src/UI/WebBundle/Controller/Security/SecurityController.php line 62

Open in your IDE?
  1. <?php
  3. namespace Whater\UI\WebBundle\Controller\Security;
  5. use Whater\UI\WebBundle\Controller\AbstractBusController;
  6. use Whater\Infrastructure\SecurityBundle\Form\Type\LoginType;
  7. use Symfony\Component\HttpFoundation\Request;
  8. use Symfony\Component\Security\Core\Security;
  9. use Symfony\Component\HttpFoundation\RedirectResponse;
  10. use Symfony\Component\Routing\Annotation\Route;
  11. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  12. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  13. use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
  14. use Symfony\Component\Security\Http\SecurityEvents;
  15. use Whater\Application\UseCase\Security\CommandRequest\LoginCommand;
  16. use Whater\Application\UseCase\Security\CommandRequest\ForgotPasswordCommand;
  17. use Whater\Infrastructure\SecurityBundle\Form\Type\ForgotPaswordType;
  18. use Whater\Infrastructure\SecurityBundle\Form\Type\ResetPaswordType;
  19. use Whater\Application\UseCase\Security\CommandRequest\ResetPasswordCommand;
  20. use Whater\Application\UseCase\Security\CommandRequest\SignupCommand;
  21. use Whater\Domain\User\Exception\UserNotFoundException;
  22. use Whater\Domain\User\Exception\ResetTokenExpiredException;
  23. use Whater\Application\UseCase\User\CommandRequest\GetUserByUsernameCommand;
  24. use Whater\Domain\Security\Exception\InvalidUsernameException;
  25. use Whater\Infrastructure\SecurityBundle\Form\Type\SignupType;
  26. use Whater\Infrastructure\SecurityBundle\Security\Model\Auth;
  28. /**
  29. * @Route("")
  30. */
  31. class SecurityController extends AbstractBusController
  32. {
  33. /**
  34. * @Route("/login", name="web_login", defaults={"_format" = "html"})
  35. */
  36. public function loginAction(Request $request)
  37. {
  39. // save redirect_after_login in session
  40. $session = $request->getSession();
  41. $redirectAfterRegister = $request->query->get('redirect_after_login');
  42. if ($redirectAfterRegister) {
  43. $session->set('redirect_after_login', $redirectAfterRegister);
  44. }
  46. // If user is authenticated redirect to user dashboard
  47. if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
  48. return new RedirectResponse($this->router()->generate('web_app_user_dashboard'));
  49. }
  51. $targetPath = $request->get('_target_path');
  52. $form = $this->getFormFactory()->create(LoginType::class, LoginCommand::convertToDTO(), array(
  53. 'action' => $this->router()->generate('web_login_check', array('_target_path' => $targetPath), true),
  54. 'method' => 'POST',
  55. 'csrf_protection' => true
  56. ));
  58. $session = $request->getSession();
  60. if ($request->attributes->has(Security::AUTHENTICATION_ERROR)) {
  61. $error = $request->attributes->get(Security::AUTHENTICATION_ERROR);
  62. } elseif (null !== $session && $session->has(Security::AUTHENTICATION_ERROR)) {
  63. $error = $session->get(Security::AUTHENTICATION_ERROR);
  64. $session->remove(Security::AUTHENTICATION_ERROR);
  65. } else {
  66. $error = null;
  67. }
  68. if (!$error instanceof AuthenticationException) {
  69. $error = null;
  70. }
  72. if (!empty($error)) {
  73. $this->setFlash('error', $this->translator()->trans($error->getMessageKey(), $error->getMessageData(), 'security'));
  74. }
  76. return $this->render('Security/login.html.twig', array('form' => $form->createView()));
  77. }
  79. /**
  80. * @Route("/login_check", name="web_login_check", defaults={"_format" = "html"})
  81. */
  82. public function loginCheckAction(Request $request)
  83. {
  84. throw new \RuntimeException('You must configure the check path to be handled by the firewall using form_login in your security firewall configuration.');
  85. }
  87. /**
  88. * @Route("/logout", name="web_logout", defaults={"_format" = "html"})
  89. */
  90. public function logoutAction()
  91. {
  92. throw new \RuntimeException('You must activate the logout in your security firewall configuration.');
  93. }
  95. /**
  96. * @Route("/forgot_password", name="web_forgot_password", defaults={"_format" = "html"})
  97. */
  98. public function forgotPasswordAction(Request $request)
  99. {
  100. // If user is authenticated redirect to user dashboard
  101. if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
  102. return new RedirectResponse($this->router()->generate('web_init'));
  103. }
  105. $form = $this->getFormFactory()->create(ForgotPaswordType::class, ForgotPasswordCommand::convertToDTO(), array(
  106. 'action' => $this->router()->generate('web_forgot_password', array(), true),
  107. 'method' => 'POST',
  108. 'csrf_protection' => true
  109. ));
  111. if ('POST' === $request->getMethod()) {
  112. $form->handleRequest($request);
  113. $error = '';
  114. if ($form->isSubmitted() && $form->isValid()) {
  115. try {
  116. $this->handle(ForgotPasswordCommand::fromDTO($form->getData()));
  118. $this->setFlash('success', $this->translator()->trans('web.security.forgot_password.success'));
  119. } catch (UserNotFoundException $e) {
  120. $this->setFlash('error', $this->translator()->trans('web.security.forgot_password.user_not_found'));
  121. }
  122. } else {
  123. $this->setFlash('error', $this->translator()->trans('web.security.forgot_password.error'));
  124. }
  125. }
  127. return $this->render(
  128. 'Security/forgot_password.html.twig',
  129. array('form' => $form->createView())
  130. );
  131. }
  133. /**
  134. * @Route("/reset_password/{resetToken}", name="web_reset_password", defaults={"_format" = "html"})
  135. */
  136. public function forgotPasswordLandingAction(Request $request, string $resetToken)
  137. {
  138. // If user is authenticated redirect to user dashboard
  139. if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
  140. return new RedirectResponse($this->router()->generate('web_init'));
  141. }
  143. $form = $this->getFormFactory()->create(ResetPaswordType::class, ResetPasswordCommand::convertToDTO(), array(
  144. 'action' => $this->router()->generate(
  145. 'web_reset_password',
  146. array(
  147. 'resetToken' => $resetToken
  148. ),
  149. true
  150. ),
  151. 'method' => 'POST',
  152. 'csrf_protection' => true,
  153. 'resetToken' => $resetToken
  154. ));
  156. if ('POST' === $request->getMethod()) {
  157. $form->handleRequest($request);
  159. if ($form->isSubmitted() && $form->isValid()) {
  160. try {
  161. $username = $this->handle(ResetPasswordCommand::fromDTO($form->getData()));
  162. $user = $this->handle(new GetUserByUsernameCommand($username));
  164. //Autenticate and go to dashboard
  165. $token = new UsernamePasswordToken(new Auth($user), null, "main", $user->rolesAsArray());
  166. $this->tokenStorage()->setToken($token); //now the user is logged in
  167. $this->session()->set('_security_main', serialize($token));
  168. return new RedirectResponse($this->router()->generate('web_init'));
  169. } catch (ResetTokenExpiredException $e) {
  170. $this->setFlash('error', $this->translator()->trans('web.security.reset_password.invalid_token'));
  171. } catch (UserNotFoundException $e) {
  172. $this->setFlash('error', $this->translator()->trans('web.security.reset_password.user_not_found'));
  173. }
  174. } else {
  175. $this->setFlash('error', $this->translator()->trans('web.security.reset_password.error'));
  176. }
  177. }
  179. return $this->render(
  180. 'Security/reset_password.html.twig',
  181. array('form' => $form->createView())
  182. );
  183. }
  185. /**
  186. * @Route("/signup", name="web_signup", defaults={"_format" = "html"})
  187. */
  188. public function signupUserAction(Request $request)
  189. {
  191. if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
  192. return new RedirectResponse($this->router()->generate('web_init'));
  193. }
  195. $form = $this->getFormFactory()->create(SignupType::class, SignupCommand::convertToDTO(), array(
  196. 'method' => 'POST',
  197. 'csrf_protection' => true
  198. ));
  200. if ('POST' === $request->getMethod()) {
  201. $form->handleRequest($request);
  203. if ($form->isSubmitted() && $form->isValid()) {
  204. try {
  205. $user = $this->handle(SignupCommand::fromDTO($form->getData()));
  206. //Autenticate and go to dashboard
  207. $roles = ['ROLE_USER'];
  208. foreach ($user->roles() as $role) {
  209. $roles[] = $role->roleType();
  210. }
  211. $token = new UsernamePasswordToken(new Auth($user), null, "main", $roles);
  212. $this->tokenStorage()->setToken($token); //now the user is logged in
  213. $this->session()->set('_security_main', serialize($token));
  214. $loginEvent = new InteractiveLoginEvent($request, $token);
  215. $this->eventDispatcher()->dispatch($loginEvent, SecurityEvents::INTERACTIVE_LOGIN);
  217. $this->setFlash('info', $this->translator()->trans('web.security.signup.success'));
  219. $session = $request->getSession();
  220. if ($session->has('redirect_after_login')) {
  221. $redirectUrl = $session->get('redirect_after_login');
  222. $session->remove('redirect_after_login');
  223. // Seguridad: evitar redirecciones externas
  224. if ($redirectUrl && parse_url($redirectUrl, PHP_URL_HOST) === null) {
  225. return new RedirectResponse($redirectUrl);
  226. }
  227. }
  229. return new RedirectResponse($this->router()->generate('web_app_whater_map'));
  230. } catch (InvalidUsernameException $e) {
  231. $this->setFlash('error', $this->translator()->trans('web.security.signup.invalid_username'));
  232. } catch (\Exception $e) {
  233. $this->logger()->error($e->getMessage());
  234. $this->setFlash('error', $this->translator()->trans('web.security.signup.exception'));
  235. }
  236. } else {
  237. $this->setFlash('error', $this->translator()->trans('web.security.signup.error'));
  238. }
  239. }
  240. $referralCode = $request->get('referral_code');
  242. $response = $this->render(
  243. 'Security/signup.html.twig',
  244. array(
  245. 'form' => $form->createView(),
  246. 'referralCode' => $referralCode
  247. )
  248. );
  249. return $response;
  250. }
  251. }