src/Controller/UserAuthenticationController.php line 96

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\User;
  6. use App\Entity\Company;
  7. use App\Entity\PersonalInfo;
  8. use App\Entity\Invitation;
  9. use App\Form\RegisterCompanyType;
  10. use App\Form\RegisterUserType;
  11. use App\Repository\UserRepository;
  12. use App\Service\MailgunService;
  13. use App\Service\UtilsService;
  14. use App\Service\LogService;
  15. use Doctrine\ORM\EntityManagerInterface;
  16. use Symfony\Component\Form\Extension\Core\Type\EmailType;
  17. use Symfony\Component\Form\Extension\Core\Type\SubmitType;
  18. use Symfony\Component\Form\Extension\Core\Type\PasswordType;
  19. use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
  20. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  21. use Symfony\Component\Routing\Annotation\Route;
  22. use Symfony\Component\HttpFoundation\Request;
  23. use Symfony\Component\HttpFoundation\Response;
  24. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  25. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  26. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  27. use Symfony\Contracts\Translation\TranslatorInterface;
  29. class UserAuthenticationController extends AbstractController
  30. {
  31.     // ## Basic Authentication ## //
  32.     #[Route(path'/login'name'login')]
  33.     public function login(AuthenticationUtils $authenticationUtils): \Symfony\Component\HttpFoundation\Response
  34.     {
  35.         // get the login error if there is one
  36.         $error $authenticationUtils->getLastAuthenticationError();
  37.         
  38.         // last username entered by the user
  39.         $lastUsername $authenticationUtils->getLastUsername();
  41.         if ($this->getUser()) {
  42.             return $this->redirectToRoute('index');
  43.         }
  45.         return $this->render('public/user-authentication/login.html.twig', array(
  46.             'last_username' => $lastUsername,
  47.             'error' => $error
  48.         ));    
  49.     }
  51.     #[Route(path'/logged'name'login_check')]
  52.     public function loginCheck() : \Symfony\Component\HttpFoundation\RedirectResponse
  53.     {
  54.         $user $this->getUser();
  55.         if (!$user) {
  56.             throw new \Exception('User not found!');
  57.         }
  58.         if(!$user->getIsActive()){
  59.             $this->addFlash(
  60.                 'danger'"Your account has been disabled"
  61.             );
  62.             return $this->redirectToRoute('login');
  63.         }
  64.         if($user->getPersonalInfo() == null){
  65.             $personal_info = new PersonalInfo();
  66.             $user->setPersonalInfo($personal_info);
  67.         }
  68.         if($user->getStatus() == null){
  69.             $user->setStatus('status.off');
  70.         }
  71.         $user->setLastLoginAt(new \DateTime());
  72.         $entityManager $this->getDoctrine()->getManager();
  73.         $entityManager->persist($user);
  74.         $entityManager->flush();
  75.         if ($this->isGranted('ROLE_OWNER') && count($user->assignedOffices()) == 0) {
  76.             return $this->redirectToRoute('add_office');
  77.         } elseif ($user->companyOwner() && count($user->assignedCompany()->getDepartments()) == 0) {
  78.             return $this->redirectToRoute('department_settings');
  79.         } elseif($user->getPersonalInfo()->profileCompletion()['completed'] <= 1) {
  80.             return $this->redirectToRoute('edit_user_profile');
  81.         }
  82.         /*
  83.                 if ($user->getLastLogin() == null) {
  84.                     return $this->redirectToRoute('complete-register');
  85.                 }*/
  86.         return $this->redirectToRoute('index');
  87.     }
  89.     #[Route(path'/logout'name'logout'methods: ['GET'])]
  90.     public function logout()
  91.     {
  92.         // controller can be blank: it will never be executed!
