src/Controller/SecurityController.php line 239

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\AppUser;
  6. use App\Form\ActivationTokenAgainType;
  7. use App\Form\ChangePasswordType;
  8. use App\Form\ForgottenPasswordType;
  9. use App\Form\RegistrationType;
  10. use App\Form\ProfileType;
  11. use App\Model\UrlGenerator;
  12. use App\Traits\Uploader;
  13. use App\Validator;
  14. use Doctrine\ORM\EntityManagerInterface;
  15. use Symfony\Component\HttpFoundation\File\Exception\FileException;
  16. use Symfony\Component\HttpFoundation\Request;
  17. use Symfony\Component\HttpFoundation\Response;
  18. use Symfony\Component\Routing\Annotation\Route;
  19. use Symfony\Component\Routing\RouterInterface;
  20. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  21. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  22. use Symfony\Component\String\Slugger\SluggerInterface;
  25. class SecurityController extends DefaultController
  26. {
  27.     use UrlGenerator;
  28.     use Validator;
  29.     use Uploader;
  31.     private $userRepository;
  32.     private $encoder;
  33.     private $mailer;
  34.     private $router;
  35.     private $eventDispatcher;
  36.     private $entityManager;
  38.     public function __construct(EntityManagerInterface $em,UserPasswordEncoderInterface $encoder,\Swift_Mailer $mailer,RouterInterface $router)
  39.     {
  40.        $this->userRepository $em->getRepository(AppUser::class);
  41.        $this->encoder $encoder;
  42.        $this->mailer $mailer;
  43.        $this->router $router;
  44.        $this->entityManager $em;
  45.     }
  48.     /**
  49.      * @Route("/registrace", name="app_registration")
  50.      */
  51.     public function registration(Request $request) :Response
  52.     {
  53.         $user = new AppUser();
  55.         $appParameters $this->loadAppParameters();
  56.         $publicKey $appParameters['Captcha']['public-key'];
  57.         $clientIPAdress $_SERVER['REMOTE_ADDR'] == '::1' '89.24.215.86' $_SERVER['REMOTE_ADDR'];
  59.         $form $this->createForm(RegistrationType::class, $user);
  61.         $form->handleRequest($request);
  62.         if ($form->isSubmitted() && $form->isValid())
  63.         {
  64.             /* get recaptcha */
  65.             $recaptchaResponse $form->get('recaptchaResponse')->getData();
  66.             // $recaptchaResponse2 = $form->get('g-recaptcha-response')->getData();
  67.             $recaptchaSecret $appParameters['Captcha']['secret-key'];
  69.             $post_data http_build_query(
  70.                 array(
  71.                     'secret' => $recaptchaSecret,
  72.                     'response' => $recaptchaResponse,
  73.                     'remoteip' => $clientIPAdress
  74.                 )
  75.             );
  76.             $opts = array('http' =>
  77.                 array(
  78.                     'method'  => 'POST',
  79.                     'header'  => 'Content-type: application/x-www-form-urlencoded',
  80.                     'content' => $post_data
  81.                 )
  82.             );
  83.             $context  stream_context_create($opts);
  84.             $recaptcha file_get_contents('https://www.google.com/recaptcha/api/siteverify'false$context);
  86.             // ziskani recaptcha ranku
  87.             //$recaptcha = file_get_contents('https://www.google.com/recaptcha/api/siteverify'. '?secret=' . $recaptchaSecret . '&response=' . $recaptchaResponse . 'remoteip=' . $clientIPAdress);
  88.             $recaptcha json_decode($recaptcha);
  90.             if ($recaptcha->success == false)
  91.             {
  92.                 print_r($recaptcha);
  93.                 print($clientIPAdress);
  94.                 print_r($recaptchaResponse);
  95.                 // print_r($recaptchaResponse2);
  96.                 die;
  97.                 // $errorMessage = $recaptcha->error-codes;
  98.                 $this->addFlash(
  99.                     'error',
  100.                     'Chyba při ověřování uživatele, reCAPTCHAerror, zkuste prosím registraci později.'
