src/Controller/SecurityController.php line 136

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\EventSubscriber\WebmasterReferenceRequestSubscriber;
  6. use App\Form\ForgotPassword;
  7. use App\Form\Security\RegistrationForm;
  8. use App\Form\SecurityLogin;
  9. use App\Security\ApiUser;
  10. use App\Security\LoginFormAuthenticator;
  11. use App\Service\AuthenticationHelper;
  12. use App\Service\Client\SecurityService;
  13. use App\Service\Client\User\AccountService;
  14. use App\Service\Client\Webmaster\WebmasterAdService;
  15. use App\Service\ReCaptchaService;
  16. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
  17. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  18. use Symfony\Component\HttpFoundation\RedirectResponse;
  19. use Symfony\Component\HttpFoundation\Request;
  20. use Symfony\Component\Routing\Annotation\Route;
  21. use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;
  22. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  24. class SecurityController extends AbstractController
  25. {
  26.     protected SecurityService $service;
  27.     protected AuthenticationHelper $authenticationHelper;
  29.     public function __construct(SecurityService $serviceAuthenticationHelper $authHelper)
  30.     {
  31.         $this->service $service;
  32.         $this->authenticationHelper $authHelper;
  33.     }
  35.     /**
  36.      * @Route("/security/logout")
  37.      * @return void
  38.      */
  39.     public function logout(): void
  40.     {
  41.     }
  43.     /**
  44.      * @Route("/login", name="login")
  45.      * @Template
  46.      *
  47.      * @param AuthenticationUtils $authenticationUtils
  48.      * @param Request $request
  49.      * @param LoginFormAuthenticator $authenticator
  50.      * @param GuardAuthenticatorHandler $guardHandler
  51.      *
  52.      * @return array|\Symfony\Component\HttpFoundation\RedirectResponse
  53.      */
  54.     public function login(AuthenticationUtils $authenticationUtils)
  55.     {
  56.         $form $this->createForm(SecurityLogin::class, null, [
  57.             'action' => $this->generateUrl('login'),
  58.         ]);
  60.         $user $this->getUser();
  61.         if ($user instanceof ApiUser && $user->getApiToken()) {
  62.             return $this->redirectToRoute('app_home_index');
  63.         }
  65.         return [
  66.             'error' => $authenticationUtils->getLastAuthenticationError(),
  67.             'form' => $form->createView(),
  68.         ];
  69.     }
  71.     /**
  72.      * @Route("/account/registerembed", methods={"GET|POST"})
  73.      * @Template()
  74.      * @param WebmasterAdService $webmasterAdService
  75.      * @param AccountService $service
  76.      * @param Request $request
  77.      * @return array
  78.      * @throws \Symfony\Contracts\HttpClient\Exception\ClientExceptionInterface
  79.      * @throws \Symfony\Contracts\HttpClient\Exception\RedirectionExceptionInterface
  80.      * @throws \Symfony\Contracts\HttpClient\Exception\ServerExceptionInterface
  81.      * @throws \Symfony\Contracts\HttpClient\Exception\TransportExceptionInterface
  82.      */
  83.     public function registerembed(WebmasterAdService $webmasterAdServiceAccountService $serviceRequest $request): array
  84.     {
  85.         $success false;
  86.         $error false;
  88.         $form $this->createForm(RegistrationForm::class);
  89.         $form->handleRequest($request);
  91.         $session $request->getSession();
  92.         $wmRef $session->get(WebmasterReferenceRequestSubscriber::SESSION_KEY);
  94.         if ($request->isMethod('POST')) {
  95.             $data $form->getData();
  96.             try {
  97.                 $specs = [
  98.                     'email' => $data['email'] ?? ''
  99.                 ];
  100.                 if($session->has(WebmasterReferenceRequestSubscriber::SESSION_KEY)) {
  101.                     $specs['advertised_by_webmaster'] = $wmRef['webmaster_id'] ?? 0;
  102.                     $specs['advertised_by_tracking_id'] = $wmRef['tracking_id'] ?? '';
  103.                     $specs['advertised_by_campaign_id'] = $wmRef['campaign_id'] ?? 0;
  104.                 }
  106.                 if ($service->createRegistration($specs)) {
  107.                     $session->set('registrationEmail'$specs['email']);
  108.                     $session->save();
  109.                     $success true;
  110.                 } else {
  111.                     $error true;
  112.                     $success false;
  113.                 }
  114.             } catch (\DomainException $e) {
  115.                 $error true;
  116.                 $success false;
  117.             }
  118.         }
  121.         $ad $webmasterAdService->getPublicAdInfo($request->query->getInt('ad'));
  123.         return [
  124.             'form' => $form->createView(),
  125.             'wmRef' => $wmRef ?? ['webmaster_id' => $request->query->get('wmid')],
  126.             'error' => $error,
  127.             'success' => $success,
  128.             'ad' => $ad ?? ['theme' => 1]
  129.         ];
  130.     }
  132.     /**
  133.      * @Template()
  134.      * @return array
  135.      */
  136.     public function widget(): array
  137.     {
  138.         $form $this->createForm(SecurityLogin::class, null, [
  139.             'action' => $this->generateUrl('login'),
  140.             'attr' => [
  141.                 'class' => 'input-group'
  142.             ]
  143.         ]);
  144.         return [
  145.             'form' => $form->createView(),
  146.         ];
  147.     }
  149.     /**