  93.         throw new \Exception('Don\'t forgot to activate logout in security.yaml');
  94.     }
  95.     #[Route(path'/forgot'name'forgot_password')]
  96.     public function forgotPage(Request $requestMailgunService $mailgunServiceEntityManagerInterface $entityManagerUtilsService $utilsServiceTranslatorInterface $translator): \Symfony\Component\HttpFoundation\Response
  97.     {
  99.         $form $this->createFormBuilder()
  100.             ->add('email'EmailType::class,  array(
  101.                 'label' => 'E-Mail',
  102.                 'attr' => array('maxlength' => 128'class'=> 'form-control'),
  103.             )) 
  104.             ->add('submit'SubmitType::class, array('label' => 'Send me reset password instructions'))
  105.             ->getForm();
  107.         $form->handleRequest($request);
  109.         if ($form->isSubmitted() && !$form->isValid()) {
  110.             foreach ($form->getErrors(true) as $error) {
  111.                 $this->addFlash(
  112.                     'danger'$error->getMessage()
  113.                 );
  114.             }
  115.         }
  116.         if ($form->isSubmitted() && $form->isValid()) {
  118.             $email $form["email"]->getData();
  120.             $user $entityManager->getRepository(User::class)->findOneByEmail($email);
  122.             if ($user && $user->getIsActive()) {
  124.                 $user->setForgetToken($utilsService->generateRandomString(30));
  125.                 $entityManager->persist($user);
  126.                 $entityManager->flush();
  128.                 $confirmationUrl $this->generateUrl('reset_password', array('forgotToken' => $user->getForgetToken()), UrlGeneratorInterface::ABSOLUTE_URL);
  129.                 $mailgunService->sendEmail($translator->trans('email.password_reset'),
  130.                     [$user->getEmail()],
  131.                     'email/user-authentication/reset-password.html.twig',
  132.                     ['recipientName' => $user->getPersonalInfo()->getFirstName() ? $user->getPersonalInfo()->getFirstName() : $user->getEmail(),
  133.                         'confirmationUrl' => $confirmationUrl
  134.                     ], false
  135.                 );
  136.             }
  138.             $this->addFlash(
  139.                 'success',
  140.                 'We have send an email instruction to reset your password. Please check your email.'
  141.             );
  142.         }
  143.         return $this->render(
  144.             'public/user-authentication/forgot-password.html.twig',
  145.             array('form' => $form->createView())
  146.         );
  147.     }
  149.     #[Route(path'/reset-password/{forgotToken}'name'reset_password')]
  150.     public function resetPassword(Request $requestEntityManagerInterface $entityManagerUtilsService $utilsService$forgotTokenUserPasswordHasherInterface $passwordHasher)
  151.     {
  153.         $user $entityManager->getRepository(User::class)->findOneByForgetToken($forgotToken);
  154.         if (!$user || !$user->getIsActive()) {
  155.             //throw new \Exception('User not found!');
  156.             $this->addFlash(
  157.                 'warning',
  158.                 'Link expired!'
  159.             );
  160.             return $this->redirectToRoute('login');
  161.         }
  163.         //$form = $this->createForm(ResetPasswordType::class);
  164.         $form $this->createFormBuilder()
  165.                 ->add('plainPassword'RepeatedType::class, array(
  166.                     'type' => PasswordType::class,
  167.                     'first_options'  => array('label' => 'Password'),
  168.                     'second_options' => array('label' => 'Repeat Password'),
  169.                 ))
  170.                 ->add('submit'SubmitType::class, array('label' => 'Reset password'))
  171.                 ->getForm();
  172.         $form->handleRequest($request);
  174.         if ($form->isSubmitted() && $form->isValid()) {
  176.             $user->setForgetToken(null);
  177.             $plainpassword $form['plainPassword']->getData();
  178.             $password $passwordHasher->hashPassword($user$plainpassword);
  179.             $user->setPassword($password);
  181.             $entityManager->persist($user);
  182.             $entityManager->flush();
  184.             $this->addFlash(
  185.                 'success',
  186.                 'Your password have been reset. Please login'
  187.             );
  188.              return $this->redirectToRoute('login');
  189.         }
  191.         return $this->render(
  192.             'public/user-authentication/reset-password.html.twig',
  193.             array('form' => $form->createView())
  194.         );
  195.     }
  197.     // ## User Registration Process ## //
  198.     #[Route(path'/register'name'company_registration')]
  199.     public function companyRegistration(Request $requestUserPasswordHasherInterface $passwordHasherMailgunService $mailgunServiceUtilsService $utilsServiceUserRepository $userRepositoryTranslatorInterface $translator)
  200.     { 
  201.         $user = new User();
  202.         $company = new Company();
  203.         $personal_info = new PersonalInfo();
  205.         $form $this->createForm(RegisterCompanyType::class, $user);
  206.         $form->handleRequest($request);
  208.        if ($form->isSubmitted() && !$form->isValid()) {
  209.             foreach ($form->getErrors(true) as $error) {
  210.                 $this->addFlash(
  211.                     'danger'$error->getMessage()
  212.                 );
  213.             }
  214.         }
  216.         if ($form->isSubmitted() && $form->isValid()) {
  217.             