  101.                 );
  103.                 return $this->redirectToRoute('app_login');
  104.             }
  106.             print_r($recaptcha);
  108.             if ($recaptcha->success)
  109.             {
  110.                 $hash $this->encoder->encodePassword($user$user->getPassword());
  111.                 $user->setPassword($hash)
  112.                      ->setRoles(['ROLE_USER']);
  114.                 $this->userRepository->newUser($user);
  116.                 $url $this->getFullUrl($this->router,
  117.                     $this->generateUrl('app_activate', ['token' => $user->getActivationToken()])
  118.                 );
  120.                 $this->sendLinkByEmail('AKTIVACE ÚČTU',
  121.                     $appParameters['Email']['no-reply'],
  122.                     $user->getEmail(),
  123.                     'emails/activate_account.html.twig',
  124.                     $url);
  126.                 $this->addFlash(
  127.                     'success',
  128.                     'Registrace proběhla úspěšně. Na váš email jsem vám zaslali aktivační link.'
  129.                 );
  131.                 return $this->redirectToRoute('app_login');
  132.             }
  133.         }
  135.         return $this->render('security/registration.html.twig',array('form' =>$form->createView(),'publicKeyCaptcha' => $publicKey ) );
  136.     }
  138.     /**
  139.      * @param $token
  140.      * @Route ("/aktivace-uctu={token}", name="app_activate")
  141.      */
  142.     public function activateAccount($token) : Response
  143.     {
  144.         $user $this->userRepository->findOneBy(['activationToken' => $token]);
  146.         if(!$user)
  147.             return $this->redirectToRoute('app_login',['activation' => false]);
  149.         $user
  150.             ->setActive(true)
  151.             ->setActivationToken(null);
  153.         $this->userRepository->update($user);
  155.         $this->addFlash(
  156.             'success',
  157.             'Učet byl úspěšně aktivován'
  158.         );
  160.         return $this->redirectToRoute('app_login');
  161.     }
  163.     /**
  164.      * @return Response
  165.      * @Route ("/poslat-znovu-aktivacni-email", name="app_activate_again")
  166.      */
  167.     public function sendActivationTokenAgain(Request $request)
  168.     {
  169.         $form $this->createForm(ActivationTokenAgainType::class);
  171.         $form->handleRequest($request);
  173.         if ($form->isSubmitted() && $form->isValid())
  174.         {
  175.             $email $form->get('email')->getData();
  177.             $user $this->userRepository
  178.                 ->findOneBy(['email' => $email]);
  180.             if (!$user) {
  181.                 $this->addFlash(
  182.                     'error',
  183.                  'Uživatel s touto emailovou adresou nebyl nazelen.'
  184.                 );
  186.                 return $this->redirectToRoute('app_activate_again');
  187.             }
  189.             if ($user->isActive()) {
  190.                 $this->addFlash(
  191.                     'error',
  192.                     'Učet byl již aktivován !'
  193.                 );
  195.                 return $this->redirectToRoute('app_activate_again');
  196.             }
  198.             $token $this->userRepository
  199.                 ->setNewActivationToken($user);
  201.             if (!$token) {
  202.                 $this->addFlash(
  203.                     'warning',
  204.                     'Autorizační token je možné vygenerovat jednou za půl hodiny.'
