<?php
namespace App\Controller;
use Doctrine\Persistence\ManagerRegistry;
use Symfony\Bridge\Twig\Mime\TemplatedEmail;
use Symfony\Component\Mailer\MailerInterface;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Form\FormError;
use Symfony\Component\Validator\Validator\ValidatorInterface;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
use App\Entity\Master\User;
use App\Form\PasswordCreationType;
use App\Form\PasswordRecoveryType;
use App\Form\Model\Contact;
use App\Form\ContactType;
use App\Service\ValidationService;
class SecurityController extends AbstractController
{
protected $mr;
private $params;
public function __construct(ManagerRegistry $managerRegistry, ParameterBagInterface $params)
{
$this->mr = $managerRegistry;
$this->params = $params;
}
/**
* @Route("/login", name="login")
*/
public function login(Request $request, MailerInterface $mailer, AuthenticationUtils $authenticationUtils): Response
{
$emMaster = $this->mr->getManager('master');
$session = $request->getSession();
$error = $authenticationUtils->getLastAuthenticationError();
$lastUsername = $authenticationUtils->getLastUsername();
$pswUser = new User();
$form = $this->createForm(PasswordRecoveryType::class, $pswUser);
$form->handleRequest($request);
if($form->isSubmitted()){
$valid = true;
$path = 'https://www.google.com/recaptcha/api/siteverify?secret=6LcmTdgUAAAAAHtbLS0hf0fJtNZALbjDqU_6Xxhq&response='.$request->request->get("g-recaptcha-response");
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Accept: application/json')
);
curl_setopt($ch, CURLOPT_URL,$path);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
$result = curl_exec($ch);
curl_close($ch);
$res = json_decode($result, true);
if(!$res["success"]){
$valid = false;
$form->get('recaptcha')->addError(new FormError("Convalidare prima di inviare la richiesta"));
$this->addFlash('notice_warning', 'Prima di inviare la richiesta, provare di non essere un robot.');
}
if($valid && $form->isValid()){
$user = $emMaster->getRepository("App\Entity\Master\User")->findOneByEmail($pswUser->getEmail());
if($user){
$datetime = new \DateTime('now');
$user->setOneTimeCode(md5(uniqid()));
$user->setExpirationOneTimeCode($datetime);
$emMaster->flush();
$message = (new TemplatedEmail())
->subject($this->params->get('subject_recover_password'))
->from($this->params->get('sender_email'))
->to($user->getEmail())
->htmlTemplate('email/password_recovery.html.twig')
->context(['user' => $user]);
$mailer->send($message);
}
$this->addFlash('notice_success', "La richiesta è stata ricevuta correttamente.<br>Se l'account esiste, verrà inviato un messaggio di posta elettronica all'indirizzo corrispondente.");
return $this->redirectToRoute('login');
}
else
$this->addFlash('notice_warning', 'Controlla le informazioni inserite nel form di recupero password.');
}
return $this->render('default/login.html.twig', array(
'last_username' => $lastUsername,
'error' => $error,
'form' => $form->createView()
));
}
/**
* @Route("/login_check", name="login_check")
*/
public function loginCheck() {}
/**
* @Route("/logout", name="logout")
*/
public function logout() {}
/**
* @Route("/crea-password/{oneTimeCode}", name="password_creation", requirements={"oneTimeCode" = "[\w\d]{32}"})
*/
public function passwordCreation(Request $request, $oneTimeCode, ValidatorInterface $validator, UserPasswordHasherInterface $passwordHasher)
{
//DISCONNETTO L'UTENTE SE CONNESSO
$this->get('security.token_storage')->setToken(null);
$emMaster = $this->mr->getManager('master');
$user = $emMaster->getRepository('App\Entity\Master\User')->findOneByOneTimeCode($oneTimeCode);
$now = new \DateTime('now');
if($user->getExpirationOneTimeCode() != null){
date_modify($user->getExpirationOneTimeCode(), '+3 hours');
if($now->format("YmdHis") < $user->getExpirationOneTimeCode()->format("YmdHis")){
$form = $this->createForm(PasswordCreationType::class, $user);
$form->handleRequest($request);
if($form->isSubmitted()){
$valid = true;
$valid = ValidationService::validateNotBlank($validator, $form->get('password'));
if($valid){
$psw = $form->get('password')->getData();
$count = 0;
if(preg_match('/[0-9]/', $psw)) $count++;
if(preg_match('/[a-z]/', $psw)) $count++;
if(preg_match('/[A-Z]/', $psw)) $count++;
if(preg_match('/[\!\#\$\&\(\)\.\+\-_]/', $psw)) $count++;
if($count < 3)
{
$this->addFlash('notice_warning', "La password inserita non è sufficientemente forte.");
$valid = false;
}
}
if($valid && $form->isValid()){
$password = $passwordHasher->hashPassword($user, $form->get("password")->getData());
$user->setPassword($password);
$emMaster->flush();
$this->addFlash('notice_success', "La nuova password è stata creata correttamente; prima di poter accedere controllare se l'account è attivato.");
return $this->redirectToRoute("login");
}
}
return $this->render('default/create_password.html.twig', array(
'oneTimeCode' => $oneTimeCode,
'form' => $form->createView()
));
}
else{
$this->addFlash('notice_warning', "Il codice per la generazione della password è scaduto.<br>La password deve essere creata entro 3 ore dalla richiesta di attivazione.<br>Per poter proseguire è necessario richiedere un nuovo codice.");
return $this->redirectToRoute("login");
}
}
else{
$this->addFlash('notice_warning', "Per poter creare una nuova password è necessario prima richiedere l'attivazione dell'account.");
return $this->redirectToRoute("login");
}
}
}