  218.             $lowercaseEmail strtolower($user->getEmail());
  219.             $user->setCanonicalEmail($lowercaseEmail);
  220.             $existingUser $userRepository->findOneByCanonicalEmail($lowercaseEmail);
  221.             if($existingUser){
  222.                 $this->addFlash(
  223.                     'danger''Email already in use, login instead'
  224.                 );
  225.                 return $this->redirectToRoute('login');
  226.             }
  228.             $password $passwordHasher->hashPassword($user$user->getPlainPassword());
  229.             $user->setPassword($password);
  230.             $user->setConfirmationToken($utilsService->generateRandomString(30));
  231.             $user->setIsActive(false);
  232.             $user->setEmailValidated(false);
  233.             $user->setRoles(array('ROLE_HR','ROLE_MANAGEMENT''ROLE_ACCESS_ALL_OFFICE'));
  234.             $user->setCreatedAt(new \DateTime());
  235.             $user->setPersonalInfo($personal_info);
  236.             $user->setStatus('status.off');
  238.             $company->setFullname($form->get('fullName')->getData());
  239.             $user->addCompany($company);
  241.             $entityManager $this->getDoctrine()->getManager();
  242.             $entityManager->persist($user);
  243.             $entityManager->persist($company);
  244.             $entityManager->flush();
  245.             $entityManager->refresh($user);
  247.             $confirmationUrl $this->generateUrl('user_confirmation', array('confirmationToken' => $user->getConfirmationToken()), UrlGeneratorInterface::ABSOLUTE_URL);
  248.             $mailgunService->sendEmail($translator->trans('email.register_company'),
  249.                 [$user->getEmail()],
  250.                 'email/user-authentication/company-registration.html.twig',
  251.                 ['user' => $user,
  252.                     'company' => $company,
  253.                     'confirmationUrl' => $confirmationUrl
  254.                 ], false
  255.             );
  257.             $this->addFlash(
  258.                 'success'"Please check your email to finish the registration process."
  259.             );
  261.             return $this->redirect($request->getUri());
  262.             /*return $this->render(
  263.                 'public/user-authentication/register-form.html.twig',
  264.                 array('form' => $form->createView(),
  265.                     'user' => $user
  266.                 )
  267.             );*/
  268.         
  270.         return $this->render(
  271.             'public/user-authentication/register-company.html.twig',
  272.             array('form' => $form->createView())
  273.         );
  274.         
  275.     }
  277.     #[Route(path'/confirm/{confirmationToken}'name'user_confirmation')]
  278.     public function confirmUser($confirmationTokenEntityManagerInterface $entityManagerMailgunService $mailgunServiceUserRepository $userRepositoryTranslatorInterface $translator)
  279.     {
  280.         
