src/Controller/SecurityController.php line 31

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Event\User\UserLoginWithoutPasswordEvent;
  6. use App\Repository\UserRepository;
  7. use App\Service\NotificationService;
  8. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  9. use Symfony\Component\HttpFoundation\JsonResponse;
  10. use Symfony\Component\HttpFoundation\Request;
  11. use Symfony\Component\HttpFoundation\Response;
  12. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  13. use Symfony\Component\Routing\Annotation\Route;
  14. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  15. use Doctrine\ORM\EntityManagerInterface;
  16. use App\Entity\Company;
  17. use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
  18. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  19. use Symfony\Component\Mime\Address;
  20. // use Symfony\Component\Security\Csrf\TokenStorage\TokenStorageInterface;
  21. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  22. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  23. use Symfony\Contracts\HttpClient\HttpClientInterface;
  24. use Symfony\Component\Routing\Matcher\UrlMatcherInterface;
  26. class SecurityController extends AbstractController
  27. {
  28.     /**
  29.      * @Route("/login", name="app_login")
  30.      */
  31.     public function login(AuthenticationUtils $authenticationUtilsRequest $requestSessionInterface $session,EntityManagerInterface $entityManager,UrlMatcherInterface $urlMatcherInterface): Response
  32.     {
  33.         
  34.         $url $request->getUri();
  35.         $pattern "/^(https?:\/\/)?([a-zA-Z0-9.-]+)/";
  36.         preg_match($pattern$url$matches);
  37.         $sousDomaine $matches[2];
  38.         $company $entityManager->getRepository(Company::class)->findCompanyBySubDomain($sousDomaine);
  39.         if (null !== $request->query->get('redirect_to')) {
  40.             $session->set('redirect_to'$request->query->get('redirect_to'));
  42.             return $this->redirectToRoute('app_login');
  43.         }
  45.         if ($this->getUser()) {
  46.             if (null !== $redirect $session->get('redirect_to')) {
  47.                 $session->remove('redirect_to');
  48.             }
  49.             return $this->redirectToRoute('mission_index');
  50.         }
  52.         // get the login error if there is one
  53.         $error $authenticationUtils->getLastAuthenticationError();
  54.         // last username entered by the user
  55.         $lastUsername $authenticationUtils->getLastUsername();
  56.          if (isset($_COOKIE['PHPSESSID'])) {
  58.             setcookie('PHPSESSID'''time() - 14444444444444444'/''.my-flow.fr'truetrue);
  60.         }
  61.         return $this->render('security/login.html.twig', [
  62.             'last_username' => $lastUsername
  63.             'error' => $error,
  64.             'company' => $company
  65.         ]);
  66.     }
  68.      /**
  69.      * @Route("/login/request-login-without-password", name="request_login_without_password")
  70.      */
  71.     public function createAuthWithoutPassword(Request $request,EventDispatcherInterface $dispatcherEntityManagerInterface $entityManagerUserRepository $userRepository): Response JsonResponse
  72.     {
  73.       
  75.         if($request->isMethod('POST')){
  76.             $email $request->request->get('email');
  77.           
  78.             if($email == null) {
  79.                return  $this->redirectToRoute('request_login_without_password',['message_login_without_password'=>'unknown-email']);
  80.             }
  81.             
  82.             $user $userRepository->findOneBy(['email'=>$email]);
  83.             if($user == null ) {
  84.                return  $this->redirectToRoute('request_login_without_password',['message_login_without_password'=>'unknown-email']);
  85.             }
  87.             $token hash('sha256'uniqid(preg_replace('/\s/','-',$user->getFullName())));
  88.       
  89.             $user->setOneTimeLoginToken($token);
  90.             $entityManager->flush();
  92.             $event = new UserLoginWithoutPasswordEvent($user$token);
  93.             $dispatcher->dispatch($eventUserLoginWithoutPasswordEvent::NAME);
  95.             return  $this->redirectToRoute('app_login',['message_login_without_password'=>'send-success']);
  96.         }
  98.     
  99.        
  100.         return $this->render('security/login_without_password.html.twig', []);
  101.     }
  103.      /**
  104.      * @Route("/login/{token}", name="login-without-passWord")
  105.      */
  106.     public function loginWithoutPassWordHttpClientInterface $httpClientParameterBagInterface $parameterBag,  string $token,TokenStorageInterface $tokenStorage,  UserRepository $userRepository,EntityManagerInterface $entityManager): Response
  107.     {
  108.        
  109.         $user $userRepository->findOneBy(['oneTimeLoginToken' => $token]);
  111.         if($user){
  112.            if($user->isDeleted() or !$user->isEnabled()){
  114.                 return $this->redirectToRoute('app_login',['message_login_without_password'=>'not-enabled']);
  116.            }
  117.             $authenticatedToken = new UsernamePasswordToken($usernull'main'$user->getRoles());
  118.             $tokenStorage->setToken($authenticatedToken);
  119.             // $user->setOneTimeLoginToken(null);
  120.             // $entityManager->flush();
  121.             if (in_array("ROLE_ADMIN"$user->getRoles()) || in_array("ROLE_SUBCONTRACTOR",$user->getRoles())) {
  122.              
  123.                 return $this->redirectToRoute('mission_index');
  125.             }
  127.            ///////////////
  128.            $redirectToWp in_array("ROLE_AUTHOR"$user->getRoles()) || in_array("ROLE_EDITOR"$user->getRoles()) ? true false;
  130.            // $response = $httpClient->request('GET', $parameterBag->get('front_website_url'), [
  131.            //      'query' => [
  132.            //          'tsso' => hash('sha256', $user->getEmail() . $user->getEmail()),
  133.            //          'discount'=> 0
  134.            //      ],
  135.            //      'max_redirects' => 0,
  136.            //  ]);
  137.     
  138.            //  $headers = $response->getHeaders(false);
  139.            //  foreach ($headers['set-cookie'] ?? [] as $cookie) {
  140.            //      $infos = explode(';', $cookie);
  141.            //      [$name, $value] = explode('=', $infos[0]);
  142.     
  143.            //      foreach ($infos as $info) {
  144.            //          if (preg_match('#path#', $info)) {
  145.            //              [$str, $path] = explode('=', $info);
  146.            //          }
  147.            //      }
  148.     
  149.            //      setrawcookie($name, $value, 0, $path ?? '', str_replace('https://', '', $parameterBag->get('front_website_url')));
  150.            //  }
  152.             ////////////
  153.             $ch curl_init();
  154.             
  155.             $url "{$parameterBag->get('front_website_url')}/?tsso=" hash('sha256'$user->getEmail() . $user->getEmail());
  156.             curl_setopt($chCURLOPT_URL$url);
  157.             curl_setopt($chCURLOPT_RETURNTRANSFERtrue);
  158.             $result curl_exec($ch);
  159.             curl_close($ch);
  161.             return $redirectToWp ?  $this->redirect("{$parameterBag->get('front_website_url')}/wp-admin") : $this->redirectToRoute('mission_index');
  162.         }
  163.         
  164.         return $this->redirectToRoute('app_login',['message_login_without_password'=>'unknown-token']);
  165.         
  166.     }
  168.     /**
  169.      * @Route("/logout", name="app_logout")
  170.      */
  171.     public function logout(): void
  172.     {
  173.         // This method intentionally left blank.
  174.     }
  175. }