src/Controller/Security/SecurityController.php line 39

Open in your IDE?
  1. <?php
  2. namespace App\Controller\Security;
  4. use App\Entity\Users\LoginAttempt;
  5. use App\Entity\Users\User;
  6. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  7. use Symfony\Component\HttpFoundation\Request;
  8. use Doctrine\ORM\EntityManagerInterface;
  9. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  10. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  11. use Symfony\Component\Routing\Annotation\Route;
  12. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  13. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  14. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  15. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  16. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  17. use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
  19. class SecurityController extends AbstractController
  20. {
  21. protected $em;
  22. protected $encoder;
  23. protected $tokenStorage;
  24. protected $session;
  25. protected $eventDispatcher;
  27. public function __construct(EntityManagerInterface $entityManager, UserPasswordEncoderInterface $encoder, TokenStorageInterface $tokenStorage, SessionInterface $session, EventDispatcherInterface $eventDispatcher)
  28. {
  29. $this->em = $entityManager;
  30. $this->encoder = $encoder;
  31. $this->tokenStorage = $tokenStorage;
  32. $this->session = $session;
  33. $this->eventDispatcher = $eventDispatcher;
  34. }
  36. /**
  37. * @Route("/", name="index")
  38. */
  39. public function index(AuthenticationUtils $authUtils)
  40. {
  41. // Redirect
  42. return $this->redirect($this->generateUrl("security_login"));
  43. }
  45. /**
  46. * @Route("/login", name="security_login")
  47. */
  48. public function login(AuthenticationUtils $authUtils, Request $request)
  49. {
  50. // Logged in?
  51. if($this->container->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_REMEMBERED') )
  52. {
  53. // Redirect
  54. return $this->redirect($this->generateUrl("dashboard_index"));
  55. }
  57. // Grab login method
  58. $loginMethod = in_array($request->query->get('method'), ["pin", "email"]) ? $request->query->get('method') : "pin";
  60. // Get the login error
  61. $authenticationError = $authUtils->getLastAuthenticationError();
  63. if($authenticationError)
  64. {
  65. // Flash message
  66. $this->get('session')->getFlashBag()->add('error', $authenticationError->getMessage());
  67. }
  69. return $this->render('Security/login.html.twig', [
  70. 'loginMethod' => $loginMethod
  71. ]);
  72. }
  74. /**
  75. * @Route("/login_pin", name="security_loginpin")
  76. */
  77. public function pinLogin(AuthenticationUtils $authUtils, Request $request)
  78. {
  79. $ipAddress = $request->getClientIp();
  81. // Too many attempts
  82. $loginAttempts = $this->em->getRepository(LoginAttempt::class)->findFiltered([
  83. "ipAddress" => $ipAddress,
  84. "created" => ["gte", new \DateTime("-15 minutes")]
  85. ]);
  86. if(count($loginAttempts) >= 5)
  87. die("Too many failed login attempts!");
  89. // Logging in via PIN?
  90. if($request->request->has('pin') && strlen($request->request->get('pin')) == 6)
  91. {
  92. // Grab stuff
  93. $pin = $request->request->get('pin');
  95. // Find a user with this PIN
  96. $user = $this->em->getRepository(User::class)->findOneFiltered([
  97. "pin" => $pin
  98. ]);
  100. // No user?
  101. if(!$user)
  102. {
  103. // Record it
  104. $loginAttempt = new LoginAttempt([
  105. "ipAddress" => $ipAddress
  106. ]);
  108. // Persist & flush
  109. $this->em->persist($loginAttempt);
  110. $this->em->flush();
  112. // Flash message
  113. $this->get('session')->getFlashBag()->add('error', "Invalid login details");
  115. // Redirect
  116. return $this->redirectToRoute('security_login');
  117. }
  118. else
  119. {
  120. // Grab a token
  121. $token = new UsernamePasswordToken($user, $user->getPassword(), "app", $user->getRoles());
  123. // Set the token
  124. $this->tokenStorage->setToken($token);
  125. $this->session->set('_security_common', serialize($token));
  127. // Fire the login event
  128. $event = new InteractiveLoginEvent($request, $token);
  129. $this->eventDispatcher->dispatch($event, "security.interactive_login");
  131. // Redirect
  132. return $this->redirectToRoute('dashboard_index');
  133. }
  134. }
  135. else
  136. {
  137. // Record it
  138. $loginAttempt = new LoginAttempt([
  139. "ipAddress" => $ipAddress
  140. ]);
  142. // Persist & flush
  143. $this->em->persist($loginAttempt);
  144. $this->em->flush();
  146. // Redirect
  147. return $this->redirectToRoute('security_login');
  148. }
  149. }
  151. /**
  152. * @Route("/login_check", name="security_logincheck")
  153. */
  154. public function loginCheck()
  155. {
  157. }
  159. /**
  160. * @Route("/logout", name="security_logout")
  161. */
  162. public function logout()
  163. {
  165. }
  167. /**
  168. * @Route("/forgot_password/{reset_token}", name="security_forgotpassword")
  169. */
  170. public function forgotPassword(Request $request, AuthenticationUtils $authUtils, $reset_token = '')
  171. {
  172. // Is it sent?