  281.         $user $entityManager->getRepository(User::class)->findOneByConfirmationToken($confirmationToken);
  282.         $company $user->assignedCompany();
  284.         if (!$user) {
  285.             $this->addFlash(
  286.                 'warning'"User not found, please register"
  287.             );
  288.             return $this->redirectToRoute('user_registration');
  289.             //throw new NotFoundHttpException('User not found');
  290.         }
  292.         $user->setEmailValidated(true);
  293.         $user->setIsActive(true);
  295.         $entityManager->persist($user);
  296.         $entityManager->flush();
  298.         if ($user->getIsActive()) {
  299.              $mailgunService->sendEmail($translator->trans('email.registration_steps'),
  300.                 [$user->getEmail()],
  301.                 'email/user-authentication/company-registered.html.twig',
  302.                 ['user' => $user,
  303.                     'company' => $company
  304.                 ], false
  305.             );
  306.              
  307.             $this->addFlash(
  308.                 'success'"Email has been verified, please login to proceed"
  309.             );
  310.             return $this->redirectToRoute('login');
  311.         } else {
  312.             return $this->render(
  313.                 'public/user-authentication/register-status.html.twig',
  314.                 ['user' => $user]
  315.             );
  316.         }
  317.     }
  318.     #[Route(path'/invitation'name'user_invitation')]
  319.     public function invitationPage(): \Symfony\Component\HttpFoundation\RedirectResponse{
  320.         //return $this->render('public/user-authentication/invitation.html.twig', []);
  321.         return $this->redirectToRoute('login');
  322.     }
  323.     #[Route(path'/invitation/{confirmationToken}'name'user_invited')]
  324.     public function confirmInvitation(Request $request$confirmationTokenEntityManagerInterface $entityManagerUserPasswordHasherInterface $passwordHasherMailgunService $mailgunServiceUserRepository $userRepositoryTranslatorInterface $translator)
  325.     {
  326.         $invitation $entityManager->getRepository(Invitation::class)->findOneByConfirmationToken($confirmationToken);
  328.         if (!$invitation) {
  329.             $this->addFlash(
  330.                 'warning'"Invitation not found or expired, please register instead"
  331.             );
  332.             return $this->redirectToRoute('company_registration');
  333.         };
  335.         $user = new User();
  336.         $personal_info = new PersonalInfo();
  337.         
  338.         $form $this->createForm(RegisterUserType::class, $user);
  339.         $form->add('email'EmailType::class,  array(
  340.             'label' => 'E-Mail',
  341.             'disabled' => true,
  342.             'data' => $invitation->getEmail()
  343.         ));
  344.         $form->handleRequest($request);
  346.        if ($form->isSubmitted() && !$form->isValid()) {
  347.             foreach ($form->getErrors(true) as $error) {
  348.                 $this->addFlash(
  349.                     'danger'$error->getMessage()
  350.                 );
  351.             }
  352.         }
  354.         if ($form->isSubmitted() && $form->isValid()) {
  355.             $user->setEmail($invitation->getEmail());
  356.             $user->setCanonicalEmail($invitation->getCanonicalEmail());
  358.             $existingUser $userRepository->findOneByCanonicalEmail($invitation->getEmail());
  359.             if($existingUser){
  360.                 $this->addFlash(
  361.                     'danger''Email already in use, login instead'
  362.                 );
  363.                 return $this->redirectToRoute('login');
  364.             }
  365.             $invitation->setIsActive(true);
  366.             $invitation->setActivatedAt(new \DateTime());
  367.             $invitation->setConfirmationToken(null);
  369.             $password $passwordHasher->hashPassword($user$user->getPlainPassword());
  370.             $user->setPassword($password);
  371.             $user->setEmailValidated(true);
  372.             $user->setIsActive(true);
  373.             $user->setCreatedAt(new \DateTime());
  374.             $user->setOffice($invitation->getOffice());
  375.             $user->setPublicRoles($invitation->getRole());
  377.             $personal_info->setFirstName($form->get('firstName')->getData());
  378.             $personal_info->setMiddleName($form->get('middleName')->getData());
  379.             $personal_info->setLastName($form->get('lastName')->getData());
  380.             
