src/AdminBundle/Controller/AuthController.php line 20

Open in your IDE?
  1. <?php
  2. namespace AdminBundle\Controller;
  4. use AdminBundle\Controller\BaseController;
  5. use AdminBundle\Entity\Settings;
  6. use AdminBundle\Entity\User;
  7. use AdminBundle\Form\AuthType;
  8. use AdminBundle\Helpers\MandrillManager;
  9. use Symfony\Component\HttpFoundation\RedirectResponse;
  10. use Symfony\Component\HttpFoundation\Request;
  11. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  12. use Symfony\Component\Security\Core\Exception\AccountStatusException;
  13. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  16. class AuthController extends BaseController {
  18. public function resetRequestAction(Request $request) {
  19. $default = true;
  20. $flash = $this->get('session')->getFlashBag();
  21. $form = $this->createForm(
  22. AuthType::class
  23. );
  24. $form->handleRequest($request);
  25. if ($form->isSubmitted() && $form->isValid()) {
  26. $email = $form->get('email')->getData();
  27. $userManager = $this->get('sonata.user.user_manager');
  28. $user = $userManager->findUserByUsernameOrEmail($email);
  29. if (null === $user) {
  30. $default = false;
  31. $flash->add(
  32. 'danger',
  33. 'The provided email address "<b>'. $email. '</b>" does not belong to any existing users.'
  34. );
  35. } else {
  36. $ttl = $this->getParameter('fos_user.resetting.retry_ttl');
  37. if (!$user->isPasswordRequestNonExpired($ttl)) {
  38. $tokenGenerator = $this->get('fos_user.util.token_generator');
  39. $user->setConfirmationToken(
  40. $tokenGenerator->generateToken()
  41. );
  42. $user->setPasswordRequestedAt(new \DateTime());
  43. $userManager->save($user);
  44. $this->sendResettingEmail($user);
  45. $default = false;
  46. $flash->add(
  47. 'success',
  48. 'A password reset link has been sent to the provided email.<br/>
  49. Please access the link to reset your password.<br/>
  50. <b>Note:</b> You can only request a password reset link once every'.
  51. ' <b>'. ceil($ttl / 3600). '</b> hours.<br/>'.
  52. "If you didn't receive an email try checking your spam folder ".
  53. 'or try again later.'
  54. );
  55. } else {
  56. $default = false;
  57. $flash->add(
  58. 'warning',
  59. 'You can only request a password reset link once every'.
  60. ' <b>'. ceil($ttl / 3600). '</b> hours.<br/> Please try again later.'
  61. );
  62. }
  63. }
  64. }
  65. if ($default) {
  66. $flash->add(
  67. 'success',
  68. 'Please insert your email address below to receive a password reset link.'
  69. );
  70. }
  71. return $this->render('@Admin/Auth/Reset/request.html.twig',[
  72. 'form' => $form->createView(),
  73. ]);
  74. }
  76. public function resetProcessAction(Request $request, $token) {
  77. $flash = $this->get('session')->getFlashBag();
  78. $userManager = $this->get('sonata.user.user_manager');
  79. $user = $userManager->findUserByConfirmationToken($token);
  80. if (
  81. !$user ||
  82. !$user->isPasswordRequestNonExpired(
  83. $this->getParameter('fos_user.resetting.token_ttl')
  84. )
  85. ) {
  86. $flash->add(
  87. 'danger',
  88. 'The password reset link is invalid.'
  89. );
  90. $flash->add(
  91. 'info',
  92. 'Use the "<b>Reset your password</b>" feature below to receive a new reset link.'
  93. );
  94. return new RedirectResponse(
  95. $this->generateUrl('sonata_user_admin_security_login')
  96. );
  97. }
  98. $formFactory = $this->get('fos_user.resetting.form.factory');
  99. $form = $formFactory->createForm();
  100. $form->setData($user);
  101. $form->handleRequest($request);
  102. if ($form->isSubmitted() && $form->isValid()) {
  103. $user->setConfirmationToken(null);
  104. $user->setPasswordRequestedAt(null);
  105. $user->setEnabled(true);
  106. $message = $this->get('translator')->trans(
  107. 'resetting.flash.success',
  108. [],
  109. 'FOSUserBundle'
  110. );
  111. $flash->add('success', $message);
  112. $response = new RedirectResponse(
  113. $this->generateUrl('admin_homepage')
  114. );
  115. return $this->authUser($user, $request, $response);
  116. } else {
  117. $flash->add(
  118. 'success',
  119. 'Please set and confirm your new password below.'
  120. );
  121. }
  122. return $this->render(
  123. '@Admin/Auth/Reset/form.html.twig', [
  124. 'token' => $token,
  125. 'form' => $form->createView(),
  126. ]
  127. );
  128. }
  130. public function sendResettingEmail($user) {
  131. $em = $this->get('doctrine');
  132. $url = $this->get('router')->generate(
  133. 'admin_reset_process',[
  134. 'token' => $user->getConfirmationToken(),
  135. ], UrlGeneratorInterface::ABSOLUTE_URL
  136. );
  137. $from = $this->get('settings_repo')->getOfficeEmail();
  138. $mandrillManager = $this->get('mandrill.manager');
  139. $mandrillManager->sendTemplate(
  140. MandrillManager::$TEMPLATE_EMAIL_NOTIFICATION_GENERAL,
  141. [],
  142. [
  143. 'subject' => 'Twelve Transfers - Password Reset',
  144. 'from_email' => $from,
  145. 'to' => [
  146. 'email' => $user->getEmail(),
  147. 'name' => $user->getUsername(),
  148. 'type' => 'to',
  149. ],
  150. 'global_merge_vars' => [
  151. 'request_email' => $user->getEmail(),
  152. 'subject' => 'Password Reset',
  153. "content" => $this->renderView(
  154. '@Admin/Auth/Reset/email.html.twig', [
  155. 'url' => $url
  156. ]
  157. ),
  158. ],
  159. ],
  160. true
  161. );
  162. }
  164. protected function authUser($user, $request, $response) {
  165. $userManager = $this->get('sonata.user.user_manager');
  166. $loginManager = $this->get('login.manager');
  167. try {
  168. $firewallName = 'admin';
  169. $loginManager->logInUser($firewallName, $user, $response);
  170. $this->get(
  171. 'authentication.handler.login_success_handler'
  172. )->onAuthenticationSuccess(
  173. $request,
  174. $this->get('security.token_storage')->getToken()
  175. );
  176. $user->setLastLogin(new \DateTime());
  177. } catch (AccountStatusException $ex) {
  178. if ($this->has('logger')) {
  179. $this->get('logger')->warning(
  180. sprintf(
  181. 'Unable to login user %d',
  182. $user->getId()
  183. )
  184. );
  185. }
  186. }
  187. $userManager->save($user);
  188. return $response;
  189. }
  192. }