  205.                 );
  207.                 return $this->redirectToRoute('app_activate_again');
  208.             }
  211.             $url $this->getFullUrl$this->router,
  212.                 $this->generateUrl('app_activate',['token' => $token])
  213.             );
  215.             $appParameters $this->loadAppParameters();
  217.             $this->sendLinkByEmail('AKTIVACE ÚČTU',
  218.                 $appParameters['Email']['no-reply'],
  219.                 $user->getEmail(),
  220.                 'emails/activate_account.html.twig',
  221.                 $url);
  223.             $this->addFlash(
  224.                 'success',
  225.                      'Váš účet byl úspěšně vytvořen. Na vámi zadanou emailovou adresu jsme vám poslalí aktivační link'
  226.             );
  228.             return $this->redirectToRoute('app_login');
  229.         }
  231.         return $this->render('security/activation_token_again.html.twig',[ 'form' => $form->createView() ]);
  234.     }
  236.     /**
  237.      * @Route("/", name="app_login")
  238.      */
  239.     public function login(AuthenticationUtils $authenticationUtils): Response
  240.     {
  241.         if ($this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
  242.             return $this->redirectToRoute('app_dashboard');
  243.         }
  245.         // get the login error if there is one
  246.         $error $authenticationUtils->getLastAuthenticationError();
  247.         // last username entered by the user
  248.         $lastUsername $authenticationUtils->getLastUsername();
  250.         return $this->render('security/login.html.twig', ['last_username' => $lastUsername'error' => $error]);
  251.     }
  253.     /**
  254.      * @Route("/logout", name="app_logout")
  255.      */
  256.     public function logout()
  257.     {
  258.         throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
  259.     }
  262.     public function sendLinkByEmail($subject,$from,$to,$template,$url)
  263.     {
  264.         $message = (new \Swift_Message($subject))
  265.             ->setFrom($from)
  266.             ->setTo($to)
  267.             ->setBody(
  268.                 $this->renderView(
  269.                     $template,
  270.                     ['url' => $url]
  271.                 ),
  272.                 'text/html'
  273.             )
  274.         ;
  275.         return $this->mailer->send($message);
  276.     }
  279.     /**
  280.      * @Route ("/zadost-zmena-hesla",name="app_forgotten_password")
  281.      */
  282.     public function forgottenPasswordRequest(Request $request)
  283.     {
  284.          $form $this->createForm(ForgottenPasswordType::class);
  286.          $form->handleRequest($request);
  288.          if ($form->isSubmitted() && $form->isValid())
  289.          {
  290.              $email $form->get('email')->getData();
  292.              $user $this->userRepository
  293.                           ->findOneBy(['email' => $email]);
  295.              if (!$user) {
  296.                  $this->addFlash(
  297.                      'error',
  298.                      'Uživatel s touto emailovou adresou nebyl nazelen.'
  299.                  );
  301.                  return  $this->redirectToRoute('app_forgotten_password');
  302.              }
  304.              $token $this->userRepository
  305.                            ->setNewForgottenToken($user);
  307.              if ($token == false) {
  309.                  $this->addFlash(
  310.                      'warning',
  311.                      'O změnu hesla je možne požádat každých 30 minut'
  312.                  );
  314.                  return  $this->redirectToRoute('app_forgotten_password');
  315.              }
  317.              $url $this->getFullUrl$this->router,
  318.                  $this->generateUrl('app_change_password',['token' => $token])
  319.              );
  321.              $appParameters $this->loadAppParameters();
  323.              $emailStatus $this->sendLinkByEmail('ZMĚNA HESLA',
  324.                                             $appParameters['Email']['no-reply'],
  325.                                             $user->getEmail(),
  326.                                    'emails/forgotten_password.html.twig',
  327.                                            $url
  328.                                    );
  329.             if ($emailStatus == 0)
  330.             {
  331.                 $this->addFlash(
  332.                     'warning',
  333.                     'Chyba při odesílání emailu'
  334.                 );  
  335.             }
  336.             elseif ($emailStatus 0)
  337.             {
  338.                 $this->addFlash(
  339.                     'success',
  340.                     'Email ke změně hesla byl úspěšně odeslán. Zkontrolujte si emailovou schránku'
