src/Controller/ResetPasswordController.php line 69

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  6. use Symfony\Component\HttpFoundation\Response;
  7. use Symfony\Component\HttpFoundation\Request;
  8. use Symfony\Component\Routing\Annotation\Route;
  9. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  10. use App\Service\ResetPasswordService;
  11. use App\Entity\User;
  12. use App\Service\UserService;
  14. class ResetPasswordController extends AbstractController
  15. {
  17.     /**
  18.      * @Route("/dealer/first-access-request", name="dealer_first_access_request", methods={"POST"})
  19.      */
  20.     public function dealerFirstAccessRequest(Request $requestResetPasswordService $resetPasswordServiceUserService $userService): Response
  21.     {
  22.         $data json_decode($request->getContent(), true);
  23.         if (!isset($data['id'])) {
  24.             return $this->JsonErrorResponse('Utente non trovato');
  25.         }
  26.         $user $resetPasswordService->getUserById($data['id']);
  27.         if(!$user){
  28.             return $this->JsonErrorResponse('Utente non trovato');
  29.         }
  31.         $userService->sendNewDealerUserEmail($user);
  33.         if($userService->hasErrors()){
  34.             return $this->JsonErrorResponse('Errore invio richiesta e-mail');
  35.         }
  37.         return $this->JsonOkResponse();
  38.     }
  40.     /**
  41.      * @Route("/dealer/reset-password-request", name="dealer_reset_password_request", methods={"POST"})
  42.      */
  43.     public function dealerResetPasswordRequest(Request $requestResetPasswordService $resetPasswordService): Response
  44.     {
  45.         $data json_decode($request->getContent(), true);
  46.         if (!isset($data['id'])) {
  47.             return $this->JsonErrorResponse('Utente non trovato');
  48.         }
  49.         $user $resetPasswordService->getUserById($data['id']);
  50.         if(!$user){
  51.             return $this->JsonErrorResponse('Utente non trovato');
  52.         }
  54.         $result $resetPasswordService->sendResetPasswordEmail($user);
  56.         if ($result != true) {
  57.             return $this->JsonErrorResponse('Errore invio richiesta e-mail');
  58.         }
  60.         return $this->JsonOkResponse();
  61.     }
  63.     /**
  64.      * @Route("/reset-password", name="reset_password", methods={"GET", "POST"})
  65.      */
  66.     public function resetPassword(Request $requestResetPasswordService $resetPasswordService): Response
  67.     {
  68.         //rotta per gestire il reset della password da parte dell'utente in autonomia
  69.         $user $this->get('security.token_storage')->getToken()->getUser();
  70.         if($user instanceof User){
  71.             //effettua il logout manuale
  72.             $this->get('security.token_storage')->setToken(null);
  73.             $request->getSession()->invalidate();
  74.         }
  76.         $email null;
  77.         $error null;
  78.         $showForm true;
  80.         if($request->getMethod() == 'POST'){
  82.             try {
  83.                 $authUsername $request->request->get('auth_username');
  84.                 if(!$authUsername){
  85.                     throw new \RuntimeException('Inserire un indirizzo email o un numero di partita IVA valido.');
  86.                 }
  88.                 $isEmail filter_var($authUsernameFILTER_VALIDATE_EMAIL);
  89.                 if ($isEmail) {
  90.                     $email $authUsername;
  91.                     $user $resetPasswordService->getUserByEmail($email);
  92.                 }else{
  93.                     $user $resetPasswordService->getUserByAuthUsername($authUsername);
  94.                 }
  96.                 if(!$user){
  97.                     throw new \RuntimeException('Utente non trovato.');
  98.                 }
  100.                 $emailSent $resetPasswordService->sendResetPasswordEmail($user$email);
  101.                 if(!$emailSent){
  102.                     throw new \RuntimeException('Errore invio richiesta e-mail');
  103.                 }
  105.                 $showForm false;
  107.             } catch (\Exception $e) {
  108.                 $error $e->getMessage();
  109.             }
  110.         }
  112.         //rotta pubblica per il cambio password dell'utente in autonomia
  113.         return $this->render('reset-password-email.html.twig', [
  114.             'email' => $email ?: '',
  115.             'error' => $error,
  116.             'showForm' => $showForm
  117.         ]);
  118.     }
  120.     /**
  121.      * @Route("/reset-password-form", name="reset_password_form", methods={"GET"})
  122.      */
  123.     public function resetPasswordForm(Request $requestResetPasswordService $resetPasswordService): Response
  124.     {
