src/Controller/SecurityController.php line 107

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Event\User\UserLoginWithoutPasswordEvent;
  6. use App\Repository\UserRepository;
  7. use App\Service\NotificationService;
  8. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  9. use Symfony\Component\HttpFoundation\JsonResponse;
  10. use Symfony\Component\HttpFoundation\Request;
  11. use Symfony\Component\HttpFoundation\Response;
  12. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  13. use Symfony\Component\Routing\Annotation\Route;
  14. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  15. use Doctrine\ORM\EntityManagerInterface;
  16. use App\Entity\Company;
  17. use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
  18. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  19. use Symfony\Component\Mime\Address;
  20. // use Symfony\Component\Security\Csrf\TokenStorage\TokenStorageInterface;
  21. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  22. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  23. use Symfony\Contracts\HttpClient\HttpClientInterface;
  24. use Symfony\Component\Routing\Matcher\UrlMatcherInterface;
  26. class SecurityController extends AbstractController
  27. {
  28.     /**
  29.      * @Route("/login", name="app_login")
  30.      */
  31.     public function login(AuthenticationUtils $authenticationUtilsRequest $requestSessionInterface $session,EntityManagerInterface $entityManager,UrlMatcherInterface $urlMatcherInterface): Response
  32.     {
  33.         
  34.         $url $request->getUri();
  35.         $pattern "/^(https?:\/\/)?([a-zA-Z0-9.-]+)/";
  36.         preg_match($pattern$url$matches);
  37.         $sousDomaine $matches[2];
  38.         $company $entityManager->getRepository(Company::class)->findCompanyBySubDomain($sousDomaine);
  39.         if (null !== $request->query->get('redirect_to')) {
  40.             $session->set('redirect_to'$request->query->get('redirect_to'));
  42.             return $this->redirectToRoute('app_login');
  43.         }
  45.         if ($this->getUser()) {
  46.             if (null !== $redirect $session->get('redirect_to')) {
  47.                 $session->remove('redirect_to');
  48.             }
  49.             return $this->redirectToRoute('mission_index');
  50.         }
  52.         // get the login error if there is one
  53.         $error $authenticationUtils->getLastAuthenticationError();
  54.         // last username entered by the user
  55.         $lastUsername $authenticationUtils->getLastUsername();
  56.          if (isset($_COOKIE['PHPSESSID'])) {
  58.             setcookie('PHPSESSID'''time() - 14444444444444444'/''.my-flow.fr'truetrue);
  60.         }
  61.         return $this->render('security/login.html.twig', [
  62.             'last_username' => $lastUsername
  63.             'error' => $error,
  64.             'company' => $company
  65.         ]);
  66.     }
  68.      /**
  69.      * @Route("/login/request-login-without-password", name="request_login_without_password")
  70.      */
  71.     public function createAuthWithoutPassword(Request $request,EventDispatcherInterface $dispatcherEntityManagerInterface $entityManagerUserRepository $userRepository): Response JsonResponse
  72.     {
  73.       
  75.         if($request->isMethod('POST')){
  76.             $email $request->request->get('email');
  77.           
  78.             // if($email == null) {
  79.             //    return  $this->redirectToRoute('request_login_without_password',['message_login_without_password'=>'unknown-email']);
  80.             // }
  81.             
  82.             $users $userRepository->findAllUserByEmaiAndEmailParent($email);
  83.             $user null;
  84.             foreach ($users as $u) {
  85.                 if ($u->isEnabled() and !$u->isDeleted()) {
  86.                     $user $u;
  87.                     break;
  88.                 }
  89.             }
  90.             if($user == null ) {
  91.                return  $this->redirectToRoute('request_login_without_password',['message_login_without_password'=>'unknown-email']);
  92.             }
  94.             $token hash('sha256'uniqid(preg_replace('/\s/','-',$user->getFullName())));
  95.       
  96.             $user->setOneTimeLoginToken($token);
  97.             $entityManager->flush();
  99.             $event = new UserLoginWithoutPasswordEvent($user$token);
  100.             $dispatcher->dispatch($eventUserLoginWithoutPasswordEvent::NAME);
  102.             return  $this->redirectToRoute('app_login',['message_login_without_password'=>'send-success']);
  103.         }
  105.     
  106.        
  107.         return $this->render('security/login_without_password.html.twig', []);
  108.     }
  110.      /**
  111.      * @Route("/login/{token}", name="login-without-passWord")
  112.      */
  113.     public function loginWithoutPassWordHttpClientInterface $httpClientParameterBagInterface $parameterBag,  string $token,TokenStorageInterface $tokenStorage,  UserRepository $userRepository,EntityManagerInterface $entityManager,Request $request): Response
  114.     {
  115.         if ($request->query->get('role')) {
  116.             $request->getSession()->set('role_current_user'$request->query->get('role'));
  117.         }
  118.         $user $userRepository->findOneBy(['oneTimeLoginToken' => $token]);
  120.         if($user){
  121.            if($user->isDeleted() or !$user->isEnabled()){
  123.                 return $this->redirectToRoute('app_login',['message_login_without_password'=>'not-enabled']);
  125.            }
  126.             $authenticatedToken = new UsernamePasswordToken($usernull'main'$user->getRoles());
  127.             
  128.             $tokenStorage->setToken($authenticatedToken);
  129.             // $user->setOneTimeLoginToken(null);
  130.             // $entityManager->flush();
  132.             if (in_array("ROLE_ADMIN"$user->getRoles()) || in_array("ROLE_SUBCONTRACTOR",$user->getRoles())) {
  133.                 
  134.                 return $this->redirectToRoute('mission_index');
  136.             }
  138.            ///////////////
  139.            $redirectToWp in_array("ROLE_AUTHOR"$user->getRoles()) || in_array("ROLE_EDITOR"$user->getRoles()) ? true false;
  141.            // $response = $httpClient->request('GET', $parameterBag->get('front_website_url'), [
  142.            //      'query' => [
  143.            //          'tsso' => hash('sha256', $user->getEmail() . $user->getEmail()),
  144.            //          'discount'=> 0
  145.            //      ],
  146.            //      'max_redirects' => 0,
  147.            //  ]);
  148.     
  149.            //  $headers = $response->getHeaders(false);
  150.            //  foreach ($headers['set-cookie'] ?? [] as $cookie) {
  151.            //      $infos = explode(';', $cookie);
  152.            //      [$name, $value] = explode('=', $infos[0]);
  153.     
  154.            //      foreach ($infos as $info) {
  155.            //          if (preg_match('#path#', $info)) {
  156.            //              [$str, $path] = explode('=', $info);
  157.            //          }
  158.            //      }
  159.     
  160.            //      setrawcookie($name, $value, 0, $path ?? '', str_replace('https://', '', $parameterBag->get('front_website_url')));
  161.            //  }
  163.             ////////////
  164.             $ch curl_init();
  165.             
  166.             $url "{$parameterBag->get('front_website_url')}/?tsso=" hash('sha256'$user->getEmail() . $user->getEmail());
  167.             curl_setopt($chCURLOPT_URL$url);
  168.             curl_setopt($chCURLOPT_RETURNTRANSFERtrue);
  169.             $result curl_exec($ch);
  170.             curl_close($ch);
  171.             //set session if switch connection is active
  172.             if ($request->query->get('role')) {
  173.                 $request->getSession()->set('role_current_user'$request->query->get('role'));
  174.             }
  176.             //end set session
  177.             return $redirectToWp ?  $this->redirect("{$parameterBag->get('front_website_url')}/wp-admin") : $this->redirectToRoute('mission_index');
  178.         }
  179.         
  180.         return $this->redirectToRoute('app_login',['message_login_without_password'=>'unknown-token']);
  181.         
  182.     }
  184.     /**
  185.      * @Route("/logout", name="app_logout")
  186.      */
  187.     public function logout(): void
  188.     {
  189.         // This method intentionally left blank.
  190.     }
  191. }