src/Controller/AuthController.php line 62

Open in your IDE?
  1. <?php
  4. namespace App\Controller;
  7. use App\Dto\Request\DtoSaveInstructorRequest;
  8. use App\Entity\Contact;
  9. use App\Entity\Prestashop\Customers;
  10. use App\Form\ContactAskPasswordResetType;
  11. use App\Form\ContactResetType;
  12. use App\Helper\StringHelper;
  13. use App\Repository\ContactRepository;
  14. use App\Security\ConnectAsAuthenticator;
  15. use App\Security\ConnectAsAuthenticatorextends;
  16. use App\Security\WebsiteFormAuthenticator;
  17. use App\Service\ContactManager;
  18. use App\Service\InstructorService;
  19. use App\Service\LanguageManager;
  20. use App\Service\NotificationManager;
  21. use App\Service\NotificationService;
  22. use Doctrine\ORM\EntityManagerInterface;
  23. use Symfony\Component\HttpFoundation\Request;
  24. use Symfony\Component\HttpFoundation\RequestStack;
  25. use Symfony\Component\HttpFoundation\Response;
  26. use Symfony\Component\Routing\RouterInterface;
  27. use Symfony\Component\Security\Core\Security;
  28. use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;
  29. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  30. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  32. class AuthController extends EntityController
  33. {
  34.     use TargetPathTrait;
  37.     private ContactManager $contactManager;
  39.     /**
  40.      * ApiController constructor.
  41.      * @param EntityManagerInterface $em
  42.      * @param ContactManager $contactManager
  43.      * @param NotificationManager $notificationManager
  44.      * @param RequestStack $request
  45.      * @param LanguageManager $languageManager
  46.      */
  47.     public function __construct(EntityManagerInterface $em,
  48.                                 ContactManager $contactManager,
  49.                                 NotificationManager $notificationManager,
  50.                                 RequestStack $request,
  51.                                 LanguageManager $languageManager,
  52.                                 NotificationService $notificationService)
  53. //<<<<<<< HEAD
  54. //                                LanguageManager $languageManager,
  55. //                                SessionInterface $session,
  56. //                                NotificationService $notificationService)
  57. //    {
  58. //        parent::__construct($em, $notificationManager, $request, $languageManager, $session, $notificationService);
  59. //=======
  60. //                                LanguageManager $languageManager)
  61.     {
  62.         parent::__construct($em$notificationManager$request$languageManager$notificationService);
  63. //>>>>>>> 92-achat-unique
  64.         $this->contactManager $contactManager;
  65.     }
  67.     /**
  68.      * This is a form for a customer to ask to change password for the email submitted.
  69.      * Route : /password-reset
  70.      * @param Request $request
  71.      * @return Response
  72.      */
  73.     public function viewAskPasswordReset(Request $requestRouterInterface $router) : Response
  74.     {
  75.         $this->getNavigationContext($request$router);
  76.         $emptyAccount = (new Contact())
  77.             ->setPassword('12345')
  78.             ->setRepeatedPassword('12345');
  79.         // generate the form with the email
  80.         // todo : add captcha ?
  81.         $form $this->createForm(ContactAskPasswordResetType::class, $emptyAccount);
  83.         // Get the email from the form and process like apiAskPasswordReset
  84.         if ($request->isMethod('POST')) {
  85.             $form->submit($request->request->get($form->getName()));
  86.             // If form is correct
  87.             if ($form->isSubmitted()) {
  88.                 $email $emptyAccount->getEmail();
  89.                 $contact $this->contactManager->getContactByMail($email);
  90.                 // get account by mail
  91.                 if(!is_null($contact)){
  92.                     // if the user has no validity date or a old validity date
  93.                     $this->contactManager->sendResetPassword($contact$this->language$this->viewData["context"]);
  94.                 }
  95.                 else{
  96.                     $this->notificationManager::addError('Le compte n\'existe pas');
  97.                 }
  98.             }
  99.         }
  101.         $this->createFlashs();
  102.         $this->addViewDataObject('form'$form->createView())
  103.             ->addViewDataArray('response'$this->getMessages());
  104.         return $this->render('contact/ask_account_password_reset.html.twig',
  105.             $this->viewData
  106.         );
  107.     }
  109.     /**
  110.      * The FORM to reset password with password and repeated password
  111.      * Route : ResetPassword
  112.      * @param Request $request
  113.      * @return Response
  114.      */
  115.     public function viewResetPassword(Request $requestRouterInterface $router) : Response
  116.     {
  117.         $token $request->query->get('token'''); // the static + the temporary token
  118.         //test data = 86ae4cbe2a4650d7fa91655948c6e5de38ba907fdd0eff7ea4085efc7a780dd3