  173. if($request->query->get('sent'))
  174. {
  175. return $this->render('Security/forgotPassword.html.twig', array(
  176. 'sent' => true
  177. ));
  178. }
  179. // Resetting?
  180. elseif(strlen($reset_token))
  181. {
  182. // Find the member
  183. $member = $this->em->getRepository('App:Members\Member')->findOneFiltered(array(
  184. "resetToken" => $reset_token
  185. ));
  187. // Found it?
  188. if(!$member)
  189. {
  190. // Flash message
  191. $this->get('session')->getFlashBag()->add('error', "The reset link was invalid");
  193. // Redirect
  194. return $this->redirect($this->generateUrl("security_login"));
  195. }
  197. // Submitted the form?
  198. if($request->isMethod('post') && $request->request->get('action') == "do_reset")
  199. {
  200. // Grab the data
  201. $password = $request->request->get('password');
  202. $confirmPassword = $request->request->get('confirm');
  204. // Not long enough
  205. if(strlen($password) < 6)
  206. {
  207. // Flash message
  208. $this->get('session')->getFlashBag()->add('error', "Your new password must be at least 6 characters");
  209. }
  210. elseif($password != $confirmPassword)
  211. {
  212. // Flash message
  213. $this->get('session')->getFlashBag()->add('error', "Your passwords do not match");
  214. }
  215. else
  216. {
  217. // Encode password
  218. $encodedPassword = $this->encoder->encodePassword($member, $password);
  219. $member->setPassword($encodedPassword);
  220. $member->setResetToken(md5(uniqid()));
  222. // Persist & flush
  223. $this->em->persist($member);
  224. $this->em->flush($member);
  226. // Flash message
  227. $this->get('session')->getFlashBag()->add('success', "Your password has been changed. Please login below.");
  229. // Redirect
  230. return $this->redirect($this->generateUrl("security_login"));
  231. }
  232. }
  234. return $this->render('Frontend/Account/forgotPassword.html.twig', array(
  235. 'sent' => false,
  236. 'reset_token' => $reset_token
  237. ));
  238. }
  239. else
  240. {
  241. // Are we posting?
  242. if($request->isMethod('post') && $request->request->get('action') == "do_reset")
  243. {
  244. // Grab email
  245. $email = trim($request->request->get('email', ''));
  247. // If it's valid
  248. if(filter_var($email, FILTER_VALIDATE_EMAIL))
  249. {
  250. // Find the member
  251. $member = $this->em->getRepository('App:Members\Member')->findOneFiltered(array(
  252. "email" => $email
  253. ));
  255. // Found it?
  256. if($member)
  257. {
  258. // Get the email template
  259. $emailTemplate = $this->em->getRepository('App:Settings\EmailTemplate')->findOneFiltered(array(
  260. "identifier" => "reset_password"
  261. ));
  263. // Not found?
  264. if(!$emailTemplate)
  265. throw new \Exception("Cannot find the email template!");
  267. // Generate a new reset token
  268. $member->setResetToken(md5(uniqid()));
  270. // Persist & flush
  271. $this->em->persist($member);
  272. $this->em->flush($member);
  274. // Send the email
  275. $this->utilHelper->sendEmail(array(
  276. "recipients" => array($member->getEmail()),
  277. "subject" => $emailTemplate->getSubject(),
  278. "template" => $emailTemplate
  279. ), array(
  280. 'RESETLINK' => $this->generateUrl("security_forgotpassword", array(
  281. 'reset_token' => $member->getResetToken()
  282. ), UrlGeneratorInterface::ABSOLUTE_URL)
  283. ));
  284. }
  286. // Redirect
  287. return $this->redirect($this->generateUrl("security_forgotpassword") . '?sent=1');
  288. }
  289. else
  290. {
  291. // Flash message
  292. $this->get('session')->getFlashBag()->add('error', "The specified email address is invalid");
  294. // Redirect
  295. return $this->redirect($this->generateUrl("security_login"));
  296. }
  297. }
  298. else
  299. {
  300. // Redirect
  301. return $this->redirect($this->generateUrl("security_login"));
  302. }
  303. }
  305. }
  306. }