src/Controller/SecurityController.php line 35

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\User;
  6. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  7. use Symfony\Component\HttpFoundation\Request;
  8. use Symfony\Component\HttpFoundation\Response;
  9. use Symfony\Component\Routing\Annotation\Route;
  10. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  11. use Symfony\Component\Security\Core\User\UserInterface;
  12. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  13. use Symfony\Component\Mime\Email;
  14. use Symfony\Component\Mailer\MailerInterface;
  15. use Symfony\Component\Mailer\Exception\TransportExceptionInterface;
  16. use Psr\Log\LoggerInterface;
  17. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  18. use Symfony\Component\Form\Extension\Core\Type\PasswordType;
  19. use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
  20. use Symfony\Component\Validator\Constraints\Length;
  21. use Symfony\Component\Validator\Constraints\NotBlank;
  23. class SecurityController extends AbstractController
  24. {
  25.     private $logger;
  27.     public function __construct(LoggerInterface $logger)
  28.     {
  29.         $this->logger $logger;
  30.     }
  32.     /**
  33.      * @Route("/login", name="app_login")
  34.      */
  35.     public function login(AuthenticationUtils $authenticationUtilsRequest $request): Response
  36.     {
  37.         $this->logger->info('Login attempt', ['method' => $request->getMethod()]);
  39.         if ($this->getUser()) {
  40.             $this->logger->info('User already logged in, redirecting to home');
  41.             return $this->redirectToRoute('app_home');
  42.         }
  44.         // get the login error if there is one
  45.         $error $authenticationUtils->getLastAuthenticationError();
  46.         // last username entered by the user
  47.         $lastUsername $authenticationUtils->getLastUsername();
  49.         if ($error) {
  50.             $this->logger->warning('Login error', ['error' => $error->getMessage()]);
  51.         }
  53.         return $this->render('security/login.html.twig', ['last_username' => $lastUsername'error' => $error]);
  54.     }
  56.     /**
  57.      * @Route("/logout", name="app_logout")
  58.      */
  59.     public function logout(): void
  60.     {
  61.         throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
  62.     }
  64.     /**
  65.      * @Route("/password-reset", name="app_password_reset")
  66.      */
  67.     public function resetPassword(Request $requestMailerInterface $mailer)
  68.     {
  69.         $email $request->query->get('email');
  70.         $user $this->getDoctrine()->getRepository(User::class)->findOneBy(['email' => $email]);
  71.         
  72.         if (!$user) {
  73.             $this->logger->info('Password reset attempt for unknown email', ['email' => $email]);
  74.             return $this->redirectToRoute('app_login', ['error' => 'Email inconnu']);
  75.         }
  77.         $token bin2hex(random_bytes(32));
  78.         $user->setResetToken($token);
  79.         $user->setResetTokenExpiresAt(new \DateTime('+1 hour'));
  81.         $entityManager $this->getDoctrine()->getManager();
  82.         $entityManager->persist($user);
  83.         $entityManager->flush();
  85.         $resetUrl $this->generateUrl('app_reset_password', ['token' => $token], UrlGeneratorInterface::ABSOLUTE_URL);
  87.         $mail = (new Email())
  88.             ->from('contact@flexenergie.fr')
  89.             ->to($email)
  90.             ->subject('Réinitialisation de mot de passe')
  91.             ->html($this->renderView(
  92.                 'email/reset_password.html.twig',
  93.                 ['resetUrl' => $resetUrl]
  94.             ));
  96.         try {
  97.             $mailer->send($mail);
  98.             $this->logger->info('Password reset email sent', ['email' => $email]);
  99.             $this->addFlash('success''Un e-mail de réinitialisation a été envoyé à votre adresse.');
  100.         } catch (TransportExceptionInterface $e) {
  101.             $this->logger->error('Failed to send password reset email', ['email' => $email'error' => $e->getMessage()]);
  102.             $this->addFlash('error''Une erreur est survenue lors de l\'envoi de l\'e-mail. Veuillez réessayer plus tard.');
  103.         }
  105.         return $this->redirectToRoute('app_login');
  106.     }
  108.     /**
  109.      * @Route("/reset-password/{token}", name="app_reset_password")
  110.      */
  111.     public function resetPasswordForm(Request $requeststring $tokenUserPasswordEncoderInterface $passwordEncoder)
  112.     {
  113.         $user $this->getDoctrine()->getRepository(User::class)->findOneBy(['resetToken' => $token]);
  115.         if (!$user || $user->getResetTokenExpiresAt() < new \DateTime()) {
  116.             $this->addFlash('reset_password_error''Le lien de réinitialisation est invalide ou a expiré.');
  117.             return $this->redirectToRoute('app_login');
  118.         }
  120.         $form $this->createFormBuilder()
  121.             ->add('plainPassword'RepeatedType::class, [
  122.                 'type' => PasswordType::class,
  123.                 'first_options' => [
  124.                     'constraints' => [
  125.                         new NotBlank([
  126.                             'message' => 'Veuillez entrer un mot de passe',
  127.                         ]),
  128.                         new Length([
  129.                             'min' => 6,
  130.                             'minMessage' => 'Votre mot de passe doit comporter au moins {{ limit }} caractères',
  131.                             'max' => 4096,
  132.                         ]),
  133.                     ],
  134.                     'label' => 'Nouveau mot de passe',
  135.                 ],
  136.                 'second_options' => [
  137.                     'label' => 'Répéter le mot de passe',
  138.                 ],
  139.                 'invalid_message' => 'Les champs du mot de passe doivent correspondre.',
  140.                 'mapped' => false,
  141.             ])
  142.             ->getForm();
  144.         $form->handleRequest($request);
  146.         if ($form->isSubmitted() && $form->isValid()) {
  147.             $newPassword $form->get('plainPassword')->getData();
  148.             $user->setPassword($passwordEncoder->encodePassword($user$newPassword));
  149.             $user->setResetToken(null);
  150.             $user->setResetTokenExpiresAt(null);
  152.             $entityManager $this->getDoctrine()->getManager();
  153.             $entityManager->persist($user);
  154.             $entityManager->flush();
  156.             $this->addFlash('success''Votre mot de passe a été mis à jour avec succès.');
  157.             return $this->redirectToRoute('app_login');
  158.         }
  160.         return $this->render('security/reset_password.html.twig', [
  161.             'resetForm' => $form->createView(),
  162.         ]);
  163.     }
  165.     /**
  166.      * @Route("/password-change", name="app_password_change")
  167.      */
  168.     public function changePassword()
  169.     {
  170.         return $this->render('security/change_password.html.twig');
  171.     }
  173.     /**
  174.      * @Route("/password-update", name="app_password_update")
  175.      */
  176.     public function updatePassword(Request $requestUserPasswordEncoderInterface $passwordEncoderUserInterface $user)
  177.     {
  178.         $new_password $request->request->get('new_password');
  179.         $user->setPassword($passwordEncoder->encodePassword($user$new_password));
  180.         $entityManager $this->getDoctrine()->getManager();
  181.         $entityManager->persist($user);
  182.         $entityManager->flush();
  183.         $this->addFlash('success''Mot de passe mis à jour avec succès.');
  184.         return $this->redirectToRoute('app_login');
  185.     }
  186. }