src/Controller/SecurityController.php line 53

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Repository\UserPlatformRepository;
  6. use App\Service\MailService;
  7. use Doctrine\ORM\EntityManagerInterface;
  8. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  9. use Symfony\Component\HttpFoundation\Request;
  10. use Symfony\Component\HttpFoundation\Response;
  11. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  12. use Symfony\Component\Routing\Annotation\Route;
  13. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  14. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  15. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  17. class SecurityController extends AbstractController
  18. {
  19.     /**
  20.      * @Route("/login/{type}", name="app_login")
  21.      */
  22.     public function login(AuthenticationUtils $authenticationUtilsstring $type null): Response
  23.     {
  24.         // if ($this->getUser()) {
  25.         //     return $this->redirectToRoute('target_path');
  26.         // }
  30.         // get the login error if there is one
  31.         $error $authenticationUtils->getLastAuthenticationError();
  32.         // last username entered by the user
  33.         $lastUsername $authenticationUtils->getLastUsername();
  37.         if ($type == "admin") {
  38.             return $this->render('backView/security/login.html.twig', ['last_username' => $lastUsername'error' => $error]);
  39.         } else {
  40.             return $this->render('frontView/security/login.html.twig', ['last_username' => $lastUsername'error' => $error]);
  41.         }
  42.     }
  44.     /**
  45.      * @Route("/logout", name="app_logout")
  46.      */
  47.     public function logout(): void
  48.     {
  49.         throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
  50.     }
  52.     #[Route('/forgot-password'name'app_forgot_password')]
  53.     public function forgotPassword(Request $requestUserPlatformRepository $userRepositoryMailService $mailServiceEntityManagerInterface $emSessionInterface $session): Response
  54.     {
  55.         if ($request->isMethod('POST')) {
  56.             $email $request->request->get('email');
  57.             $user $userRepository->findOneBy(['email' => $email]);
  59.             if ($user) {
  60.                 // Génère un token unique pour la réinitialisation
  61.                 $resetToken bin2hex(random_bytes(32));
  62.                 $user->setResetToken($resetToken);
  63.                 $user->setTokenExpiration(new \DateTime('+1 hour')); // Le token expire dans 1 heure
  65.                 // Save the user with EntityManager
  66.                 $em->persist($user);
  67.                 $em->flush();
  69.                 // Envoie l'e-mail de réinitialisation
  70.                 $resetUrl $this->generateUrl('app_reset_password', ['token' => $resetToken], UrlGeneratorInterface::ABSOLUTE_URL);
  71.                 $mailService->sendEmail(
  72.                     ['to' => $email],
  73.                     'Réinitialisation de votre mot de passe',
  74.                     'frontView/security/emails_forgot_password.html.twig',
  75.                     ['resetUrl' => $resetUrl]
  76.                 );
  78.                 $this->addFlash('success''Un e-mail de réinitialisation a été envoyé à ' $email);
  79.             } else {
  80.                 $this->addFlash('error''Aucun utilisateur trouvé pour cet e-mail.');
  81.             }
  82.         }
  84.         return $this->render('frontView/security/forgotMdp.html.twig', []);
  85.     }
  87.     #[Route('/reset-password/{token}'name'app_reset_password')]
  88.     public function resetPassword(string $tokenRequest $requestUserPlatformRepository $userRepositoryUserPasswordEncoderInterface $passwordEncoder,  SessionInterface $sessionEntityManagerInterface $em): Response
  89.     {
  90.         $user $userRepository->findOneBy(['resetToken' => $token]);
  92.         if (!$user || $user->getTokenExpiration() < new \DateTime()) {
  93.             $this->addFlash('error''Le lien de réinitialisation est invalide ou expiré.');
  94.             return $this->redirectToRoute('app_forgot_password');
  95.         }
  97.         if ($request->isMethod('POST')) {
  98.             if ($request->request->get('confirm-password') == $request->request->get('password')) {
  99.                 $newPassword $request->request->get('password');
  100.                 $user->setPassword($passwordEncoder->encodePassword($user$newPassword));
  101.                 $user->setResetToken(null); // Supprime le token pour plus de sécurité
  102.                 $user->setTokenExpiration(null);
  103.                 $em->persist($user);
  104.                 $em->flush();
  106.                 $this->addFlash('success''Votre mot de passe a été réinitialisé avec succès.');
  107.                 return $this->redirectToRoute('app_login');
  108.             } else {
  109.                 $this->addFlash('error''Mot de passe different.');
  110.                 return $this->redirectToRoute('app_reset_password', ['token' => $token]);
  111.             }
  112.         }
  114.         return $this->render('frontView/security/resetMdp.html.twig', [
  115.             'token' => $token
  116.         ]);
  117.     }
  118. }