src/Controller/SecurityController.php line 100

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\ResetPassword;
  6. use App\Entity\Users;
  7. use App\Entity\UserAdditionalDetails;
  8. use App\Entity\ProfileClassification;
  9. use App\Entity\UsersCategories;
  10. use App\Entity\VehicleClients;
  11. use App\Form\ResetPasswordType;
  12. use App\Form\UserRegistrationType;
  13. use Gregwar\Captcha\CaptchaBuilder;
  14. use Gregwar\Captcha\PhraseBuilder;
  15. use Psr\Log\LoggerInterface;
  16. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
  17. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
  18. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  19. use Symfony\Component\HttpFoundation\Response;
  20. use Symfony\Component\HttpFoundation\JsonResponse;
  21. use Symfony\Component\HttpFoundation\Request;
  22. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  23. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  24. use Unirest;
  25. use Symfony\Component\Form\FormError;
  26. use App\Service\SMSHelper;
  27. use Symfony\Component\Security\Core\Security;
  28. use Symfony\Contracts\Translation\TranslatorInterface;
  30. /**
  31.  * Class SecurityController
  32.  * @package App\Controller
  33.  */
  34. class SecurityController extends AbstractController
  35. {
  37.     /**
  38.      * @param Request $request
  39.      * @param AuthenticationUtils $authenticationUtils
  40.      *
  41.      * @Route("/login", name="login")
  42.      *
  43.      * @return \Symfony\Component\HttpFoundation\Response
  44.      */
  45.     public function loginAction(Security $securityAuthenticationUtils $authenticationUtils): Response
  46.     {
  47.         // redirect to profile if user logged 
  48.         if($security->getUser()){
  49.             return $this->redirectToRoute('my_profile');
  50.         }
  51.         $error        $authenticationUtils->getLastAuthenticationError();
  52.         $lastUsername $authenticationUtils->getLastUsername();
  54.         return $this->render('security/login.html.twig', array(
  55.             'last_username' => $lastUsername,
  56.             'error'         => $error
  57.         ));
  58.     }
  60.     /**
  61.      * @Route("/logout", name="logout")
  62.      *
  63.      * @throws \Exception
  64.      */
  65.     public function logoutAction()
  66.     {
  67.         throw new \Exception('This should never be reached!');
  68.     }
  70.     /**
  71.      * @param Request $request
  72.      * @param UserPasswordEncoderInterface $passwordEncoder
  73.      *
  74.      * @Route("/reg/getCaptcha", name="get_captcha_ajax")
  75.      * @Method("POST")
  76.      *
  77.      * @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
  78.      * @throws Unirest\Exception
  79.      */
  80.     public function regenerateCaptchaAjaxAction(Request $request)
  81.     {
  82.         if ($request->isXMLHttpRequest()) {
  83.             $session   $request->getSession();
  84.             $builder $this->createCaptcha($session);
  85.             return new JsonResponse(['builder' => $builder->inline()]);
  86.         }
  87.     }
  89.     /**
  90.      * @param Request $request
  91.      * @param UserPasswordEncoderInterface $passwordEncoder
  92.      *
  93.      * @Route("/register", name="user_registration")
  94.      * @Route("/reg", name="user_reg")
  95.      * @Method({"GET","POST"})
  96.      *
  97.      * @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
  98.      * @throws Unirest\Exception
  99.      */
  100.     public function registerAction(Request $requestUserPasswordEncoderInterface $passwordEncoderLoggerInterface $loggerTranslatorInterface $translator)
  101.     {
  102.         // redirect to profile if user logged
  103.         if($this->getUser()){
  104.             return $this->redirectToRoute('my_profile');
  105.         }
  106.         $session   $request->getSession();
  107.         $locale    $request->getLocale();
  108.         $errorCaptcha false;
  110.         // 1) build the form
  111.         $user = new Users();
  112.         $form $this->createForm(UserRegistrationType::class, $user, ['locale' => $locale]);
  114.         // 2) handle the submit (will only happen on POST)
  115.         $form->handleRequest($request);
  117.         if ($form->isSubmitted() && $form->isValid()) {
  119.             // refresh CSRF token (form_intention)
  120.             $this->get("security.csrf.token_manager")->refreshToken("form_intention");
  122.             $postedData  $request->request->all();
  123.             $code        $postedData['sms_code'];
  124.             $userCaptcha $postedData['userCaptcha'];
  125.             if ($userCaptcha == $session->get('captchaPhrase')) {
  126.                 if ($code == $session->get('verificationCode')) {
  127.                     $password     rand(10019998);
  128.                     $mobileNumber $user->getMobileNumber();
  129.                     preg_match('/^(?:0|966)*(5[0-9]{8})$/'$mobileNumber$mobNumChunks);
  130.                     $user->setMobileNumber($mobNumChunks[1]); //remove leading zero or KSA country code if any exists
  131.                     $username $user->getUserIdentityInfo()->getIdentificationNumber();
  133.                     // 3) Encode the password (you could also do this via Doctrine listener)
  134.                     $hashedPassword $passwordEncoder->encodePassword($user$password);
  135.                     $user->setPassword($hashedPassword);
  137.                     // 4) save the User!
