AccountController.php

1. <?php
2.  
3. namespace AppBundle\Controller;
4.  
5. use AppBundle\Form\Model\ExpiredCredentialsModel;
6. use AppBundle\Form\Model\ExpiredCredentials;
7. use AppBundle\Form\Type\ExpiredCredentialsType;
8. use Symfony\Component\HttpFoundation\Request;
9. use Symfony\Bundle\FrameworkBundle\Controller\Controller;
10. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
11. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
12. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
13. use AppBundle\Form\AccountType;
14. use AppBundle\Entity\Identity;
15. use Symfony\Component\Security\Core\Exception\BadCredentialsException;
16. use Symfony\Component\Security\Core\Exception\CredentialsExpiredException;
17.  
18. /**
19.  * Identity controller.
20.  *
21.  * @Route("/account")
22.  */
23. class AccountController extends Controller
24. {
25.     /**
26.      * Displays own account page.
27.      *
28.      * @Route("/", name="account")
29.      * @Method("GET")
30.      * @Template()
31.      */
32.     public function indexAction()
33.     {
34.         $em = $this->getDoctrine()->getManager();
35.  
36.         $entities = $em->getRepository('AppBundle:Identity')->findAll();
37.  
38.         return array(
39.             'entities' => $entities,
40.         );
41.     }
42.  
43.     /**
44.      * Displays account login page.
45.      *
46.      * @Route("/login", name="account_login")
47.      */
48.     public function loginAction(Request $request)
49.     {
50.         $authenticationUtils = $this->get('security.authentication_utils');
51.  
52.         // last username entered by the user
53.         $lastUsername = $authenticationUtils->getLastUsername();
54.  
55.         // get the login error if there is one
56.         $error = $authenticationUtils->getLastAuthenticationError();
57.  
58.         // check if credentials have expired
59.         if ($error instanceof CredentialsExpiredException) {
60.             return $this->redirect($this->generateUrl('account_renew_expired_credentials'));
61.  
62.             $form = $this->createExpiredCredentialsForm(new ExpiredCredentials($lastUsername));
63.  
64.             return $this->render(
65.                 'AppBundle:Account:expiredPassword.html.twig',
66.                 array(
67.                     'form' => $form->createView(),
68.                     // last username entered by the user
69.                     'last_username' => $lastUsername,
70.                     'error' => $error,
71.                 )
72.             );
73.         } else {
74.             return $this->render(
75.                 'AppBundle:Account:login.html.twig',
76.                 array(
77.                     // last username entered by the user
78.                     'last_username' => $lastUsername,
79.                     'error' => $error,
80.                 )
81.             );
82.         }
83.     }
84.  
85.     /**
86.      * @Route("/authenticate", name="account_authenticate")
87.      */
88.     public function authenticateAction()
89.     {
90.         // this controller will not be executed,
91.         // as the route is handled by the Security system
92.     }
93.  
94.     /**
95.      * @Route("/logout", name="account_logout")
96.      */
97.     public function logoutAction()
98.     {
99.         // this controller will not be executed,
100.         // as the route is handled by the Security system
101.     }
102.  
103.     /**
104.      * Displays password recovery site.
105.      *
106.      * @Route("/lost-password", name="account_lost_password")
107.      * @Method("GET")
108.      */
109.     public function lostPasswordAction()
110.     {
111.         return $this->render(
112.             'AppBundle:Account:lostPassword.html.twig'
113.         );
114.     }
115.  
116.     /**
117.      * @Route("/renew-credentials", name="account_renew_expired_credentials")
118.      */
119.     public function renewExpiredCredentialsAction(Request $request)
120.     {
121.         $credentialsStorage = new ExpiredCredentialsModel();
122.         $form = $this->createExpiredCredentialsForm($credentialsStorage);
123.         $form->handleRequest($request);
124.  
125.         if ($form->isValid()) {
126.             try {
127.                 $this->get('projectname.expired_credentials_handler')->updatePassword($request, $credentialsStorage);
128.                 $this->addFlash('success', 'account.flash.credentialsUpdated');
129.  
130.                 return $this->redirect($this->generateUrl('homepage'));
131.             } catch (BadCredentialsException $e) {
132.                 $this->addFlash('notice', 'account.flash.invalidCredentials');
133.  
134.                 return $this->redirect($this->generateUrl('account_renew_expired_credentials'));
135.             }
136.         }
137.  