  119.         $this->getNavigationContext($request$router);
  121.         if(empty($token) || strlen($token) !== 128){
  122.             $this->notificationManager::addError('Utilisateur non valable');
  123. //            $this->notificationManager::addError('86ae4cbe2a4650d7fa91655948c6e5de38ba907fdd0eff7ea4085efc7a780dd3' . $this->getTemporaryAccessToken('toto@toto.com'));
  124.         }
  125.         else{
  126.             $staticToken substr($token064); // The account static token
  127.             $currentAccount $this->contactManager->getContactByStaticToken($staticToken);
  129.             // Check if the email exists and the token is correct
  130.             if($currentAccount !== null
  131.                 && $currentAccount->getResetPasswordValidity() !== null
  132.                 && $currentAccount->getResetPasswordValidity() <= new \DateTime('NOW')
  133.             ){
  134.                 $this->notificationManager::addError('Utilisateur non valable ou délai dépassé : réessayez');
  135.                 $this->createFlashs();
  136.                 return $this->redirectToRoute('Index',
  137.                     $this->viewData
  138.                 );
  139.             }
  140.             else{
  141.                 // Now we add the form to change the password
  142.                 $form $this->createForm(ContactResetType::class, $currentAccount);
  144.                 if ($request->isMethod('POST')) {
  145.                     $form->submit($request->request->get($form->getName()));
  146.                     // If form is correct
  147.                     if ($form->isSubmitted() && $form->isValid()){
  148.                         // save the account
  149.                         $clearPassword $currentAccount->getPassword();
  150.                         if($this->contactManager->updatePasswordFromToken($currentAccount->getEmail(), $currentAccount->getPassword(), $staticToken)){
  151.                             $this->notificationManager::addInfo("Mot de passe mis à jour");
  152.                             $contact $this->contactManager->getContactByMail($currentAccount->getEmail());
  153.                             $contact->setLastConnexion();
  154.                             $this->entityManager->flush();
  155.                         }
  156.                         else{
  157.                             $this->notificationManager::addError("Utilisateur invalide");
  158.                         }
  160.                         // if the account exists on Prestashop
  161.                         $psCustomer Customers::getByEmail($currentAccount->getEmail(),true);
  163.                         // Insert the user if he doesn't exist
  164.                         if(!is_null($psCustomer)){
  165.                             if($psCustomer->updatePassword($clearPassword) !==0){
  166.                                 $this->notificationManager::addInfo("Mot de passe modifié sur Prestashop");
  167.                             }
  168.                         }
  169.                         $this->createFlashs();
  171.                         return $this->redirectToRoute('PreLogin', [
  172.                             "brandCode" => $_GET["brandCode"] ?? null,
  173.                             "apiKey" => $_GET["apiKey"] ?? null,
  174.                         ]);
  175.                     }
  176.                 }
  177.                 $this->createFlashs();
  178.                 $this->addViewDataObject('form'$form->createView())
  179.                     ->addViewDataArray('response'$this->getMessages());
  180.                 return $this->render('contact/account_password_reset.html.twig',
  181.                     $this->viewData
  182.                 );
  183.             }
  184.         }
  185.         return $this->render('home.html.twig', ['response' => $this->getMessages()]);
  186.     }
  188.     /**
  189.      * Login to the app
  190.      * Set a session with the contact and all related accounts
  191.      * Route : login
  192.      * @param Request $request
  193.      * @return Response
  194.      */
  195.     public function viewPreLogin(Request $requestRouterInterface $router): Response
  196.     {
  197. //        dd($request->getSession()->get('_security.default.target_path'));
  198.         if (isset($_GET["lang"]) && StringHelper::isNullOrEmptyWithSpace($_GET["lang"]) == false)
  199.         {
  200.             return $this->redirectToRoute('PreLogin', [
  201.                 "_locale" => $_GET["lang"],
  202.                 "brandCode" => $_GET["brandCode"]?? null,
  203.                 "apiKey" => $_GET["apiKey"]?? null
  204.             ]);
  205.         }
  209.         if($_ENV["MAINTENANCE"] === "true") {
  210.             return $this->render('maintainance.html.twig'$this->viewData);
  211.         }
  212.         $responseAction 'pre-login';
  213.         $response null;
  214.         $data = [];
  215.         if(isset($_COOKIE["contactDeleted"])) {
  216.             $this->notificationManager::addError('Oops, il y a un souci ! Soit il y a eu une erreur avec votre adresse email, soit nos serveurs sont pris d\'assaut par trop de monde en même temps. Veuillez vérifier votre saisie ou réessayer plus tard :)');