  138.                     $em       $this->getDoctrine()->getManager();
  139.                     $category $em->getRepository(UsersCategories::class)->find(1);
  141.                     $userIdentityInfo $user->getUserIdentityInfo();
  142.                     $user->setUserIdentityInfo(null);
  143.                     $user->setCategory($category);
  144.                     $user->setIsReceiveSms(true); //the self-registered users by default accept to receive our SMS
  145.                     $user->setUsername($userIdentityInfo->getIdentificationNumber());
  146.                     $user->setProfileOrigin("self registered");
  147.                     $em->persist($user);
  148.                     //if image uploading is required, so this is the place where to add upload code
  149.                     $em->flush($user);
  151.                     // saving user identity info
  152.                     $user->setUserIdentityInfo($userIdentityInfo);
  153.                     $userIdentityInfo->setUser($user);
  155.                     $userAdditionalDetails = new UserAdditionalDetails();
  156.                     $registeredClassification $em->getRepository(ProfileClassification::class)->findBy(['nameEn'=> 'Registered']);
  157.                     $userAdditionalDetails->setClassification($registeredClassification[0]);
  158.                     $userAdditionalDetails->setUser($user);
  159.                     $user->setUserAdditionalDetails($userAdditionalDetails);
  160.                     $em->persist($userAdditionalDetails);
  161.                     $em->flush($userAdditionalDetails);
  163.                     // Create vehicle client account
  164.                     $vehicleClient = new VehicleClients();
  165.                     $vehicleClient->setUser($user);
  166.                     $vehicleClient->setClientId($user->getUserId());
  167.                     $vehicleClient->setIsActive(1);
  169.                     $em->persist($vehicleClient);
  170.                     $em->persist($userIdentityInfo);
  171.                     $em->flush();
  172.                     