  150.      * @Route("/security/passwort-vergessen", methods={"GET", "POST"})
  151.      * @Template
  152.      * @param Request $request
  153.      * @return array
  154.      */
  155.     public function forgotpassword(Request $request): array
  156.     {
  157.         $form $this->createForm(ForgotPassword::class, null, [
  158.             'attr' => [
  159.                 'class' => 'input-group'
  160.             ]
  161.         ]);
  163.         if ($request->isMethod('POST')) {
  164.             $form->handleRequest($request);
  165.             if ($form->isValid()) {
  166.                 if ($this->service->requestNewPassword($form->getData()['username'])) {
  167.                     $this->addFlash('success''Wir haben Dir eine E-Mail geschickt.');
  168.                 }
  169.             }
  170.         }
  172.         return [
  173.             'form' => $form->createView(),
  174.         ];
  175.     }
  177.     /**
  178.      * @Route("/security/passwort-vergessen/confirm/{confirmationToken}", methods={"GET"}, requirements={"confirmationToken": "[a-f0-9]{40}"})
  179.      * @Template
  180.      * @param Request $request
  181.      * @return array
  182.      */
  183.     public function forgotpasswordCofirm(string $confirmationToken): RedirectResponse
  184.     {
  185.         if ($this->service->confirmNewPasswordRequest($confirmationToken)) {
  186.             $this->addFlash('success''Du erhälst in Kürze eine weitere E-Mail mit Deinem neuen Passwort.');
  187.         } else {
  188.             $this->addFlash('error''Bitte versuche es erneut oder kontaktiere den Support.');
  189.         }
  190.         return $this->redirectToRoute('login');
  191.     }
  193.     /**
  194.      * @Route("/registration", methods={"GET|POST"})
  195.      * @Template()
  196.      * @return array|RedirectResponse
  197.      */
  198.     public function registration(AccountService $serviceRequest $requestReCaptchaService $recaptchaService)
  199.     {
  200.         if ($this->getUser() instanceof ApiUser) {
  201.             $this->addFlash('info''Bitte logge dich aus, bevor du eine Registrierung startest.');
  202.             return $this->redirect('/');
  203.         }
  204.         $form $this->createForm(RegistrationForm::class);
  205.         $form->handleRequest($request);
  206.         if ($form->isSubmitted() && $form->isValid()) {
  207.             if (!$recaptchaService->isValidSubmission($request)) {
  208.                 $this->addFlash('info''Bitte lösen Sie das reCaptcha.');
  209.                 return $this->redirectToRoute('app_security_registration');
  210.             }
  211.             $data $form->getData();
  212.             try {
  213.                 $specs = [
  214.                     'email' => $data['email'],
  215.                     "remote_ip" => $request->headers->get('X-Real-IP'$_SERVER["REMOTE_ADDR"]),
  216.                 ];
  217.                 $session $request->getSession();
  218.                 if($session->has(WebmasterReferenceRequestSubscriber::SESSION_KEY)) {
  219.                     $wmRef $session->get(WebmasterReferenceRequestSubscriber::SESSION_KEY);
  220.                     $specs['advertised_by_webmaster'] = $wmRef['webmaster_id'] ?? 0;
  221.                     $specs['advertised_by_tracking_id'] = $wmRef['tracking_id'] ?? '';
  222.                     $specs['advertised_by_campaign_id'] = $wmRef['campaign_id'] ?? 0;
  223.                 }
  225.                 if ($service->createRegistration($specs)) {
  226.                     $session->set('registrationEmail'$specs['email']);
  227.                     $session->save();
  228.                     $this->addFlash('success''Wir haben dir eine E-Mail geschickt.');
  229.                     return $this->redirectToRoute('app_security_registrationconfirm');
  230.                 }
  231.                 $this->addFlash('info''Bitte nochmal probieren oder Support kontaktieren.');
  232.             } catch (\DomainException $e) {
  233.                 $this->addFlash('error'$e->getMessage());
  234.             }
  235.             return $this->redirectToRoute('app_security_registration');
  236.         }
  237.         return [
  238.             'form' => $form->createView(),
  239.         ];
  240.     }
  242.     /**
  243.      * @Route("/registration/confirm/{confirmationToken}", methods={"GET"})
  244.      * @Template()
  245.      * @return array|RedirectResponse
  246.      */
  247.     public function registrationConfirm(Request $requeststring $confirmationToken '')
  248.     {
  249.         if ($this->getUser() instanceof ApiUser) {
  250.             $this->addFlash('info''Bitte logge dich aus, bevor du eine Registrierung bestätigst.');
  251.             return $this->redirect('/');
  252.         }
  253.         $email $request->getSession()->get('registrationEmail');
  254.         if (!$email) {
  255.             // restart registrationprocess
  256.             return $this->redirectToRoute('app_security_registration');
  257.         }
  258.         return [
  259.             'email' => $email,
  260.         ];
  261.     }
  263.     /**
  264.      * All calls to this method should be intercepted by PinConfirmAuthenticator
  265.      *
  266.      * @Route("/registration/confirm/pin", methods={"POST"})
  267.      * @return RedirectResponse
  268.      */
  269.     public function confirmPin(): RedirectResponse
  270.     {
  271.         if ($this->getUser() instanceof ApiUser) {
  272.             $this->addFlash('info''Bitte logge dich aus, bevor Du eine Registrierung bestätigst.');
  273.         }
  274.         return new RedirectResponse('/');
  275.     }
  276. }