  217.         }
  218.         // If user is connected
  219.         /*if (!is_null($this->getUser())) {
  220.             $responseAction = 'ContactAccounts';
  221.         }*/
  222.         if (!is_null($this->getUser())) {
  223.             if(!is_null($request->getSession()->get('_security.default.target_path'))) {
  224.                 return $this->redirect($request->getSession()->get('_security.default.target_path'));
  225.             }
  226.             else {
  227.                 $responseAction 'ContactAccounts';
  228.             }
  229.         }
  230.         else{
  231.             $this->getNavigationContext($request$router);
  232.             $submitted $request->request->get('submitLogin');
  233.             // if the form is submitted
  234.             if(!is_null($submitted)){
  235.                 $contactEmail $request->request->get('email');
  236.                 // If the email address exists and is a correct email address
  237.                 if(!is_null($contactEmail) || !filter_var($contactEmailFILTER_VALIDATE_EMAIL)){
  238.                     $contact $this->contactManager->getContactByMail($contactEmail);
  239.                     // Si le contact n'est pas trouvé, on tente de le rechercher dans salesforce et de le synchroniser
  240.                     if (is_null($contact))
  241.                     {
  242.                         $contact $this->contactManager->syncContactFormSF($contactEmail);
  243.                     }
  245.                     // If the contact exists
  246.                     if(!is_null($contact)){
  247.                         // If its the first connexion
  248.                         if(is_null($contact->getLastConnexion())){
  249.                             $this->contactManager->getContactByMail($contactEmail);
  251.                             if(strpos($request->getSession()->get('_security.default.target_path'), 'external_access/buy')) {
  252.                                 $currentContact $this->entityManager->getRepository(Contact::class)->findOneBy(['email' => $contactEmail]);
  253.                                 $currentContact->setInternalReturnUrl($request->getSession()->get('_security.default.target_path'));
  254.                                 $this->entityManager->persist($currentContact);
  255.                                 $this->entityManager->flush();
  256.                             }
  258.                             $responseAction 'FirstConnexionResetPassword';
  259.                         }
  260.                         // if its a normal connexion
  261.                         else{
  262.                             $responseAction 'Login';
  263.                             if($request->request->get('brandCode') != null && $request->request->get('brandCode') != "") {
  264.                                 $brandCode $request->request->get('brandCode');
  265.                                 $data['brandCode'] = $brandCode;
  266.                             }
  267.                             if($request->request->get('apiKey') != null && $request->request->get('apiKey') != "") {
  268.                                 $apiKey $request->request->get('apiKey');
  269.                                 $data['apiKey'] = $apiKey;
  270.                             }
  271.                         }
  272.                         $data['email'] = $contact->getEmail();
  274.                     }
  275.                     // contact not existing
  276.                     else{
  277.                         if($request->request->get('brandCode') != null && $request->request->get('brandCode') != "") {
  278.                             $brandCode $request->request->get('brandCode');
  279.                             $data['brandCode'] = $brandCode;
  280.                         }
  281.                         $responseAction 'Register';
  282.                         $data['email'] = $contactEmail;
  283. //                        $this->notificationManager::addError('Le compte n\'existe pas.');
  284.                     }
  285.                 }
  286.                 // Contact email not filled
  287.                 else{
  288.                     $this->notificationManager::addError('Adresse email incorrecte');
  289.                 }
  290.             }
  291.             $this->createFlashs();
  292.         }
  294.         if ($responseAction === 'ContactAccounts'){
  295.             $response $this->redirectToRoute('ContactAccounts');
  296.         }
  297.         elseif ($responseAction === 'FirstConnexionResetPassword'){
  298.             $data["brandCode"] = $_GET["brandCode"]?? null;
  299.             $data["apiKey"] = $_GET["apiKey"]?? null;
  300.             $response $this->redirectToRoute('FirstConnexionResetPassword'$data);
  301.         }
  302.         elseif ($responseAction === 'Login'){
  303.             $response $this->redirectToRoute('Login'$data);
  304.         }
  305.         elseif ($responseAction === 'Register'){
  306.             $response $this->redirectToRoute('Register'$data);
  307.         }
  308.         else{
  309.             $response $this->render('login/pre-login.html.twig'$this->viewData);
  310.         }
  312.         return $response;