  381.             $user->setPersonalInfo($personal_info);
  383.             $entityManager $this->getDoctrine()->getManager();
  384.             $entityManager->persist($invitation);
  385.             $entityManager->persist($user);
  386.             $entityManager->persist($personal_info);
  387.             $entityManager->flush();
  388.             $entityManager->refresh($user);
  389.             $entityManager->refresh($personal_info);
  391.             $mailgunService->sendEmail($translator->trans('email.registration_success'),
  392.                 [$invitation->getEmail()],
  393.                 'email/user-authentication/user-registered.html.twig',
  394.                 ['user' => $personal_info], false
  395.             );
  397.             $this->addFlash(
  398.                 'success'"You've been registered, please login"
  399.             );
  400.         
  401.             return $this->redirectToRoute('login');
  402.         }
  404.         return $this->render(
  405.             'public/user-authentication/register-user.html.twig',
  406.             ['form' => $form->createView(),
  407.             'user' => $user,
  408.             'invitation' => $invitation]
  409.         );
  410.     }
  412.     // ## User Account Settings ## //
  413.     #[Route(path'/settings/account'name'edit_account')]
  414.     public function editAccount(Request $requestUserPasswordHasherInterface $passwordHasherMailgunService $mailgunServiceUtilsService $utilsServiceUserRepository $userRepositoryLogService $logTranslatorInterface $translator)
  415.     {
  416.         $user $this->getUser();
  417.         
  418.         $form $this->createFormBuilder()
  419.                 ->add('plainPassword'RepeatedType::class, array(
  420.                     'type' => PasswordType::class,
  421.                     'first_options'  => array('label' => 'New password'),
  422.                     'second_options' => array('label' => 'Repeat new password'),
  423.                 ))
  424.                 ->add('submit'SubmitType::class, array('label' => 'form.save'))
  425.                 ->getForm();
  427.         $passwordSet $user->getPassword() ? true false
  428.         
  429.         if($passwordSet){
  430.             $form->add('oldPassword'PasswordType::class, array(
  431.                 'mapped' => false,
  432.                 'label' => 'Old Password'
  433.             ));
  434.             $msg_email $translator->trans('email.password_changed');
  435.             $msg_flash $translator->trans('messages.account.password_changed');
  436.         } else {
  437.             $msg_email $translator->trans('email.password_set');
  438.             $msg_flash $translator->trans('messages.account.password_set');
  439.         }
  441.         $form->handleRequest($request);
  443.         if ($form->isSubmitted() && !$form->isValid()) {
  444.             foreach ($form->getErrors(true) as $error) {
  445.                 $this->addFlash(
  446.                     'danger'$error->getMessage()
  447.                 );
  448.             }
  449.         }
  451.         if ($form->isSubmitted() && $form->isValid()) {
  452.             if($passwordSet && !$passwordHasher->isPasswordValid($user,$form->get('oldPassword')->getData())){
  453.                  $this->addFlash(
  454.                     'danger''Old password didn\'t match!'
  455.                 );
  456.                 return $this->redirect($request->getUri());
  457.             } 
  458.             $plainpassword $form['plainPassword']->getData();
  459.             $password $passwordHasher->hashPassword($user$plainpassword);
  460.             $user->setPassword($password);
  461.            
  462.             $entityManager $this->getDoctrine()->getManager();
  463.             $entityManager->persist($user);
  464.             $entityManager->flush();
  466.             $log->save($user, [
  467.                 'owner' => $user,
  468.                 'message' => 'log.password.update'
  469.                 'old_data' => null
  470.                 'new_data' => null
  471.             ]);
  473.             $mailgunService->sendEmail($msg_email,
  474.                 [$user->getEmail()],
  475.                 'email/user-notification/password-changed.html.twig',
  476.                 ['user' => $user], false
  477.             );
  479.             $this->addFlash('success'$msg_flash);
  481.             return $this->redirect($request->getUri());
  482.         }
  484.         return $this->render(
  485.             'private/settings/account.html.twig',[
  486.                 'form' => $form->createView(),
  487.                 'passwordSet' => $passwordSet
  488.             ]
  489.         );
  490.     }
  491. }