src/Controller/LoginController.php line 112
<?php
namespace App\Controller;
use App\Classes\ASAuthUtility;
use App\Classes\ASUtility;
use App\Classes\ConfigurationUtility;
use App\Classes\WorkersUtility;
use App\Entity\Configurations;
use App\Entity\Users;
use App\Entity\Workers;
use App\Service\ASRedis;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
class LoginController extends AbstractController
{
private $entityManager;
private $workersUtility;
private $baseUrl;
private $encoder;
private $asUtility;
private $asRedis;
public function __construct(
EntityManagerInterface $entityManager,
WorkersUtility $workersUtility,
UserPasswordHasherInterface $encoder,
ASUtility $asUtility,
ASRedis $asRedis
) {
$this->entityManager = $entityManager;
$this->workersUtility = $workersUtility;
$this->baseUrl = ConfigurationUtility::getBaseUrl();
$this->encoder = $encoder;
$this->asRedis = $asRedis;
$this->asUtility = $asUtility;
}
#[Route(path: '/login', name: 'app_login')]
public function login(AuthenticationUtils $authenticationUtils, Request $request): Response
{
$conferenceId = $request->query->getInt('conferenceId');
$schoolId = $request->query->getInt('schoolId');
$G5MID = $request->query->get('G5MID');
$aglId = $request->query->get('agl_id');
if ($conferenceId !== null && $schoolId !== null && $G5MID !== null) {
if ($this->getUser()) {
$this->container->get('security.token_storage')->setToken(null);
}
$objASAuthUtility = new ASAuthUtility(
$this->asUtility,
$this->asRedis,
$conferenceId,
$schoolId,
$G5MID,
$aglId
);
$aUserInfo = $objASAuthUtility->getASUserInfoByG5MID($G5MID);
if ($aUserInfo) {
$this->asRedis->redis->user($G5MID, $objASAuthUtility->userId);
$objASAuthUtility->storeASUserInfoToRedis($aUserInfo);
return $this->redirectToRoute('assignment_index');
} else {
$this->asRedis->deleteASUserRedis();
return $this->json("You must login first before accessing this page...");
}
} elseif ($this->asRedis->isValidASUserRedis($this->asRedis->validateASUserRedis()) === true) {
//todo.. if redis still valid....
return $this->redirectToRoute('assignment_index');
} elseif ($this->getUser()) {
$this->asRedis->redis->user('', $this->getUser()->getId());
$this->asRedis->deleteASUserRedis();
return $this->redirectToRoute('personal_info_index');
} else {
$showBecomeAnEventWorker = $this->entityManager->getRepository(Configurations::class)
->findByCode(Configurations::CONF_SHOW_BECOME_AN_EVENT_WORKER);
// get the login error if there is one
$error = $authenticationUtils->getLastAuthenticationError();
// last username entered by the user
$lastUsername = $authenticationUtils->getLastUsername();
return $this->render(
'login/login.html.twig',
[
'isShowBecomeAnEventWorker' => $showBecomeAnEventWorker,
'last_username' => $lastUsername,
'error' => $error
]
);
}
}
#[Route(path: '/reset', name: 'app_pass_reset')]
public function passwordReset()
{
return $this->render('login/reset.html.twig', ['email_sent' => '', 'error' => '']);
}
/**
* @param Request $request
* @return Response
*/
#[Route(path: '/spre', name: 'app_send_pass_reset_email')]
public function sendPasswordResetEmail(Request $request)
{
$objEntityManager = $this->entityManager;
$email = $request->query->get('email');
$objUser = $this->entityManager->getRepository(Users::class)->findOneBy(['username' => $email]);
$email_sent = '';
$status = true;
$rschoolLogo = ConfigurationUtility::getRSchoolLogo();
// Send email contains password reset form link
if ($objUser) {
$objWorker = $this->entityManager->getRepository(Workers::class)
->findOneBy(['user_id' => $objUser->getId()]);
$hash = hash('ripemd160', $email) . '_' . $objUser->getId();
$message = '';
$details = [
'email_subject' => 'Password Reset Verification',
'email_to' => $email,
'savable' => true,
];
$body = $this->renderView(
'login/email/email_reset_password_link.html.twig',
[
'admin' => 'Event Worker Admin',
'worker_email' => $email,
'worker_name' => $objWorker->getFirstName() . ' ' . $objWorker->getLastName(),
'link' => $this->baseUrl . '/pr-' . $hash,
'logo' => $rschoolLogo
]
);
$response = $this->workersUtility->email($details, $body);
if ($response) {
$minutes_to_add = 15;
$pwResetExpiration = (new \DateTime())->add(new \DateInterval('PT' . $minutes_to_add . 'M'));
$objUser->setPwResetExpiration($pwResetExpiration);
$objUser->setIsRequestNewPassword(1);
$objEntityManager->persist($objUser);
$objEntityManager->flush();
$email_sent = true;
}
} else {
$message = 'Invalid email address.';
$status = false;
}
return $this->json(['email_sent' => $email_sent, 'message' => $message, 'status' => $status]);
}
/**
* @param Request $request
* @return Response
*/
#[Route(path: '/pr-{slug}', name: 'app_pass_reset_link')]
public function passwordResetLink(Request $request)
{
$slug = $request->attributes->get('slug');
$user_id = substr($slug, strpos($slug, "_") + 1);
$objWorker = $this->entityManager->getRepository(Users::class)->findOneBy(['id' => $user_id]);
$current_date = new \DateTime();
$error = '';
if ($objWorker->getIsRequestNewPassword()) {
if (!($objWorker->getPwResetExpiration() >= $current_date)) {
$error = 'The specified link is invalid. The reset links can
be used only once and only within some hours after being sent.
Either the link is old or it was already used before.';
}
} else {
$error = 'The specified link is invalid.
The reset links can be used only once and only within some hours after being sent.
Either the link is old or it was already used before.';
}
return $this->render(
'login/password_reset_form.html.twig',
['user_id' => $user_id, 'error' => $error]
);
}
/**
* @Route("/save", name="app_save_new_password")
* @param Request $request
* @return Response
*/
#[Route(path: '/save', name: 'app_save_new_password')]
public function saveNewPassword(Request $request)
{
$user_id = $request->request->get('user_id');
$new_pass = $request->request->get('new_password');
$objEntityManager = $this->entityManager;
if ($user_id) {
$objUser = $this->entityManager->getRepository(Users::class)->findOneBy(['id' => $user_id]);
$objUser->setPassword($this->encoder->hashPassword(new Users(), $new_pass));
$objUser->setIsRequestNewPassword(0);
$objEntityManager->persist($objUser);
$objEntityManager->flush();
}
return $this->render('login/password_reset_form.html.twig', ['user_id' => $user_id, 'success' => true]);
}
#[Route(path: '/logout', name: 'app_logout')]
public function logout(Request $request): void
{
$this->asRedis->deleteASUserRedis();
$this->asRedis->redis->delete('has_access_payment');
$this->asRedis->redis->delete('utility');
$this->asRedis->redis->delete('on_auth_worker_password');
}
}