  313.     }
  315.     /**
  316.      * Login to the app
  317.      * Set a session with the contact and all related accounts
  318.      * Route : login
  319.      * @param AuthenticationUtils $authenticationUtils
  320.      * @param Request $request
  321.      * @return Response
  322.      */
  323.     public function viewLogin(AuthenticationUtils $authenticationUtilsRequest $requestRouterInterface $router): Response
  324.     {
  325.         $responseRoute 'Login';
  326.         $data = [];
  328.         if (!is_null($this->getUser())) {
  329.             $responseRoute 'ContactAccounts';
  330.         }
  331.         else{
  332.             $this->getNavigationContext($request$router);
  334.             $contactEmail $request->query->get('email');
  335.             if(is_null($contactEmail)){
  336.                 $responseRoute 'PreLogin';
  337.             }
  338.             else{
  339. //                if(is_null($contactEmail)){
  340. //                    $contactEmail = $authenticationUtils->getLastUsername();
  341. //                }
  343.                 // get the login error if there is one
  344.                 $error $authenticationUtils->getLastAuthenticationError();
  345.                 // last username entered by the user
  346.                 $lastUsername $authenticationUtils->getLastUsername();
  347.                 $this->addViewDataString('last_username'$lastUsername)
  348.                     ->addViewDataObject('error'$error)
  349.                     ->addViewDataString('email'$contactEmail);
  350.             }
  351.         }
  352.         $this->createFlashs();
  354.         if($responseRoute === 'ContactAccounts'){
  355.             $response $this->redirectToRoute('ContactAccounts');
  356.         }
  357.         elseif($responseRoute === 'PreLogin'){
  358.             $response $this->redirectToRoute('PreLogin');
  359.         }
  360.         else{
  361.             $response $this->render('login/login.html.twig'$this->viewData);
  362.         }
  364.         return $response;
  365.     }
  367.     public function logout()
  368.     {
  370.     }
  372.     /**
  373.      * First connexion email
  374.      * @param Request $request
  375.      * @return Response
  376.      */
  377.     public function viewFirstConnexionResetPassword(Request $requestRouterInterface $router) : Response
  378.     {
  379.         $contactEmail $request->query->get('email''');
  380.         $contact $this->contactManager->getContactByMail($contactEmail);
  382.         $this->getNavigationContext($request$router);
  384.         if(!is_null($contact) && is_null($contact->getLastConnexion())){
  385.             // if the user has no validity date or a old validity date
  386.             $this->contactManager->sendResetPassword($contact$this->language$this->viewData['context']);
  387. //            $contact->setLastConnexion();
  388. //            $this->entityManager->flush();
  389.         }
  390.         else{
  391.             $this->notificationManager::addError('Le compte n\'existe pas ou l\'e-mail de première connexion a déjà été envoyé');
  392.         }
  393.         $this->createFlashs();
  394.         return $this->render('contact/first_connexion_ask_account_password_reset.html.twig'$this->viewData);
  395.     }
  397.     /**
  398.      * Register account
  399.      * @param Request $request
  400.      * @return Response
  401.      */
  402.     public function viewRegisterAccount(Request $requestRouterInterface $routerInstructorService $instructorServiceGuardAuthenticatorHandler $guardWebsiteFormAuthenticator $autoLoginAuthenticator) : Response
  403.     {
  404.         if (!is_null($this->getUser()) || $this->language == 'it') {
  405.             $responseRoute $this->redirectToRoute('ContactAccounts'$this->viewData);
  406.         }
  407.         else {
  408.             $this->getNavigationContext($request$router);
  410.             $dtoRequest = new DtoSaveInstructorRequest();
  412.             $submitted $request->request->get('submitRegister');
  413.             // if the form is submitted
  414.             if (!is_null($submitted)) {
  415.                 $dtoRequest->email $request->request->get('email') ?? '';
  416.                 $dtoRequest->emailCompta $request->request->get('email') ?? '';
  417.                 $dtoRequest->lastName $request->request->get('lastName') ?? '';
  418.                 $dtoRequest->firstName $request->request->get('firstName') ?? '';
  419.                 $dtoRequest->phone $request->request->get('phone') ?? '';
  420.                 $dtoRequest->address $request->request->get('address') ?? '';
  421.                 $dtoRequest->zipCode $request->request->get('zipCode') ?? '';
  422.                 $dtoRequest->city $request->request->get('city') ?? '';
  423.                 $dtoRequest->siret $request->request->get('siret') ?? '';
  424.                 $dtoRequest->tva $request->request->get('tva') ?? '';
  425.                 $dtoRequest->password $request->request->get('password') ?? '';
  426.                 $dtoRequest->checkPassword $request->request->get('checkPassword') ?? '';
  427.                 $dtoRequest->billingCountryCode $request->request->get('country') ?? '';
