src/Controller/SecurityController.php line 123

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace App\Controller;
  7. use App\Entity\Account;
  8. use App\Entity\AccountOrganization;
  9. use App\Entity\AccountPro;
  10. use App\Entity\UserInterface;
  11. use App\Form\AccountOrganizationRegistrationProfilType;
  12. use App\Form\AccountProRegistrationProfilType;
  13. use App\Form\AccountProRegistrationType;
  14. use App\Form\AccountRegistrationProfilType;
  15. use App\Form\AccountRegistrationType;
  16. use App\Form\ResetPasswordRequestFormType;
  17. use App\Kernel;
  18. use App\Repository\AccountOrganizationRepository;
  19. use App\Repository\AccountProRepository;
  20. use App\Repository\AccountRepository;
  21. use App\Repository\OrganizationRepository;
  22. use App\Repository\PermissionRepository;
  23. use App\Repository\PraticienRepository;
  24. use App\Service\AccountOrganizationService;
  25. use App\Service\AccountProService;
  26. use App\Service\AccountService;
  27. use App\Service\AclService;
  28. use App\Service\Mail\AccountOrganizationPasswordMailer;
  29. use App\Service\Mail\AccountPasswordMailer;
  30. use App\Service\Mail\AccountProPasswordMailer;
  31. use App\Service\Mail\AccountProRegistrationMailer;
  32. use App\Service\Mail\AccountRegistrationMailer;
  33. use App\Service\Security;
  34. use App\Service\TelNumberService;
  35. use Doctrine\DBAL\Exception\UniqueConstraintViolationException;
  36. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  37. use Symfony\Component\Form\FormError;
  38. use Symfony\Component\HttpFoundation\RedirectResponse;
  39. use Symfony\Component\HttpFoundation\Request;
  40. use Symfony\Component\HttpFoundation\Response;
  41. use Symfony\Component\Routing\Annotation\Route;
  43. class SecurityController extends AbstractController
  44. {
  45.     #[Route('/deconnexion'name'account_logout')]
  46.     public function accountLogout(Security $security): RedirectResponse
  47.     {
  48.         $security->logout();
  50.         return $this->redirectToRoute('home');
  51.     }
  53.     #[Route('/app/connexion'name'account_login')]
  54.     public function accountLogin(Security $securityRequest $requestAccountService $accountService): Response
  55.     {
  56.         return $this->redirectToRoute("home");
  57.     }
  59.     #[Route('/pro/connexion'name'accountpro_login')]
  60.     public function accountProLogin(Security $securityRequest $requestAccountProService $accountProService): Response
  61.     {
  62.         // Redirige l'utilisateur déjà connecté
  63.         if ($security->getUser() instanceof AccountPro) {
  64.             return $this->redirectToRoute('pro_home');
  65.         }
  67.         // Traite le formulaire de connexion
  68.         if ($request->isMethod('POST') && $this->isCsrfTokenValid('authenticate'$request->request->get('csrf'))) {
  69.             // On récupère le compte qui s'authentifie
  70.             $account $accountProService->getByLogin(
  71.                 $request->request->get('email'),
  72.                 $request->request->get('password'),
  73.             );
  75.             // Si un compte est valide et non supprimé, on le monte en session
  76.             if ($account instanceof AccountPro && !$account->isDeleted()) {
  77.                 $security->login($account,$request);
  78.                 return $this->redirectToRoute('pro_home');
  79.             }
  81.             // Gestion d'un message d'erreur
  82.             $this->addFlash('warning''Ces identifiants ne permettent pas de retrouver votre compte');
  83.         }
  85.         // Affiche le formulaire de connexion
  86.         return $this->render('security/accountpro_login.html.twig');
  87.     }
  89.     #[Route('/gestion/connexion'name 'manager_login')]
  90.     public function managerLogin(
  91.         Security $security,
  92.         Request $request,
  93.         AccountOrganizationService $accountOrganizationService
  94.     ):Response {
  95.         // Redirige l'utilisateur déjà connecté
  96.         if ($security->getUser() instanceof AccountOrganization) {
  97.             return $this->redirectToRoute('manager_home');
  98.         }
  100.         // Traite le formulaire de connexion
  101.         if ($request->isMethod('POST') && $this->isCsrfTokenValid('authenticate'$request->request->get('csrf'))) {
  102.             // On récupère le compte qui s'authentifie
  103.             $account $accountOrganizationService->getByLogin(
  104.                 $request->request->get('email'),
  105.                 $request->request->get('password'),
  106.             );
  108.             // Si un compte est valide et non supprimé, on le monte en session
  109.             if ($account instanceof AccountOrganization) {
  110.                 $security->login($account$request);
  111.                 return $this->redirectToRoute('manager_home');
  112.             }
  114.             // Gestion d'un message d'erreur
  115.             $this->addFlash('warning''Ces identifiants ne permettent pas de retrouver votre compte');
  116.         }
  118.         // Affiche le formulaire de connexion
  119.         return $this->render('security/manager_login.html.twig');
  120.     }
  122.     #[Route('/pro/inscription'name 'accountpro_registration')]
  123.     public function index(
  124.         Request $request,
  125.         AccountProService $accountProService,
  126.         AccountProRegistrationMailer $accountProRegistrationMailer,
  127.         PraticienRepository $praticienRepository,
  128.         Security $security
  129.     ):Response {
  131.         if ($security->getUser()) {
  132.             return $this->redirectToRoute('pro_home');
  133.         }
  135.         // Créé et peuple le formulaire
  136.         $form $this
  137.             ->createForm(AccountProRegistrationType::class)
  138.             ->handleRequest($request);
  140.         // Traite le formulaire
  141.         if ($form->isSubmitted() && $form->isValid()) {
  142.             $data $form->getData();
  144.             $praticien $praticienRepository->findOneBy([
  145.                 'idPP'      => $data['rpps'],
  146.                 'isDeleted' => 0,
  147.             ]);
  149.             if ($praticien) {
  150.                 $accountPro = new AccountPro();
  151.                 $accountPro
  152.                     ->setFirstname($data['firstname'])
  153.                     ->setLastname($data['lastname'])
  154.                     ->setEmail($data['email'])
  155.                     ->setProfession($data['profession'])
  156.                     ->setMobile($data['mobile'])
  157.                     ->setRpps($data['rpps'])
  158.                     ->setIsDeleted(false);
  160.                 // Enregistre le compte en base de données
  161.                 try {
  162.                     $accountProService->register($accountPro);
  164.                     // Envoie du mail de confirmation d'inscription
  165.                     $accountProRegistrationMailer->send($accountPro);
  167.                     return $this->render('registration/accountpro/index_confirmation.html.twig', [
  168.                         'account' => $accountPro,
  169.                     ]);
  170.                 } catch (UniqueConstraintViolationException $e) {
  171.                     // Todo : Gérer avec @UniqueEntity plutôt qu'avec l'exception
  172.                     $form->get('email')->addError(new FormError('Ce compte existe déjà'));
  173.                 }
  174.             } else {
  175.                 $form->get('rpps')->addError(new FormError('Ce numéro n\'est pas autorisé, vérifiez votre carte ou contactez-nous.'));
  176.             }
  177.         }
  179.         return $this->render('registration/accountpro/index.html.twig', [
  180.             'form' => $form->createView(),
  181.         ]);
  182.     }
  184.     #[Route('/pro/activation/{token}'name'accountpro_registration_profil')]
  185.     public function proProfil(
  186.         $token,
  187.         Request $request,
  188.         AccountProService $accountProService,
  189.         Security $security
  190.     ): Response {
  192.         if ($security->getUser()) {
  193.             return $this->redirectToRoute('pro_home');
  194.         }
  196.         $accountPro $accountProService->getByActivationToken($token);
  198.         if (!$accountPro instanceof AccountPro) {
  199.             $this->addFlash('error', [
  200.                 "Le lien d'activation n'est plus valide.",
  201.                 "Indiquez votre adresse email pour récupérer un nouveau lien."
  202.             ]);
  203.             return $this->redirectToRoute('pro_forgot_password_request');
  204.         }
  206.         $form $this
  207.             ->createForm(AccountProRegistrationProfilType::class, $accountPro)
  208.             ->handleRequest($request);
  210.         if ($form->isSubmitted() && $form->isValid()) {
  211.             $accountProService->activate($accountPro);
  212.             $security->login($accountPro$request);
  214.             return $this->redirectToRoute('pro_home');
  215.         }
  217.         return $this->render('registration/accountpro/profil.html.twig', [
  218.             'form'    => $form->createView(),
  219.             'account' => $accountPro,
  220.         ]);
  221.     }
  223.     #[Route('/app/inscription/{urlCode}'name 'account_registration')]
  224.     public function appInscription(
  225.         Request $request,
  226.         AccountService $accountService,
  227.         AccountRegistrationMailer $accountRegistrationMailer,
  228.         Security $security,
  229.         OrganizationRepository $organizationRepository,
  230.         Kernel $kernel,
  231.         ?string $urlCode null,
  232.         PermissionRepository $permissionRepository
  233.     ):Response {
  234.         if ($security->getUser()) {
  235.             return $this->redirectToRoute('app');
  236.         }
  238.         // Récupère le code dans l'url puis l'organisme correspondant s'il existe
  239.         $organization $organizationRepository->findOneBy(['registrationCode' => $urlCode]);
  241.         // S'il y a un code dans l'url et que le code n'est pas un code d'activation valide, la page est redirigée
  242.         if ($urlCode && !$organization) {
  243.             return $this->redirectToRoute('account_registration', ['urlCode' => null]);
  244.         }
  246.         // Créé et peuple le formulaire
  247.         $form $this
  248.             ->createForm(AccountRegistrationType::class, null, ["activationCode" => $urlCode])
  249.             ->handleRequest($request);
  251.         // Traite le formulaire s'il est soumis et valide
  252.         if ($form->isSubmitted() && $form->isValid()) {
  253.             /** @var Account $account */
  254.             $data $form->getData();
  256.             // Récupère le code d'activation correspondant au code saisie dans le formulaire
  257.             $code $form->get('activationCode')->getData();
  258.             $organization $organizationRepository->findOneBy(['registrationCode' => $code]);
  260.             if ($organization?->isEnabledRegistration()) {
  261.                 $account = new Account();
  262.                 $account->setFirstname($data['firstname'])
  263.                         ->setName($data['name'])
  264.                         ->setEmail($data['email'])
  265.                         ->setOrganization($organization)
  266.                         ->setEnable(true)
  267.                 ;
  269.                 // En dev ou beta, les comptes créés sont des comptes de demo
  270.                 if ($kernel->getEnvironment() !== 'prod') {
  271.                     $account->addRole('ROLE_DEMO');
  272.                 }
  273.             } else {
  274.                 //Si le code d'activation n'existe pas ou est désactivé, la création du compte n'est pas possible
  275.                 $this->addFlash('warning', [
  276.                     'Code d\'activation invalide',
  277.                     'Le code d\'activation est fourni par votre entreprise ou votre association.',
  278.                 ]);
  280.                 return $this->render('registration/account/index.html.twig', [
  281.                     'form' => $form->createView(),
  282.                 ]);
  283.             }
  285.             try {
  286.                 // Assigne les permissions à l'utilisateur en fonction de ses roles
  287.                 $aclService = new AclService($security);
  288.                 $permissionNames = [];
  289.                 $rolePermissionMap $aclService->getRolePermissionMap();
  290.                 foreach ($account->getRoles() as $role) {
  291.                     if (isset($rolePermissionMap[$role])) {
  292.                         $permissionNames += $rolePermissionMap[$role];
  293.                     }
  294.                 }
  295.                 $permissions $permissionRepository->findBy(['name' => $permissionNames]);
  296.                 $account->setPermissions($permissions);
  298.                 // Enregistre le compte en base de données
  299.                 $accountService->register($account);
  301.                 // Envoie du mail de confirmation d'inscription
  302.                 $accountRegistrationMailer->send($account);
  304.                 return $this->render('registration/account/index_confirmation.html.twig', [
  305.                     'account' => $account,
  306.                 ]);
  307.             } catch (UniqueConstraintViolationException $e) {
  308.                 // Todo : Gérer avec @UniqueEntity plutôt qu'avec l'exception
  309.                 $form->get('email')->addError(new FormError('Ce compte existe déjà'));
  310.             }
  311.         }
  313.         return $this->render('registration/account/index.html.twig', [
  314.             'form' => $form->createView(),
  315.         ]);
  316.     }
  318.     #[Route('/app/activation/{token}'name'account_registration_profil')]
  319.     public function appProfil(
  320.         $token,
  321.         Request $request,
  322.         AccountService $accountService,
  323.         Security $security,
  324.         TelNumberService $telNumberService
  325.     ): Response {
  327.         if ($security->getUser()) {
  328.             return $this->redirectToRoute('app');
  329.         }
  331.         $account $accountService->getByActivationToken($token);
  333.         if (!$account instanceof Account) {
  334.             $this->addFlash('error', [
  335.                 "Le lien d'activation n'est plus valide.",
  336.                 "Indiquez votre adresse email pour récupérer un nouveau lien."
  337.             ]);
  338.             return $this->redirectToRoute('app_forgot_password_request');
  339.         }
  341.         $form $this
  342.             ->createForm(AccountRegistrationProfilType::class, $account)
  343.             ->handleRequest($request);
  345.         if ($form->isSubmitted() && $form->isValid()) {
  347.             $formattedTelNumber $telNumberService->validateAndFormatPhone($account->getTelNumber());
  348.             $account->setTelNumber($formattedTelNumber);
  349.             
  350.             $accountService->activate($account);
  351.             $security->login($account$request);
  353.             return $this->redirectToRoute('app');
  354.         }
  356.         return $this->render('registration/account/profil.html.twig', [
  357.             'form'    => $form->createView(),
  358.             'account' => $account,
  359.         ]);
  360.     }
  362.     #[Route('/gestion/activation/{token}'name 'account_organization_registration_profil')]
  363.     public function managerProfil(
  364.         $token,
  365.         Request $request,
  366.         AccountOrganizationService $accountOrganizationService,
  367.         Security $security
  368.     ):Response {
  369.         if ($security->getOrganization()) {
  370.             return $this->redirectToRoute('manager_home');
  371.         }
  373.         $account $accountOrganizationService->getByActivationToken($token);
  375.         if (!$account instanceof AccountOrganization) {
  376.             $this->addFlash('error', [
  377.                 "Le lien d'activation n'est plus valide.",
  378.                 'Indiquez votre adresse email pour récupérer un nouveau lien.',
  379.             ]);
  380.             return $this->redirectToRoute('manager_forgot_password_request');
  381.         }
  383.         $form $this
  384.             ->createForm(AccountOrganizationRegistrationProfilType::class, $account)
  385.             ->handleRequest($request);
  387.         if ($form->isSubmitted() && $form->isValid()) {
  388.             $accountOrganizationService->activate($account);
  389.             $security->login($account$request);
  390.             return $this->redirectToRoute('manager_home');
  391.         }
  393.         return $this->render('registration/manager/profil.html.twig', [
  394.             'form'    => $form->createView(),
  395.             'account' => $account,
  396.         ]);
  397.     }
  399.     #[Route('/app/mot-de-passe'name 'app_forgot_password_request')]
  400.     public function password(
  401.         Request $request,
  402.         Security $security,
  403.         AccountService $accountService,
  404.         AccountRepository $accountRepository,
  405.         AccountProRepository $accountProRepository,
  406.         AccountPasswordMailer $accountPasswordMailer
  407.     ):Response {
  409.         if ($security->getUser() instanceof Account) {
  410.             return $this->redirectToRoute('app');
  411.         }
  413.         $form $this->createForm(ResetPasswordRequestFormType::class);
  414.         $form->handleRequest($request);
  416.         if ($form->isSubmitted() && $form->isValid()) {
  417.             $user $accountRepository->findOneBy([
  418.                 'email' => $form->get('email')->getData(),
  419.             ]);
  421.             if ($user === null) {
  422.                 $user $accountProRepository->findOneBy([
  423.                     'email' => $form->get('email')->getData(),
  424.                 ]);
  425.             }
  427.             if ($user instanceof UserInterface) {
  428.                 $token $accountService->tokenRequest($user);
  429.                 $accountPasswordMailer->send($user$token);
  430.             }
  432.             return $this->render('reset_password/check_email.html.twig');
  433.         }
  435.         return $this->render('reset_password/request.html.twig', [
  436.             'requestForm' => $form->createView(),
  437.         ]);
  438.     }
  440.     #[Route('/pro/mot-de-passe'name'pro_forgot_password_request')]
  441.     public function proPassword(
  442.         Request $request,
  443.         Security $security,
  444.         AccountProService $accountProService,
  445.         AccountRepository $accountRepository,
  446.         AccountProRepository $accountProRepository,
  447.         AccountProPasswordMailer $accountProPasswordMailer
  448.     ): Response {
  450.         if ($security->getUser() instanceof AccountPro) {
  451.             return $this->redirectToRoute('app');
  452.         }
  454.         $form $this->createForm(ResetPasswordRequestFormType::class);
  455.         $form->handleRequest($request);
  457.         if ($form->isSubmitted() && $form->isValid()) {
  458.             $user $accountProRepository->findOneBy([
  459.                 'email' => $form->get('email')->getData(),
  460.             ]);
  462.             if ($user === null) {
  463.                 $user $accountRepository->findOneBy([
  464.                     'email' => $form->get('email')->getData(),
  465.                 ]);
  466.             }
  468.             if ($user instanceof UserInterface) {
  469.                 $token $accountProService->tokenRequest($user);
  470.                 $accountProPasswordMailer->send($user$token);
  471.             }
  473.             return $this->render('reset_password/check_email.html.twig', [
  474.                 'context' => 'pro',
  475.             ]);
  476.         }
  478.         return $this->render('reset_password/request.html.twig', [
  479.             'requestForm' => $form->createView(),
  480.             'context'     => 'pro',
  481.         ]);
  482.     }
  484.     #[Route('/gestion/mot-de-passe'name 'manager_forgot_password_request')]
  485.     public function managerPassword(
  486.         Request $request,
  487.         Security $security,
  488.         AccountOrganizationRepository $accountOrganizationRepository,
  489.         AccountOrganizationService $accountOrganizationService,
  490.         AccountOrganizationPasswordMailer $accountOrganizationPasswordMailer
  491.     ):Response {
  492.         if ($security->getOrganization() instanceof AccountOrganization) {
  493.             return $this->redirectToRoute('manager_home');
  494.         }
  496.         $form $this->createForm(ResetPasswordRequestFormType::class);
  497.         $form->handleRequest($request);
  499.         if ($form->isSubmitted() && $form->isValid()) {
  500.             $user $accountOrganizationRepository->findOneBy([
  501.                 'email' => $form->get('email')->getData(),
  502.             ]);
  504.             if ($user instanceof AccountOrganization) {
  505.                 $token $accountOrganizationService->tokenRequest($user);
  506.                 $accountOrganizationPasswordMailer->send($user$token);
  507.             }
  509.             return $this->render('reset_password/check_email.html.twig', [
  510.                 'context' => 'manager',
  511.             ]);
  512.         }
  514.         return $this->render('reset_password/request.html.twig', [
  515.             'requestForm' => $form->createView(),
  516.             'context'     => 'manager',
  517.         ]);
  518.     }
  519. }