138.         return $this->render(
139.             'AppBundle:Account:expiredPassword.html.twig',
140.             array(
141.                 'form' => $form->createView(),
142.             )
143.         );
144.     }
145.  
146.     /**
147.      * Creates a form to create a Identity entity.
148.      *
149.      * @param ExpiredCredentialsModel $data
150.      * @return ExpiredCredentialsType The form
151.      */
152.     private function createExpiredCredentialsForm(ExpiredCredentialsModel $data = null)
153.     {
154.         $form = $this->createForm(new ExpiredCredentialsType(), $data, array(
155.             'action' => $this->generateUrl('account_renew_expired_credentials'),
156.             'method' => 'POST',
157.         ));
158.  
159.         $form->add('submit', 'submit', array(
160.             'label' => 'layout.button.renew',
161.             'attr' => array(
162.                 'class' => 'btn-warning',
163.             ),
164.         ));
165.  
166.         return $form;
167.     }
168.  
169.     /**
170.      * Creates a form to register an identity.
171.      *
172.      * @param Identity $entity The entity
173.      *
174.      * @return \Symfony\Component\Form\Form The form
175.      */
176.     private function createRegisterForm(Identity $entity)
177.     {
178.         $form = $this->createForm(
179.             new AccountType\IdentityType(),
180.             $entity,
181.             array(
182.                 'action' => $this->generateUrl('account_register_processing', array('id' => $entity->getId())),
183.                 'method' => 'POST',
184.                 'attr' => [
185.                     'class' => 'form-user-offline',
186.                 ],
187.             )
188.         );
189.  
190.         $form->add(
191.             'submit',
192.             'submit',
193.             [
194.                 'label' => 'form.btn.register',
195.  
196.             ]
197.         );
198.  
199.         return $form;
200.     }
201.  
202.     /**
203.      * Displays registration form.
204.      *
205.      * @Route("/register", name="account_register")
206.      * @Method("GET")
207.      */
208.     public function registerAction()
209.     {
210.         $identity = new Identity();
211.         $form = $this->createRegisterForm($identity);
212.  
213.         return $this->render(
214.             'AppBundle:Account:register.html.twig',
215.             [
216.                 'entity' => $identity,
217.                 'form' => $form->createView(),
218.             ]
219.         );
220.     }
221.  
222.     /**
223.      * Processes registration form.
224.      *
225.      * @Route("/register", name="account_register_processing")
226.      * @Method("POST")
227.      * @Param Request $request
228.      */
229.     public function registerProcessingAction(Request $request)
230.     {
231.         $identity = new Identity();
232.         $form = $this->createRegisterForm($identity);
233.         $form->handleRequest($request);
234.  
235.         if ($form->isValid()) {
236.  
237.             $em = $this->getDoctrine()->getManager();
238.  
239.             $identity->setRandomPassword();
240.             $identity->setHidePlainPassword(false);
241.  
242.             $em->persist($identity);
243.             $em->flush();
244.  
245.             $this->get('projectname.security.authentication_manager')->makeOnline($request, $identity, 'protected_area');
246.  
247.             /**
248.              * FIXME: Marking credentials expired
249.              *
250.              * I could not figure out how to mark credentials right away after making the user online
251.              * so instead I am marking them expired on the "thank you" page in case the user has been just created.
252.              *
253.              * My security system fails if for any reason the redirect fails.
254.              */
255.  
256.             return $this->redirect($this->generateUrl('account_register_thank_you'));
257.         }
258.  
259.         return $this->render(
260.             'AppBundle:Account:register.html.twig',
261.             [
262.                 'entity' => $identity,
263.                 'form' => $form->createView(),
264.             ]
265.         );
266.     }
267.  
268.     /**
269.      * @Route("/thank-you", name="account_register_thank_you")
270.      * @Method("GET")
271.      */
272.     public function thankYouAction()
273.     {
274.         //
275.         $currentUser = $this->getUser();
276.         if ($currentUser->isJustCreated()) {
277.             $currentUser->setCredentialsExpired(true);
278.             $em = $this->getDoctrine()->getManager();
279.             $em->persist($currentUser);
280.             $em->flush();
281.         }
282.  
283.         return $this->render(
284.             'AppBundle:Account:thankYou.html.twig'
285.         );
286.     }
287. }