src/Controller/SecurityController.php line 46

Open in your IDE?
  1. <?php
  2. /**
  3.  * Eventfix - SecurityController.php
  4.  * --------------------------------------------------------------------------
  5.  * Created by: mhs
  6.  * Created on: 12.10.2020
  7.  * --------------------------------------------------------------------------
  8.  * Copyright (c) 2020 | Michael Hack Software e.K. | www.mh-s.de
  9.  */
  11. namespace App\Controller;
  13. use App\Base\Controller;
  14. use App\Entity\Token;
  15. use App\Entity\User;
  16. use App\Form;
  17. use App\Service\Messaging;
  18. use App\Service\UserManager;
  19. use Symfony\Component\HttpFoundation\Request;
  20. use Symfony\Component\HttpFoundation\Response;
  21. use Symfony\Component\Routing\Annotation\Route;
  22. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  24. /**
  25.  * An-/Abmeldung
  26.  * @Route("/", name="security.")
  27.  */
  28. class SecurityController extends Controller {
  30.     private Messaging   $messaging;
  31.     private UserManager $user_manager;
  33.     public function __construct(Messaging $messagingUserManager $user_manager) {
  34.         $this->messaging    $messaging;
  35.         $this->user_manager $user_manager;
  36.     }
  38.     /**
  39.      * Login
  40.      * @Route("/", name="login")
  41.      *
  42.      * @param AuthenticationUtils $authenticationUtils
  43.      *
  44.      * @return Response
  45.      */
  46.     public function login(AuthenticationUtils $authenticationUtils) {
  48.         $error    $authenticationUtils->getLastAuthenticationError();
  49.         $username $authenticationUtils->getLastUsername();
  51.         if ($this->user()) {
  52.             return $this->redirectToRoute("backend.main.dashboard");
  53.         }
  55.         return $this->renderTemplate('backend/security/login.html.twig'compact('error''username'));
  57.     }
  59.     /**
  60.      * Gesperrtes Benutzerkonto
  61.      * @Route("/locked", name="locked")
  62.      *
  63.      * @return Response
  64.      */
  65.     public function locked() {
  66.         return $this->renderTemplate('backend/security/locked.html.twig');
  67.     }
  69.     /**
  70.      * Logout
  71.      * @Route("/logout", name="logout")
  72.      *
  73.      * @return \Symfony\Component\HttpFoundation\RedirectResponse
  74.      */
  75.     public function logout() {
  77.         return $this->redirectToRoute("security.login");
  79.     }
  81.     /**
  82.      * Passwort vergessen
  83.      * @Route("/passwort/vergessen", name="password_forgotten")
  84.      *
  85.      * @param Request $request
  86.      *
  87.      * @return Response
  88.      */
  89.     public function password_forgotten(Request $request) {
  91.         $form $this->createForm(Form\PasswordForgotten::class, []);
  92.         $form->handleRequest($request);
  94.         // Formular verarbeiten
  95.         if ($form->isSubmitted() && $form->isValid()) {
  97.             $values $form->getData();
  99.             // E-Mail prüfen
  100.             if (!filter_var($values['mail'], FILTER_VALIDATE_EMAIL)) {
  101.                 $this->addFlash('warning''Fehlerhafte E-Mail Adresse');
  102.             } else {
  104.                 // Benutzer suchen und Passwort zusenden
  105.                 if ($user $this->db()->Users()->byMail($values['mail'])->get()) {
  106.                     $this->user_manager->resetPasswort($user);
  107.                 }
  109.                 $this->addFlash('confirmation''Wenn uns die E-Mail Adresse bekannt ist, erhalten Sie in den nächsten Minuten ein neues Passwort.');
  111.             }
  113.         }
  115.         return $this->renderTemplate('backend/security/password_forgotten.html.twig', ['form' => $form->createView()]);
  117.     }
  119.     /**
  120.      * Passwort wiederherstellen
  121.      * @Route("passwort/reset/{token}", name="password_reset")
  122.      *
  123.      * @param Request $request
  124.      * @param string  $token
  125.      *
  126.      * @return Response
  127.      */
  128.     public function password_reset(Request $requeststring $token) : Response {
  130.         // Token ermitteln
  131.         if (!$reset $this->db()->Tokens()->search(Token::TYPE_PASSWORD$token)) {
  132.             return $this->showError(404);
  133.         }
  135.         // Benutzer prüfen
  136.         $user $reset->getUser();
  138.         if (!$user || $user->getState() != User::STATE_ACTIVE) {
  139.             return $this->showError(403);
  140.         }
  142.         // Formular erstellen
  143.         $form $this->createForm(Form\PasswordReset::class, []);
  144.         $form->handleRequest($request);
  146.         // Formular verarbeiten
  147.         if ($form->isSubmitted() && $form->isValid()) {
  149.             $values $form->getData();
  151.             // Passwort prüfen
  152.             if ($this->user_manager->checkPassword($values['pwd_1'], $values['pwd_2'])) {
  154.                 // Passwort übernehmen
  155.                 $user->setPassword($values['pwd_1']);
  156.                 $user->removeToken($reset);
  157.                 $this->db()->flush();
  159.                 $this->addFlash('success''Das Passwort wurde erfolgreich geändert. Du kannst Dich jetzt anmelden.');
  161.                 // Loginseite
  162.                 return $this->redirectToRoute('security.login');
  164.             } else {
  165.                 $this->addFlash('danger''Dein Passwort konnte nicht geändert werden. Bitte beachte die Sicherheitsrichtlinien (min. 8 Zeichen).');
  166.             }
  168.         }
  170.         return $this->renderTemplate('backend/security/password_reset.html.twig', ['form' => $form->createView()]);
  172.     }
  174. }