 3 of the License, or
  10.  * (at your option) any later version.
  11.  *
  12.  * This program is distributed in the hope that it will be useful,
  13.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15.  * GNU Affero General Public License for more details.
  16.  *
  17.  * You should have received a copy of the GNU Affero General Public License
  18.  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  19.  */
  21. declare(strict_types=1);
  23. /**
  24.  * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
  25.  *
  26.  * Copyright (C) 2019 Jan Böhmer (https://github.com/jbtronics)
  27.  *
  28.  * This program is free software; you can redistribute it and/or
  29.  * modify it under the terms of the GNU General Public License
  30.  * as published by the Free Software Foundation; either version 2
  31.  * of the License, or (at your option) any later version.
  32.  *
  33.  * This program is distributed in the hope that it will be useful,
  34.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  35.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  36.  * GNU General Public License for more details.
  37.  *
  38.  * You should have received a copy of the GNU General Public License
  39.  * along with this program; if not, write to the Free Software
  40.  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
  41.  */
  43. namespace App\Controller;
  45. use App\Entity\UserSystem\User;
  46. use App\Events\SecurityEvent;
  47. use App\Events\SecurityEvents;
  48. use App\Services\PasswordResetManager;
  49. use Doctrine\ORM\EntityManagerInterface;
  50. use Gregwar\CaptchaBundle\Type\CaptchaType;
  51. use RuntimeException;
  52. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  53. use Symfony\Component\EventDispatcher\EventDispatcher;
  54. use Symfony\Component\Form\Extension\Core\Type\PasswordType;
  55. use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
  56. use Symfony\Component\Form\Extension\Core\Type\SubmitType;
  57. use Symfony\Component\Form\Extension\Core\Type\TextType;
  58. use Symfony\Component\HttpFoundation\Request;
  59. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
  60. use Symfony\Component\Routing\Annotation\Route;
  61. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  62. use Symfony\Component\Validator\Constraints\Length;
  63. use Symfony\Component\Validator\Constraints\NotBlank;
  64. use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
  65. use Symfony\Contracts\Translation\TranslatorInterface;
  67. class SecurityController extends AbstractController
  68. {
  69.     protected $translator;
  70.     protected $allow_email_pw_reset;
  72.     public function __construct(TranslatorInterface $translatorbool $allow_email_pw_reset)
  73.     {
  74.         $this->translator $translator;
  75.         $this->allow_email_pw_reset $allow_email_pw_reset;
  76.     }
  78.     /**
  79.      * @Route("/login", name="login", methods={"GET", "POST"})
  80.      */
  81.     public function login(AuthenticationUtils $authenticationUtils): \Symfony\Component\HttpFoundation\Response
  82.     {
  83.         // get the login error if there is one
  84.         $error $authenticationUtils->getLastAuthenticationError();
  86.         // last username entered by the user
  87.         $lastUsername $authenticationUtils->getLastUsername();
  89.         return $this->render('security/login.html.twig', [
  90.             'last_username' => $lastUsername,
  91.             'error' => $error,
  92.         ]);
  93.     }
  95.     /**
  96.      * @Route("/pw_reset/request", name="pw_reset_request")
  97.      *
  98.      * @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
  99.      */
  100.     public function requestPwReset(PasswordResetManager $passwordResetRequest $request)
  101.     {
  102.         if (!$this->allow_email_pw_reset) {
  103.             throw new AccessDeniedHttpException('The password reset via email is disabled!');
  104.         }
  106.         if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
  107.             throw new AccessDeniedHttpException('You are already logged in, so you can not reset your password!');
  108.         }
  110.         $builder $this->createFormBuilder();
  111.         $builder->add('user'TextType::class, [
  112.             'label' => $this->translator->trans('pw_reset.user_or_email'),
  113.             'constraints' => [new NotBlank()],
  114.         ]);
  115.         $builder->add('captcha'CaptchaType::class, [
  116.             'width' => 200,
  117.             'height' => 50,
  118.             'length' => 6,
  119.         ]);
  120.         $builder->add('submit'SubmitType::class, [
  121.             'label' => 'pw_reset.submit',
  122.         ]);
  124.         $form $builder->getForm();
  125.         $form->handleRequest($request);
  127.         if ($form->isSubmitted() && $form->isValid()) {
  128.             $passwordReset->request($form->getData()['user']);
  129.             $this->addFlash('success''pw_reset.request.success');
  131.             return $this->redirectToRoute('login');
  132.         }
  134.         return $this->render('security/pw_reset_request.html.twig', [
  135.             'form' => $form->createView(),
  136.         ]);
  137.     }
  139.     /**
  140.      * @Route("/pw_reset/new_pw/{user}/{token}", name="pw_reset_new_pw")
  141.      *
  142.      * @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
  143.      */
  144.     public function pwResetNewPw(PasswordResetManager $passwordResetRequest $requestEntityManagerInterface $emEventDispatcherInterface $eventDispatcher, ?string $user null, ?string $token null)
  145.     {
  146.         if (!$this->allow_email_pw_reset) {
  147.             throw new AccessDeniedHttpException('The password reset via email is disabled!');
  148.         }
  150.         if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
  151.             throw new AccessDeniedHttpException('You are already logged in, so you can not reset your password!');
  152.         }
  154.         $data = [
  155.             'username' => $user,
  156.             'token' => $token,
  157.         ];
  158.         $builder $this->createFormBuilder($data);
  159.         $builder->add('username'TextType::class, [
  160.             'label' => $this->translator->trans('pw_reset.username'),
  161.         ]);
  162.         $builder->add('token'TextType::class, [
  163.             'label' => $this->translator->trans('pw_reset.token'),
  164.         ]);
  165.         $builder->add('new_password'RepeatedType::class, [
  166.             'type' => PasswordType::class,
  167.             'first_options' => [
  168.                 'label' => 'user.settings.pw_new.label',
  169.             ],
  170.             'second_options' => [
  171.                 'label' => 'user.settings.pw_confirm.label',
  172.             ],
  173.             'invalid_message' => 'password_must_match',
  174.             'constraints' => [new Length([
  175.                 'min' => 6,
  176.                 'max' => 128,
  177.             ])],
  178.         ]);
  180.         $builder->add('submit'SubmitType::class, [
  181.             'label' => 'pw_reset.submit',
  182.         ]);
  184.         $form $builder->getForm();
  185.         $form->handleRequest($request);
  187.         if ($form->isSubmitted() && $form->isValid()) {
  188.             $data $form->getData();
  189.             //Try to set the new password
  190.             $success $passwordReset->setNewPassword($data['username'], $data['token'], $data['new_password']);
  191.             if (!$success) {
  192.                 $this->addFlash('error''pw_reset.new_pw.error');
  193.             } else {
  194.                 $this->addFlash('success''pw_reset.new_pw.success');
  196.                 $repo $em->getRepository(User::class);
  197.                 $u $repo->findOneBy(['name' => $data['username']]);
  198.                 $event = new SecurityEvent($u);
  199.                 /** @var EventDispatcher $eventDispatcher */
  200.                 $eventDispatcher->dispatch($eventSecurityEvents::PASSWORD_RESET);
  202.                 return $this->redirectToRoute('login');
  203.             }
  204.         }
  206.         return $this->render('security/pw_reset_new_pw.html.twig', [
  207.             'form' => $form->createView(),
  208.         ]);
  209.     }
  211.     /**
  212.      * @Route("/logout", name="logout")
  213.      */
  214.     public function logout(): void
  215.     {
  216.         throw new RuntimeException('Will be intercepted before getting here');
  217.     }
  218. }