  341.                 );
  342.             }
  343.             else
  344.             {
  345.                 $this->addFlash(
  346.                     'warning',
  347.                     'Neznámý chybový stav (email)'
  348.                 ); 
  349.             }
  350.              return $this->redirectToRoute('app_login');
  352.          }
  354.          return $this->render('security/forgotten_password.html.twig',['form' => $form->createView()]);
  355.     }
  358.     /**
  359.      * @Route ("/zmena-hesla={token}",name="app_change_password")
  360.      */
  361.     public function changePassword($tokenRequest $request)
  362.     {
  363.         $user $this->userRepository
  364.                      ->findOneBy(['lostPasswordToken' => $token]);
  366.         if (!$user) {
  367.             $this->addFlash(
  368.                 'error',
  369.              'Autorizační token není možné najít'
  370.             );
  372.             return $this->redirectToRoute('app_login');
  373.         }
  375.         $form $this->createForm(ChangePasswordType::class,$user);
  377.         $form->handleRequest($request);
  378.         if ($form->isSubmitted() && $form->isValid())
  379.         {
  381.             $password $form->get('password')->getData();
  383.             $hash $this->encoder->encodePassword($user$password);
  385.             $user->setPassword($hash);
  388.             $this->userRepository->update($user);
  390.             $this->addFlash(
  391.                 'success',
  392.                 'Vaše heslo bylo uspěšně změněno. Můžete se přihlásit'
  393.             );
  395.             return $this->redirectToRoute('app_login');
  396.         }
  398.         return $this->render('security/forgotten_password_change.html.twig',['form' => $form->createView()]);
  399.     }
  401.     /**
  402.      * @Route("/profil", name="app_editProfile")
  403.      */
  404.     public function editProfile(Request $request,SluggerInterface $slugger)
  405.     {
  406.         $profile $this->userRepository->find($this->getUser()->getId());
  408.         $signExists is_null($profile->getSign()) ? true false;
  411.         if (is_null($profile)) {
  412.             $this->addFlash(
  413.                 'error',
  414.                 'Tohoto uživatele není možné najít'
  415.             );
  417.             return $this->redirectToRoute('app_registration');
  418.         }
  420.         $form $this->createForm(ProfileType::class,$profile,['signNotExist' => $signExists]);
  422.         $form->handleRequest($request);
  423.         if ($form->isSubmitted() && $form->isValid()) {
  425.             $signatureFile $form->get('signatureFile')->getData();
  427.             if (!empty($signatureFile)) {
  428.                 $fileInfo getimagesize($signatureFile);
  429.                 $signValid $this->imageValidate($fileInfo,array('width' =>300,'height' =>100 ));
  431.                 if ($signValid['valid'] == false)
  432.                 {
  433.                     $this->addFlash(
  434.                         'error',
  435.                              $signValid['message']
  436.                     );
  438.                     return $this->redirectToRoute('app_editProfile');
  439.                 }
  441.                 // smaze se puvodni soubor s podpisem
  442.                 $oldSign $profile->getSign();
  444.                 if ($oldSign) {
  445.                     $this->remove($this->getParameter('dir_signatures') . '/' $oldSign);
  446.                 }
  448.                 $originalFilename pathinfo($signatureFile->getClientOriginalName(), PATHINFO_FILENAME);
  449.                 $safeFilename $slugger->slug($originalFilename);
  450.                 $newFilename $safeFilename.'-'.uniqid().'.'.$signatureFile->guessExtension();
  452.                 try {
  453.                     $signatureFile->move(
  454.                         $this->getParameter('dir_signatures'),
  455.                         $newFilename
  456.                     );
  458.                     $profile->setSign($newFilename);
  460.                 } catch (FileException $e) {
  461.                     // ... handle exception if something happens during file upload
  462.                 }
  464.             }
  466.             $password $form->get('password')->getData();
  467.             if (!empty($password)) {
  468.                 $hash $this->encoder->encodePassword($profile$password);
  469.                 $profile->setPassword($hash);
  470.             }
  473.             $this->userRepository->update($profile);
  475.             $this->addFlash('success','Profil aktualizován');
  477.             return $this->redirectToRoute('app_editProfile');
  478.         }
  480.         return $this->render('security/profile.html.twig',['form' => $form->createView()]);
  481.     }
  483. }