  125.         $error null;
  126.         $showForm true;
  128.         $code $request->query->get('c');
  130.         if (!$code) {
  131.             $error 'La richiesta di ripristino password non è valida.<br>Controlla il link corretto nella email.';
  132.             $showForm false;
  133.         }
  135.         if(!$error){
  136.             $user $resetPasswordService->getUserByResetCode($code);
  138.             if (!$user) {
  139.                 //errore generico utente non trovato
  140.                 $error 'La richiesta di cambio password non è valida.<br>Effettuare una nuova richiesta.';
  141.                 $showForm false;
  142.             }
  143.         }
  145.         if(!$error){
  146.             //check scadenza richiesta password
  147.             $resetPasswordDate $user->getResetPasswordDate();
  148.             $now = new \DateTime();
  149.             $passwordDateValid $resetPasswordDate->diff($now)->days <= 1;
  150.             if(!$passwordDateValid){
  151.                 $error 'La richiesta di ripristino password è scaduta. Devi effettuare una nuova richiesta.';
  152.                 $showForm false;
  153.             }
  154.         }
  156.         return $this->render('reset-password-form.html.twig', [
  157.             'showForm' => $showForm,
  158.             'code' => $code,
  159.             'error' => $error,
  160.         ]);
  161.     }
  163.     /**
  164.      * @Route("/reset-password-submit", name="reset_password_submit",methods={"POST"})
  165.      */
  166.     public function resetPasswordSubmit(Request $requestResetPasswordService $resetPasswordService): Response
  167.     {
  168.         $code $request->request->get('code');
  169.         $password $request->request->get('password');
  170.         $passwordConfirm $request->request->get('password_confirm');
  172.         if(!$code){
  173.             throw $this->createNotFoundException('404');
  174.         }
  176.         $error null;
  177.         $showForm true;
  179.         if($password != $passwordConfirm){
  180.             $error 'La conferma password non corrisponde. Inserisci nuovamente la password.';
  181.         }
  183.         if(!$error){
  184.             $checkPassword $resetPasswordService->checkPassword($password);
  185.             if($checkPassword['valid'] == false){
  186.                 //$error = implode('<br>', $checkPassword['errors']);
  187.                 $error 'La password non rispetta i requisiti di sicurezza.';
  188.             }
  189.         }
  191.         if(!$error){
  192.             $resetPasswordService->saveNewPassword($code$password);
  193.             $showForm false;
  195.             //forza logout utente
  196.             $user $this->get('security.token_storage')->getToken()->getUser();
  197.             if($user instanceof User){
  198.                 //effettua il logout manuale
  199.                 $this->get('security.token_storage')->setToken(null);
  200.                 $request->getSession()->invalidate();
  201.             }
  202.         }
  204.         return $this->render('reset-password-form.html.twig', [
  205.             'showForm' => $showForm,
  206.             'code' => $code,
  207.             'error' => $error,
  208.         ]);
  209.     }
  211.     /**
  212.      * @Route("/partner/reset-password", name="partner_reset_password", methods={"POST"})
  213.      */
  214.     public function partnerResetPassword(Request $requestResetPasswordService $resetPasswordService): Response
  215.     {
  216.         //cambio password dal profilo dell'utente partner
  217.         try {
  218.             $user $this->get('security.token_storage')->getToken()->getUser();
  219.             if(!$user){
  220.                 throw new \RuntimeException('Utente non trovato.');
  221.             }
  223.             $sent $resetPasswordService->sendResetPasswordEmail($user);
  224.             if($sent != true){
  225.                 throw new \RuntimeException('Errore invio richiesta e-mail.');
  226.             }
  228.         } catch (\Exception $e) {
  229.             return $this->JsonErrorResponse($e->getMessage());
  230.         }
  232.         return $this->JsonOkResponse();
  233.     }
  235.     private function JsonOkResponse($data = [])
  236.     {
  237.         return new Response(json_encode([
  238.             'result' => 'OK',
  239.             'data' => $data,
  240.             'errmsg' => '',
  241.         ]));
  242.     }
  244.     private function JsonErrorResponse($errmsg)
  245.     {
  246.         $json json_encode([
  247.             'result' => 'ERROR',
  248.             'errmsg' => $errmsg,
  249.         ]);
  250.         $response = new Response($json);
  251.         $response->setStatusCode(500);
  253.         return $response;
  254.     }
  255. }