  428.                 $dtoRequest->isPro $request->request->get('isPro');
  430.                 $dtoResponse $instructorService->createInstructor($dtoRequest);
  431.                 $this->createFlashsFromDtoResponse($dtoResponse);
  432.                 if($dtoResponse->isSuccess()) {
  433.                     $referent $this->contactManager->fillSessionContactFromContactEmail($dtoRequest->email);
  434.                     $request->getSession()->set(Security::LAST_USERNAME$request->get('email'));
  435.                     $request->getSession()->set('contact'$referent);
  436.                     $request->getSession()->set('contactCsrfToken'$this->contactManager->getContactApiTokenByEmail($dtoRequest->email));
  437.                     // Handle user as if he just logged-in
  438.                     // after validating the user and saving it to the database
  439.                     // authenticate the user and use onAuthenticationSuccess on the authenticator
  441.                     $user $this->contactManager->getContactByMail($dtoRequest->email);
  442.                     $guard->authenticateUserAndHandleSuccess(
  443.                         $user,
  444.                         $request,
  445.                         $autoLoginAuthenticator,
  446.                         'main'
  447.                     );
  448.                     $responseRoute $this->redirectToRoute('PreLogin'$this->viewData);
  449.                 } else {
  450.                     $this->addViewDataObject('newInstructorAccount'$dtoRequest);
  451.                     $responseRoute $this->render('contact/register.html.twig'$this->viewData);
  452.                 }
  453.             } else {
  454.                 $responseRoute $this->render('contact/register.html.twig'$this->viewData);
  455.             }
  456.         }
  457.         return $responseRoute;
  458.     }
  461.     /**
  462.      * Autologin from Salesforce
  463.      * path: /{_locale}/switch
  464.      * name: SwitchUser
  465.      * @return \Symfony\Component\HttpFoundation\Response
  466.      */
  467.     public function switchUser(GuardAuthenticatorHandler $guardSecurity $securityConnectAsAuthenticator $customAuthenticatorRequest $request)
  468.     {
  469.         if ($this->getUser() == null)
  470.         {
  471.             $this->saveTargetPath($request->getSession(), "default"$request->getUri());
  472.             return $this->redirectToRoute('PreLogin');
  473.         }
  475.         $user $this->entityManager->getRepository(Contact::class)->findOneBy(["email" => $request->get("email")]);
  477.         if ($user == null || $security->isGranted('ROLE_ADMIN') == false)
  478.         {
  479.             throw $this->createNotFoundException("L'action demandée ne peut pas être exécutée.");
  480.         }
  481.         else
  482.         {
  483.             $currentUser $security->getUser();
  484.             $customAuthenticator->setCurrentUser($currentUser);
  486.             // Handle user as if he just logged-in
  487.             // after validating the user and saving it to the database
  488.             // authenticate the user and use onAuthenticationSuccess on the authenticator
  489.             $guard->authenticateUserAndHandleSuccess(
  490.                 $user,
  491.                 $request,
  492.                 $customAuthenticator,
  493.                 'main'
  494.             );
  496.             // Redirection vers la page Home
  497.             return $this->redirectToRoute('ContactAccounts');
  498.         }
  499.     }
  501.     /**
  502.      * disconnect to previous account from Salesforce
  503.      * path: /{_locale}/exit
  504.      * name: ExitUser
  505.      * @return Response
  506.      */
  507.     public function exitUser(GuardAuthenticatorHandler $guardSecurity $securityConnectAsAuthenticator $customAuthenticatorRequest $request) : Response
  508.     {
  509.         // Récupération des données de l'administrateur dans la session
  510.         $previousAdminUsername $request->getSession()->get('previousAdminUsername');
  511.         if (StringHelper::isNullOrEmptyWithSpace($previousAdminUsername) == false)
  512.         {
  513.             $user $this->entityManager->getRepository(Contact::class)->findOneBy(["email" => $previousAdminUsername]);
  514.             if ($user == null)
  515.             {
  516.                 throw $this->createNotFoundException("L'action demandée ne peut pas être exécutée.");
  517.             }
  518.             else
  519.             {
  520.                 $customAuthenticator->setCurrentUser(null);
  521.                 $guard->authenticateUserAndHandleSuccess(
  522.                     $user,
  523.                     $request,
  524.                     $customAuthenticator,
  525.                     'main'
  526.                 );
  528.                 // Redirection vers la page Home
  529.                 return $this->redirectToRoute('ContactAccounts');
  530.             }
  531.         }
  532.         else
  533.         {
  534.             throw $this->createNotFoundException("L'action demandée ne peut pas être exécutée.");
  535.         }
  536.     }
  538. }