  173.                     $message $translator->trans('your login info ID and password are',
  174.                             ['%{username}'=> $username'%{password}'=> $password'%{newline}'=> "\n"], 'clients');
  176.                     if ($this->sendSMSToUser($message$mobileNumber'randum generated password'$logger)) {
  177.                         return $this->redirectToRoute('user_thanking');
  178.                     } else {
  179.                         // password did not sent to customer
  180.                         $session->getFlashBag()->add('info',
  181.                             $translator->trans('no password sent', array(), 'clients')
  182.                         );
  183.                         $logger->info('Register Action: no password sent to mobile num: '$user->getMobileNumber());
  184.                         return $this->redirectToRoute('login');
  185.                     }
  186.                 } else {
  187.                     // activation code is wrong
  188.                     $errorMessage $translator->trans('you have entered a wrong verification code please enter the correct one', array(''), 'validators');
  189.                     $form->addError(new FormError($errorMessage)); //this is how to add an error to Symfony form
  190.                     $logger->info('Register Action: you have entered a wrong verification code please enter the correct one, mobile num is '$user->getMobileNumber());
  191.                 }
  192.             } else {
  193.                 // captcha code is wrong
  194.                 $errorMessage $translator->trans('captcha code is wrong', array(''), 'validators');
  195.                 $form->addError(new FormError($errorMessage)); //this is how to add an error to Symfony form
  196.                 $logger->info('Register Action: you have entered a wrong captcha code, mobile num is '$user->getMobileNumber());
  197.                 $errorCaptcha $translator->trans('captcha code is wrong', array(''), 'validators');
  198.             }
  199.         }
  200.         $builder $this->createCaptcha($session);
  202.         return $this->render('security/register.html.twig', array(
  203.             'form'      => $form->createView(),
  204.             'locale'    => $locale,
  205.             'builder'   => $builder,
  206.             'errorCaptcha'   => $errorCaptcha,
  208.         ));
  209.     }
  211.     /**
  212.      * @param Request $request
  213.      *
  214.      * @Route("forgotPassword", name="forgot_password")
  215.      * @Route("/getCaptchaForgot", name="get_captcha_forgot_ajax")
  216.      * @Method({"GET", "POST"})
  217.      *
  218.      * @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
  219.      * @throws Unirest\Exception
  220.      */
  221.     public function forgotPasswordAction(Request $requestLoggerInterface $loggerTranslatorInterface $translator)
  222.     {
  223.         $session $request->getSession();
  225.         //for ajax request
  226.         if ($request->isXMLHttpRequest()) {
  227.             $builder      $this->createCaptcha($session);
  228.             return new JsonResponse(['builder' => $builder->inline()]);
  229.         }
  230.         if ($request->isMethod('post')) {
  231.             //if post, validate then send verification code
  232.             $postedData   $request->request->all();
  233.             $userCaptcha  $postedData['userCaptcha'];
  234.             $mobileNumber $postedData['mobileNumber'];
  236.             // if the mobile number starts 0 , remove it
  237.              if(substr($mobileNumber,0,1) == 0){
  238.                 $mobileNumber =  substr($mobileNumber,1);
  239.             }
  241.             if ($userCaptcha == $session->get('captchaPhrase')) {
  242.                 $em   $this->getDoctrine()->getManager();
  243.                 $user $em->getRepository(Users::class)->findOneBy(['mobileNumber' => $mobileNumber]);
  244.                 if ($user) {
  245.                     $code rand(101998);
  246.                     $session->set('activationCode'$code);
  247.                     
  248.                     $message $translator->trans('to reset your password enter this code', array(), 'clients') . ': '$code.
  249.                         "\n" $translator->trans('your ID is', [], 'clients') . ': ' $user->getUsername();
  250.                     if ($this->sendSMSToUser($message$mobileNumber'forgot password code'$logger)) {
  251.                         $session->set('mobileNumber'$mobileNumber);
  252.                         return $this->redirectToRoute('reset_password');
  253.                     } else {
  254.                         // code did not sent to customer
  255.                         $session->getFlashBag()->add('info',
  256.                             $translator->trans('no code sent', array(), 'clients')
  257.                         );
  258.                         return $this->redirectToRoute('forgot_password');
  259.                     }
  260.                 } else {
  261.                     // no user registered with this mobile number
  262.                     $errorCode $translator->trans('no user registered by this mobile number', array(''), 'validators');
  263.                     $builder   $this->createCaptcha($session);
