Skip to content

Instantly share code, notes, and snippets.

@baptistedonaux

baptistedonaux/SecurityController.php

Last active August 29, 2015 14:05
Show Gist options
  • Save baptistedonaux/4d16d5cfad336081c0f2 to your computer and use it in GitHub Desktop.
Save baptistedonaux/4d16d5cfad336081c0f2 to your computer and use it in GitHub Desktop.
Download ZIP
SecurityController for Symfony2 Framework
Raw
SecurityController.php
<?php
use JMS\SecurityExtraBundle\Annotation\Secure;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\SecurityContext;
class SecurityController extends Controller
{
/**
* @Method({"GET"})
* @Route("/login", name="login")
* @Template()
*/
public function login(Request $request)
{
$request = $this->getRequest();
$session = $request->getSession();
if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
$error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
} else {
$error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
$session->remove(SecurityContext::AUTHENTICATION_ERROR);
}
$params = array(
"last_username" => $session->get(SecurityContext::LAST_USERNAME),
"error" => $error,
"message" => $request->get("message"),
);
if ($request->isXmlHttpRequest()) {
return $this->render("GCDirectoryMainBundle:Security:login-ajax.html.twig", $params);
}
return $params;
}
/**
* @Method({"POST"})
* @Route("/login_check", name="login_check")
*/
public function check()
{
throw new \RuntimeException('You must configure the check path to be handled by the firewall using form_login in your security firewall configuration.');
}
/**
* @Method({"GET"})
* @Route("/logout", name="logout")
*/
public function logout()
{
throw new \RuntimeException('You must activate the logout in your security firewall configuration.');
}
/**
* @Method({"GET"})
* @Route("/reset", name="reset")
* @Secure(roles="IS_AUTHENTICATED_ANONYMOUSLY")
* @Template()
*/
public function reset() {
return array();
}
/**
* @Method({"POST"})
* @Route("/reset")
* @Secure(roles="IS_AUTHENTICATED_ANONYMOUSLY")
*/
public function resetNow(Request $request)
{
$params = $request->request->all();
if (!array_key_exists("login", $params)) {
throw new \Exception("No login given");
}
$login = &$params["login"];
$em = $this->container->get("doctrine.orm.default_entity_manager");
$user = $em->getRepository("NamespaceMyBundle:User")->findOneBy(array("login" => $login));
if ($user == null) {
return $this->redirect($this->generateUrl("login", array()));
}
$password = "myRandowPassword";
$user->setPassword($this->container->get("security.encoder_factory")->getEncoder($user)->encodePassword($password, $user->getSalt()));
$em->persist($user);
$em->flush();
return $this->redirect($this->generateUrl("login", array()));
}
/**
* @Method({"GET"})
* @Route("/change", name="change-password")
* @Secure(roles="IS_AUTHENTICATED_FULLY")
* @Template()
*/
public function change() {
return array();
}
/**
* @Method({"POST"})
* @Route("/change")
* @Secure(roles="IS_AUTHENTICATED_FULLY")
* @Template()
*/
public function changeNow(Request $request)
{
$params = $request->request->all();
if (!array_key_exists("current", $params)
|| !array_key_exists("new", $params)
|| !array_key_exists("new2", $params))
{
return array("error" => "Please fill all fields");
}
$em = $this->container->get("doctrine.orm.default_entity_manager");
$user = $this->getUser();
$user_encoders = $this->container->get("security.encoder_factory")->getEncoder($user);
$user_repository = $em->getRepository("NamespaceMyBundle:User");
$current_password_encoded = $user_encoders->encodePassword($params["current"], $user->getSalt());
$new_password_encoded = $user_encoders->encodePassword($params["new"], $user->getSalt());
if ($user_repository->findOneBy(array("password" => $current_password_encoded)) == null) {
return array("error" => "The current password is wrong");
} elseif ($params["new"] != $params["new2"]) {
return array("error" => "The two fields password aren't the same");
}
$user->setPassword($new_password_encoded);
$em->persist($user);
$em->flush();
return $this->redirect($this->generateUrl("logout", array()));
}
/**
* @Method({"GET"})
* @Route("/register", name="register")
* @Secure(roles="IS_AUTHENTICATED_ANONYMOUSLY")
* @Template()
*/
public function register()
{
$form = $this->createForm(new UserType(UserType::REGISTER), new User());
return array(
"form" => $form->createView(),
);
}
/**
* @Method({"POST"})
* @Route("/register")
* @Secure(roles="IS_AUTHENTICATED_ANONYMOUSLY")
* @Template()
*/
public function registerNow(Request $request)
{
$params = $request->request->all()["name_of_my_form"];
$form = $this->createForm(new UserType(UserType::REGISTER), new User());
$form->submit($request);
if (array_key_exists("plain_password", $params) && array_key_exists("plain_password2", $params) && $params["plain_password"] == $params["plain_password2"]) {
if ($form->isValid()) {
$data = $form->getData();
$data->setPassword($this->container->get("security.encoder_factory")->getEncoder($data)->encodePassword($params["plain_password"], $data->getSalt()));
$em->persist($data);
$em->flush();
return $this->redirect($this->generateUrl("login", array("message" => "You have received an email to validate your account.")));
}
}
return array(
"errors" => $params["plain_password"] == $params["plain_password2"] ? $form->getErrors() : array("The two password must be the sames"),
"form" => $form->createView(),
);
}
/**
* @Method({"GET"})
* @Route("/activate", name="activate")
* @Secure(roles="IS_AUTHENTICATED_ANONYMOUSLY")
* @Template()
*/
public function activate(Request $request) {
$params = array();
$token = $request->query->get("token");
$em = $this->container->get("doctrine.orm.default_entity_manager");
$user = $em->getRepository("NamespaceMyBundle:User")->findOneBy(array("token" => $token));
if ($user != null) {
$user->setActive(User::ACTIVE_ACTIVE);
$em->persist($user);
$em->flush();
$params["activate"] = true;
} else {
$params["activate"] = false;
}
return $params;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment