src/Controller/SecurityController.php line 235

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  6. use Symfony\Component\HttpFoundation\Response;
  7. use Symfony\Component\HttpFoundation\Request;
  8. use Symfony\Component\Routing\Annotation\Route;
  9. use Symfony\Component\HttpFoundation\JsonResponse;
  10. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  11. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  12. use Symfony\Component\Security\Core\Security;
  13. use App\Form\SendLinkPasswordType;
  14. use App\Form\ResetPasswordType;
  15. use App\Form\ChangePasswordType;
  16. use App\Form\UserType;
  17. use App\Form\UserTypeFakRegister;
  18. Use App\Form\CheckFAKNumberType;
  19. use App\Form\CompanyType;
  20. use App\Entity\Participant;
  21. use Smt\CoreBundle\Service\SmtApi;
  22. use Symfony\Contracts\Translation\TranslatorInterface;
  23. use App\Service\MessageGenerator;
  24. use Symfony\Contracts\HttpClient\HttpClientInterface;
  26. class SecurityController extends AbstractController
  27. {
  28.   private $Lo_SmtApi;
  29.   private $Lo_Security;
  30.   private $Lo_MessageGenerator;
  31.   private $Lo_Participant;
  32.   private $o_Session;
  33.   private $client;
  35.   public function __construct(
  36.     SmtApi $Ao_SmtApi
  37.     Security $security,
  38.     MessageGenerator $messageGenerator,
  39.     Participant $participant,
  40.     SessionInterface $session,
  41.     HttpClientInterface $client
  42.   ){
  43.     $this->Lo_SmtApi $Ao_SmtApi;
  44.     $this->Lo_Security $security;
  45.     $this->Lo_MessageGenerator $messageGenerator;
  46.     $this->Lo_Participant $participant;
  47.     $this->o_Session $session;
  48.     $this->client $client;
  49.   }
  50.     /**
  51.     * @Route("/login")
  52.     */
  53.     public function indexNoLocale()
  54.     {
  55.         return $this->redirectToRoute('app_login', ['_locale' => 'de']);
  56.     }
  57.     /**
  58.      * @Route("/{_locale<%app.supported_locales%>}/login", name="app_login")
  59.      */
  60.     public function login(AuthenticationUtils $authenticationUtilsRequest $request): Response
  61.     {
  62.       $referer $request->headers->get('referer');
  63.       if(empty($referer)) {
  64.         $session $request->getSession();
  65.         $session->remove('initial_referer');
  66.       }
  67.       $pathQuery $request->query->get('path_query');
  68.       if ($this->getUser()) {
  69.         if ($referer != null && $pathQuery != null) {
  70.           $pathQuerySlash str_replace('-''/'$pathQuery);
  71.           $pathCatalog $referer $pathQuerySlash;
  72.           return $this->redirect($pathCatalog);
  73.         }
  74.         return $this->redirectToRoute('app_home');
  75.       }
  77.       // get the login error if there is one
  78.       $error $authenticationUtils->getLastAuthenticationError();
  79.       // last username entered by the user
  80.       $lastUsername $authenticationUtils->getLastUsername();
  81.       $Lb_HasLeadership = (stripos($referer'leadership') !== false) ||
  82.         (stripos($referer'slapro') !== false);
  83.       return $this->render('security/login.html.twig', [
  84.         'last_username' => $lastUsername
  85.         'error' => $error,
  86.         'company_register' => !$Lb_HasLeadership
  87.       ]);
  88.     }
  90.     /**
  91.    * @Route("/{_locale<%app.supported_locales%>}/register", name="app_register", options={"expose"=true})
  92.      */
  93.     public function register(
  94.       Request $request
  95.       TranslatorInterface $translator
  96.     ) {
  97.       $Ls_TargetPath $request->getSession()->get('_security.main.target_path'); 
  98.       if(strpos($Ls_TargetPath"/apps/book/"))
  99.         $this->o_Session->set('register/target/'$Ls_TargetPath);
  100.       $form $this->createForm(UserType::class);
  101.       $form->handleRequest($request);
  102.       $error 1;
  103.       $Ls_InitialReferer $request->getSession()->get('initial_referer');
  104.       if ($form->isSubmitted() && $form->isValid()) {
  105.         $La_FormData $form->getData();
  106.         $La_FormData['URL'] = $request->getScheme() . '://' $request->getHttpHost();
  107.         $La_FormData['Password'] = $form->get('Password')->getData();
  108.         $La_FormData['Language'] = $request->getLocale();
  109.         $La_FormData['i_UserType'] = 2// als Privatperson registrieren
  110.         $La_FormData['s_InitialReferer'] = $Ls_InitialReferer;
  111.         $Ls_Answer $this->Lo_Participant->register($La_FormData);
  112.         $Lo_Answer json_decode($Ls_Answer);
  113.         $error $Lo_Answer->Error;
  114.         if($Lo_Answer->Error == && $Lo_Answer->Result->RegisterState == 2)
  115.         {
  116.           $Ls_Message $translator->trans('you_will_shortly_receive_an_email_with_a_link_to_confirm_the_email_address');
  117.           $this->addFlash('success'$Ls_Message); 
  118.         } // if
  119.         else{
  120.           $Ls_Message $translator->trans($this->Lo_MessageGenerator->getErrorMessage($Lo_Answer->Error)) . '!';
  121.           $this->addFlash('error'$Ls_Message);
  122.         } // else
  123.       }
  124.       return $this->render('security/register.html.twig', ['form' => $form->createView(), 'error' => $error'RegisterState' => 0]);
  125.     }
  127.     /**
  128.    * @Route("/{_locale<%app.supported_locales%>}/register_company", name="app_register_company", options={"expose"=true})
  129.      */
  130.     public function registerCompany(
  131.       Request $request
  132.       TranslatorInterface $translator
  133.     ) {
  134.       $Ls_TargetPath $request->getSession()->get('_security.main.target_path');
  135.       if(strpos($Ls_TargetPath"/apps/book/"))
  136.         $this->o_Session->set('register/target/'$Ls_TargetPath);
  137.       $form $this->createForm(CompanyType::class);
  138.       $form->handleRequest($request);
  139.       $error 1;
  140.       if ($form->isSubmitted() && $form->isValid()) {
  141.         $La_FormData $form->getData();
  142.         $La_FormData['URL'] = $request->getScheme() . '://' $request->getHttpHost();
  143.         $La_FormData['Password'] = $form->get('Password')->getData();
  144.         $La_FormData['Language'] = $request->getLocale();
  145.         $La_FormData['i_UserType'] = 1// als Firma registrieren
  146.         $Ls_Answer $this->Lo_Participant->registerCompany($La_FormData);
  147.         $Lo_Answer json_decode($Ls_Answer);
  148.         $error $Lo_Answer->Error;
  149.         if($Lo_Answer->Error == && $Lo_Answer->Result->RegisterState == 2)
  150.         {
  151.           $Ls_Message $translator->trans('you_will_shortly_receive_an_email_with_a_link_to_confirm_the_email_address');
  152.           $this->addFlash('success'$Ls_Message); 
  153.         } // if
  154.         else {
  155.           $Ls_Message $translator->trans($this->Lo_MessageGenerator->getErrorMessage($Lo_Answer->Error)) . '!';
  156.           $this->addFlash('error'$Ls_Message);
  157.         } // else
  158.       }
  159.       return $this->render('security/register_company.html.twig', ['form' => $form->createView(), 'error' => $error'RegisterState' => 0]);
  160.     }
  162.     /**
  163.    * @Route("/ValidateRegistration", name="app_validateregistration", options={"expose"=true})
  164.      */
  165.     public function validateRegistration(
  166.       Request $request
  167.       TranslatorInterface $translator
  168.     ) {
  169.       $Ls_RegisterState 0;
  170.       $Ls_ValidationCode $request->query->get('Token');
  171.       $Ls_Sid $request->query->get('sid');
  172.       $La_ValidationData = [
  173.         's_ValidationCode' => $Ls_ValidationCode,
  174.         's_Sid' => $Ls_Sid,
  175.         's_URL' => $request->getScheme() . '://' $request->getHttpHost()
  176.       ];
  177.       $Ls_Answer $this->Lo_Participant->validateRegistration($La_ValidationData);
  178.       $Lo_Answer json_decode($Ls_Answer);
  179.       $error $Lo_Answer->Error;
  180.       if(isset($Lo_Answer->Result->RegisterState)) $Ls_RegisterState $Lo_Answer->Result->RegisterState;      
  181.       if($Lo_Answer->Error == && $Ls_RegisterState == 1)
  182.       {
  183.         $Ls_Message $translator->trans('registration_complete');
  184.         $this->addFlash('success',  $Ls_Message);    
  185.         $this->Lo_Participant->addComment(30'Ausstehender Arbeitgeber'$Lo_Answer->Result->i_PersonID);  
  186.         if ($Lo_Answer->Result->s_Target == 'app_login')
  187.           return $this->redirectToRoute('app_login');  
  188.         else return $this->redirect($Lo_Answer->Result->s_Target);           
  189.       } // if
  190.       else
  191.       {
  192.         $Ls_Message $translator->trans($this->Lo_MessageGenerator->getErrorMessage($Lo_Answer->Error)) . '!';   
  193.         $this->addFlash('error'$Ls_Message);
  194.         return $this->redirectToRoute('app_register'); 
  195.       } // else
  196.     }
  198.     /**
  199.      * @Route("/{_locale<%app.supported_locales%>}/sendlinkpass", name="app_sendlinkpass")
  200.      */
  201.     public function sendLinkPassword(
  202.       Request $request
  203.       TranslatorInterface $translator
  204.     ): Response
  205.     {
  206.       $form $this->createForm(SendLinkPasswordType::class);
  207.       $form->handleRequest($request);
  208.       if ($form->isSubmitted() && $form->isValid()) {
  209.         $Ls_ApiUrl 'Authorization/ResetPassword';
  210.         $La_Data $form->getData();
  211.         $Ao_ResultHeaders = array();
  212.         $La_Data['Username'] = $La_Data['Email'];
  213.         $La_Data['SendEmail'] = true;
  214.         $La_Data['URL'] = $request->getScheme() . '://' $request->getHttpHost() . "/de/resetpass"//// Achtung
  215.         $La_Data['s_InitialReferer'] = $request->getSession()->get('initial_referer');
  216.         $Ls_Data json_encode($La_Data);
  217.         $Lo_Header '';
  218.         $Ls_Answer $this->Lo_SmtApi->callApi('POST'$Ls_ApiUrl$Ls_Datatrue ,$Lo_Header$Ao_ResultHeaders);
  219.         $Lo_Answer json_decode($Ls_Answer);
  220.         $this->o_Session->set('core/a_Person/LoginHeaders/Set-Cookie'$Ao_ResultHeaders['Set-Cookie']);
  221.         if($Lo_Answer->Error == 0)
  222.         {
  223.           $Ls_Message $translator->trans('password_sent') . '!';
  224.           $this->addFlash('success'$Ls_Message);
  225.           return $this->render('apps/message.html.twig');
  226.         } // if
  227.         else {
  228.           $Ls_Message $translator->trans($this->Lo_MessageGenerator->getErrorMessage($Lo_Answer->Error)) . '!'
  229.           $this->addFlash('error'$Ls_Message);
  230.           return $this->render('security/sendlinkpassword.html.twig', [
  231.             'form' => $form->createView(),
  232.           ]);
  233.         } // else
  234.       }
  235.       return $this->render('security/sendlinkpassword.html.twig', ['form' => $form->createView(),]);
  236.     }
  238.     /**
  239.    * @Route("/{_locale<%app.supported_locales%>}/resetpass/ChangePassword", name="app_resetpass")
  240.      */
  241.     public function resetPassword(
  242.       Request $request
  243.       TranslatorInterface $translator
  244.     ): Response
  245.     {
  246.         $form $this->createForm(ResetPasswordType::class);
  247.         $Ls_Token $request->query->get('ResetToken');
  248.         $form->handleRequest($request);
  249.         if ($form->isSubmitted() && $form->isValid()) {
  250.           $Ls_ApiUrl 'Authorization/ChangePassword';
  251.           $La_Data $form->getData();
  252.           $Ao_ResultHeaders = array();
  253.           $La_Data['Username'] = $La_Data['Email'];
  254.           $La_Data['SendEmail'] = true;
  255.           $La_Data['ResetCode'] = $Ls_Token;
  256.           $La_Data['s_InitialReferer'] = $request->getSession()->get('initial_referer');
  257.           $Ls_Data json_encode($La_Data);
  258.           $Lo_Header 'Cookie: ' $this->o_Session->get('core/a_Person/LoginHeaders/Set-Cookie');
  259.           $Ls_Answer $this->Lo_SmtApi->callApi('POST'$Ls_ApiUrl$Ls_Datatrue$Lo_Header$Ao_ResultHeaders);
  260.           $Lo_Answer json_decode($Ls_Answer);
  261.           if($Lo_Answer->Error == 0)
  262.           {
  263.             $Ls_Message $translator->trans('password_changed') . '!';
  264.             $this->addFlash('success'$Ls_Message);
  265.           } // if
  266.           else{
  267.             $Ls_Message $translator->trans($this->Lo_MessageGenerator->getErrorMessage($Lo_Answer->Error)) . '!';
  268.             $this->addFlash('error'$Ls_Message);
  269.           } // else
  270.         }
  271.         return $this->render('security/resetpassword.html.twig', ['form' => $form->createView(), 'token' => $Ls_Token]);
  272.     }
  274.     /**
  275.    * @Route("/{_locale<%app.supported_locales%>}/changepass", name="app_changepass")
  276.      */
  277.     public function changePassword(
  278.       Request $request
  279.       TranslatorInterface $translator
  280.     ): Response
  281.     {
  282.         $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
  283.         $form $this->createForm(ChangePasswordType::class);
  284.         $form->handleRequest($request);
  285.         if ($form->isSubmitted() && $form->isValid()) {
  286.           $Ls_ApiUrl 'Authorization/ResetPassword';
  287.           $user $this->getUser();
  288.           $La_Data $form->getData();
  289.           $Ao_ResultHeaders = array();
  290.           $La_Data['Email'] = $user->getEmail();
  291.           $La_Data['Username'] = $La_Data['Email'];
  292.           $La_Data['SendEmail'] = false;
  293.           $La_Data['URL'] = $_SERVER['HTTP_HOST'] . $request->getBasePath() . "/resetpass"//// Achtung
  294.           $Ls_Data json_encode($La_Data);
  295.           $Lo_Header 'Cookie: ' $this->o_Session->get('core/a_Person/LoginHeaders/Set-Cookie');
  296.           $Ls_Answer $this->Lo_SmtApi->callApi('POST'$Ls_ApiUrl$Ls_Datatrue$Lo_Header$Ao_ResultHeaders);
  297.           $Lo_Answer json_decode($Ls_Answer);
  298.           $this->o_Session->set('core/a_Person/LoginHeaders/Set-Cookie'$Ao_ResultHeaders['Set-Cookie']);
  299.           if($Lo_Answer->Error == 0)
  300.           {
  301.             $La_Data['ResetCode'] = $Lo_Answer->Result->ResetCode;
  302.             $Ls_ApiUrl 'Authorization/ChangePassword';
  303.             $Lo_Header 'Cookie: ' $this->o_Session->get('core/a_Person/LoginHeaders/Set-Cookie');
  304.             $Ls_Data json_encode($La_Data);
  305.             $Ls_Answer $this->Lo_SmtApi->callApi('POST'$Ls_ApiUrl$Ls_Datatrue$Lo_Header$Ao_ResultHeaders);
  306.             $Lo_Answer json_decode($Ls_Answer);
  307.             if($Lo_Answer->Error == 0)
  308.             {
  309.               $Ls_Message $translator->trans('password_changed') . '!';
  310.               $this->addFlash('success'$Ls_Message);
  311.             } // if
  312.             else{
  313.               $Ls_Message $translator->trans($this->Lo_MessageGenerator->getErrorMessage($Lo_Answer->Error)) . '!';
  314.               $this->addFlash('error'$Ls_Message);
  315.             } // else
  316.           // if
  317.           else{
  318.             $Ls_Message $translator->trans($this->Lo_MessageGenerator->getErrorMessage($Lo_Answer->Error)) . '!';
  319.             $this->addFlash('error'$Ls_Message);
  320.           } // else
  321.         }
  322.         return $this->render('security/changepassword.html.twig', ['form' => $form->createView()]);
  323.     }
  325.     /**
  326.      * @Route("/logout", name="app_logout")
  327.      */
  328.     public function logout()
  329.     {
  330.         throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
  331.     }
  336.   /**
  337.   * @Route("/api/user/profile", name="app_getuserprofile", methods={"GET"})
  338.   */
  339.   public function getUserProfile(Request $request) {
  340.     $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
  341.     $Ls_EndPoint 'Authorization/getprofile';
  342.     $Lo_User $this->Lo_Security->getUser();
  343.     $Li_PersonID $Lo_User->getPersonID();
  344.     $La_Data = [
  345.       "Li_PersonID" => $Li_PersonID
  346.     ];
  347.     $Lo_Header 'Cookie: ' $this->o_Session->get('core/a_Person/LoginHeaders/Set-Cookie');
  348.     $Ls_Answer $this->Lo_SmtApi->callApi('GET'$Ls_EndPoint$La_Datatrue$Lo_Header);
  349.     $Lo_Answer json_decode($Ls_Answer);
  350.     $La_Response json_encode($Lo_Answer->Result);
  351.     $response JsonResponse::fromJsonString($La_Response);
  352.     return $response;
  353.   }
  355.   /**
  356.    * @Route("/api/user/profile", name="app_setuserprofile", methods={"POST"})
  357.    */
  358.   public function setUserProfile(Request $request) {
  359.     $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
  360.     $Ls_EndPoint 'Authorization/saveprofile';
  361.     $La_Data $request->getContent();
  362.     $Lo_Header 'Cookie: ' $this->o_Session->get('core/a_Person/LoginHeaders/Set-Cookie');
  363.     $Ls_Answer =  $this->Lo_SmtApi->callApi('POST'$Ls_EndPoint$La_Datatrue$Lo_Header);
  364.     $Lo_Answer json_decode($Ls_Answer);
  365.     $La_Response json_encode($Lo_Answer->Result);
  366.     $response JsonResponse::fromJsonString($La_Response);
  367.     return $response;
  368.   }
  370.   /**
  371.   * @Route("/api/user", name="app_getuser", methods={"GET"})
  372.   */
  373.   public function getUserFromSession(Request $request) {
  374.     $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
  375.     $Lo_User $this->Lo_Security->getUser();
  376.     $La_Data = [
  377.       "i_PersonID" => $Lo_User->getPersonID(),
  378.       "s_FAKNumber" => $Lo_User->getFAKNumber(),
  379.       "s_Birthdate" => $Lo_User->getBirthdate(),
  380.       "a_AddressRole" => $Lo_User->getAddressRole()
  381.     ];
  382.     $La_Response json_encode($La_Data);
  383.     $response JsonResponse::fromJsonString($La_Response);
  384.     return $response;
  385.   }
  387.   /**
  388.    * @Route("/{_locale<%app.supported_locales%>}/check_faknumber", name="app_check_faknumber_form")
  389.   */
  390.   public function checkFakNumber(Request $requestTranslatorInterface $translator):Response{
  391.     $fknForm $this->createForm(CheckFAKNumberType::class);
  392.     $error 1;
  393.     $registerForm$this->createForm(UserTypeFakRegister::class);
  394.     $fknForm->handleRequest($request);
  395.     $registerForm->handleRequest($request);
  396.     $La_FknFormData $fknForm->getData();
  397.     if ($fknForm->isSubmitted() && $fknForm->isValid()) {
  398.       $response $this->client->request(
  399.           'GET',
  400.           $request->getScheme() . '://' $request->getHttpHost() .'/api/participant/check-faknumber',[
  401.             // these values are automatically encoded before including them in the URL
  402.             'query' => [
  403.                 's_FAKNumber' => $La_FknFormData['FakNumber'],
  404.                 's_Birthdate' => $La_FknFormData['Birthdate'],
  405.             ],
  406.         ]);
  407.       $content $response->getContent();
  408.       $Lo_content json_decode($content);
  409.       $Lo_UserData $Lo_content->UserData;
  410.       $Lb_Status $Lo_content->ResultOK;
  411.       if($Lb_Status){
  412.         return $this->render('security/Check-faknumber.html.twig',
  413.         ['form' => $registerForm->createView(),'error' => $error'RegisterState' => 0'FAKcheckState'=> 0'response'=> $Lo_UserData]);
  414.       }
  415.       else{
  416.         $Ls_Message $translator->trans($this->Lo_MessageGenerator->getErrorMessage('oooooooo')) . '!';
  417.         $this->addFlash('error'$Ls_Message);
  418.       }
  419.       
  420.     }
  421.     if ($registerForm->isSubmitted() && $registerForm->isValid()) {
  422.       $La_FormData $registerForm->getData();
  423.       $La_FormData['URL'] = $request->getScheme() . '://' $request->getHttpHost();
  424.       $La_FormData['Password'] = $registerForm->get('Password')->getData();
  425.       $La_FormData['Language'] = $request->getLocale();
  426.       $La_FormData['i_UserType'] = 2// als Privatperson registrieren
  427.       $Ls_Answer $this->Lo_Participant->register($La_FormData);
  428.       $Lo_Answer json_decode($Ls_Answer);
  429.       $error $Lo_Answer->Error;
  430.       if($Lo_Answer->Error == && $Lo_Answer->Result->RegisterState == 2)
  431.       {
  432.         $Ls_Message $translator->trans('you_will_shortly_receive_an_email_with_a_link_to_confirm_the_email_address');
  433.         $this->addFlash('success'$Ls_Message);
  434.       } // if
  435.       else{
  436.         $Ls_Message $translator->trans($this->Lo_MessageGenerator->getErrorMessage($Lo_Answer->Error)) . '!';
  437.         $this->addFlash('error'$Ls_Message);
  438.       } // else
  439.     }
  440.     return $this->render('security/Check-faknumber.html.twig', ['form' => $fknForm->createView(),'error' => $error,'RegisterState' => 0'FAKcheckState'=> 1]);
  441.   }
  443. }