  264.                 }
  265.             } else {
  266.                 // captcha code is wrong
  267.                 $errorCode $translator->trans('you have enterd a wrong captcha code', array(''), 'validators');
  268.                 $builder   $this->createCaptcha($session);
  269.             }
  270.         } else {
  271.             $builder      $this->createCaptcha($session);
  272.             $errorCode    null;
  273.             $mobileNumber '';
  276.         }
  278.         return $this->render('security/forgot_password.html.twig'compact('builder''errorCode''mobileNumber'));
  279.     }
  281.     /**
  282.      * @param Request $request
  283.      * @param UserPasswordEncoderInterface $passwordEncoder
  284.      * @param $mobileNumber
  285.      *
  286.      * @Route("/resetPassword", name="reset_password")
  287.      * @Method({"GET", "POST"})
  288.      *
  289.      * @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
  290.      */
  291.     public function resetPasswordAction(Request $requestUserPasswordEncoderInterface $passwordEncoderTranslatorInterface $translator)
  292.     {
  293.         $session       $request->getSession();
  294.         $resetPassword = new ResetPassword();
  295.         $errorCode     '';
  296.         $mobileNumber$session->get('mobileNumber');
  298.         $form $this->createForm(ResetPasswordType::class, $resetPassword, ['capital' => false]);
  299.         $form->handleRequest($request);
  301.         if ($form->isSubmitted() && $form->isValid()) {
  302.             $em   $this->getDoctrine()->getManager();
  303.             $user $em->getRepository(Users::class)->findOneBy(['mobileNumber' => $mobileNumber]);
  305.             if ($user) {
  306.                 $code $resetPassword->getSmsCode();
  308.                 if ($code == $session->get('activationCode')) {
  309.                     $newPassword    $resetPassword->getNewPassword();
  310.                     //$user           = $this->getUser();
  311.                     $hashedPassword $passwordEncoder->encodePassword($user$newPassword);
  312.                     $user->setPassword($hashedPassword);
  313.                     $em->flush($user);
  314.                     $session->getFlashBag()->add('success',
  315.                         $translator->trans('password changed successfully', array(), 'clients')
  316.                     );
  317.                     return $this->redirectToRoute('login');
  318.                 } else {
  319.                     // activation code is wrong
  320.                     $errorCode $translator->trans('you have entered a wrong activation code please enter the correct one', array(''), 'validators');
  321.                 }
  322.             } else {
  323.                 // no user registered by his mobile number
  324.                 $errorCode $translator->trans('no user registered by this mobile number', array(''), 'validators');
  325.                 $builder   $this->createCaptcha($session);
  326.             }
  327.         }
  329.         return $this->render('security/reset_password.html.twig', array(
  330.             'form'      => $form->createView(),
  331.             'errorCode' => $errorCode
  332.         ));
  333.     }
  335.     /**
  336.      * @param $passwordOrCode
  337.      * @param $mobileNumber
  338.      * @param $smsType
  339.      * @param null $username
  340.      *
  341.      * @return bool
  342.      * @throws Unirest\Exception
  343.      */
  344.     private function sendSMSToUser($message$mobileNumber$smsTypeLoggerInterface $logger)
  345.     {
  346.         if ( !preg_match('/^(?:0|966)*(5[0-9]{8})$/'$mobileNumber$mobNumChunks) ) {
  347.             $logger->info"Unable to send $smsType SMS due to wrong mobile num :"$mobileNumber);
  348.             return false;
  349.         }
  351.         $mobileNumber '966'$mobNumChunks[1]; //add KSA country code
  352.         //send the code into an SMS
  353.         $smsHelper =   new  SMSHelper();
  354.         $sendStatus$smsHelper->sendSms$message $mobileNumber);
  356.         $logger->info(\Doctrine\Common\Util\Debug::dump($smsHelper->getRawResponse(), 2truefalse));
  358.         switch ($sendStatus){
  359.             case $smsHelper::STATUS['sms_seems_sent'];
  360.                 $logger->info"sending $smsType SMS to mobile num :"$mobileNumber" sent!");
  361.                 return true;
  362.                 break;
  363.             case $smsHelper::STATUS['sms_send_failed'];
  364.             case $smsHelper::STATUS['request_failed'];
  365.                 $logger->info"Failed sending $smsType SMS to mobile num :"$mobileNumber" due to this exception: "$smsHelper->getException());
  366.                 return false;
  367.                 break;
  368.         }
  369.             
  370.     }
  372.     /**
  373.      * @return CaptchaBuilder
  374.      */
  375.     private function createCaptcha($session)
  376.     {
  377.         // Will build phrases of 4 characters, only digits
  378.         $phraseBuilder = new PhraseBuilder(4'0123456789');
  379.         $builder       = new CaptchaBuilder(null$phraseBuilder);
  380.         $builder->build(11550);
  381.         $session->set('captchaPhrase'$builder->getPhrase());
  383.         return $builder;
  384.     }
  385. }