2026-04-11 20:45:51 +02:00
|
|
|
<?php declare(strict_types=1);
|
|
|
|
|
/*
|
|
|
|
|
* This file is part of the SplendidBear Websites' projects.
|
|
|
|
|
*
|
|
|
|
|
* Copyright (c) 2026 @ www.splendidbear.org
|
|
|
|
|
*
|
|
|
|
|
* For the full copyright and license information, please view the LICENSE
|
|
|
|
|
* file that was distributed with this source code.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
namespace App\Controller;
|
|
|
|
|
|
|
|
|
|
use App\Entity\User;
|
2026-04-12 08:49:47 +02:00
|
|
|
use App\Form\ForgotPasswordFormType;
|
|
|
|
|
use App\Form\RegistrationFormType;
|
|
|
|
|
use App\Form\ResetPasswordFormType;
|
2026-04-12 08:10:36 +02:00
|
|
|
use App\Repository\UserRepository;
|
|
|
|
|
use DateTime;
|
2026-04-11 20:45:51 +02:00
|
|
|
use Doctrine\ORM\EntityManagerInterface;
|
2026-04-18 08:49:10 +02:00
|
|
|
use LogicException;
|
2026-04-11 20:45:51 +02:00
|
|
|
use Symfony\Bridge\Twig\Mime\TemplatedEmail;
|
|
|
|
|
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
2026-04-15 20:19:29 +02:00
|
|
|
use Symfony\Component\DependencyInjection\Attribute\Autowire;
|
2026-04-11 20:45:51 +02:00
|
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
|
|
|
use Symfony\Component\HttpFoundation\Response;
|
2026-04-12 08:01:46 +02:00
|
|
|
use Symfony\Component\HttpKernel\Attribute\AsController;
|
2026-04-11 20:45:51 +02:00
|
|
|
use Symfony\Component\Mailer\MailerInterface;
|
|
|
|
|
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
|
|
|
|
|
use Symfony\Component\Routing\Attribute\Route;
|
|
|
|
|
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
|
|
|
|
|
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Class SecurityController
|
|
|
|
|
*
|
|
|
|
|
* @package App\Controller
|
|
|
|
|
* @author Lang <https://www.splendidbear.org>
|
|
|
|
|
* @category Class
|
|
|
|
|
* @license https://www.gnu.org/licenses/lgpl-3.0.en.html GNU Lesser General Public License
|
|
|
|
|
* @link www.splendidbear.org
|
|
|
|
|
* @since 2026. 04. 11.
|
|
|
|
|
*/
|
2026-04-12 08:01:46 +02:00
|
|
|
#[AsController]
|
2026-04-11 20:45:51 +02:00
|
|
|
class SecurityController extends AbstractController
|
|
|
|
|
{
|
2026-04-15 20:19:29 +02:00
|
|
|
public function __construct(
|
|
|
|
|
#[Autowire(env: 'APP_CONTACT_MAIL_ADDRESS')]
|
|
|
|
|
private readonly string $appContactMailAddress,
|
|
|
|
|
) {
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-11 20:45:51 +02:00
|
|
|
#[Route('/login', name: 'MineSeekerBundle_login')]
|
|
|
|
|
public function login(AuthenticationUtils $authenticationUtils): Response
|
|
|
|
|
{
|
|
|
|
|
if ($this->getUser()) {
|
|
|
|
|
return $this->redirectToRoute('MineSeekerBundle_homepage');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $this->render('Security/login.html.twig', [
|
|
|
|
|
'last_username' => $authenticationUtils->getLastUsername(),
|
|
|
|
|
'error' => $authenticationUtils->getLastAuthenticationError(),
|
|
|
|
|
]);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[Route('/logout', name: 'MineSeekerBundle_logout', methods: ['POST'])]
|
2026-04-12 17:55:57 +02:00
|
|
|
public function logout(): never
|
2026-04-11 20:45:51 +02:00
|
|
|
{
|
2026-04-18 08:49:10 +02:00
|
|
|
throw new LogicException('This action is intercepted by the security firewall.');
|
2026-04-11 20:45:51 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[Route('/register', name: 'MineSeekerBundle_register')]
|
|
|
|
|
public function register(
|
2026-04-12 17:55:57 +02:00
|
|
|
Request $request,
|
2026-04-11 20:45:51 +02:00
|
|
|
UserPasswordHasherInterface $hasher,
|
2026-04-12 17:55:57 +02:00
|
|
|
EntityManagerInterface $em,
|
|
|
|
|
MailerInterface $mailer,
|
2026-04-11 20:45:51 +02:00
|
|
|
): Response {
|
|
|
|
|
if ($this->getUser()) {
|
|
|
|
|
return $this->redirectToRoute('MineSeekerBundle_homepage');
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-12 08:49:47 +02:00
|
|
|
$user = new User();
|
|
|
|
|
$form = $this->createForm(RegistrationFormType::class, $user);
|
|
|
|
|
$form->handleRequest($request);
|
|
|
|
|
|
|
|
|
|
if ($form->isSubmitted() && $form->isValid()) {
|
|
|
|
|
$token = bin2hex(random_bytes(32));
|
|
|
|
|
|
|
|
|
|
$user
|
|
|
|
|
->setIsVerified(false)
|
|
|
|
|
->setVerificationToken($token)
|
|
|
|
|
->setPassword($hasher->hashPassword($user, $form->get('plainPassword')->getData()));
|
|
|
|
|
|
|
|
|
|
$em->persist($user);
|
|
|
|
|
$em->flush();
|
|
|
|
|
|
|
|
|
|
$activationUrl = $this->generateUrl(
|
|
|
|
|
'MineSeekerBundle_activate',
|
|
|
|
|
['token' => $token],
|
|
|
|
|
UrlGeneratorInterface::ABSOLUTE_URL,
|
|
|
|
|
);
|
|
|
|
|
|
2026-04-15 20:19:29 +02:00
|
|
|
/** Ensure HTTPS scheme in production */
|
2026-04-15 20:13:38 +02:00
|
|
|
if ($this->getParameter('kernel.environment') === 'prod') {
|
|
|
|
|
$activationUrl = str_replace('http://', 'https://', $activationUrl);
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-12 08:49:47 +02:00
|
|
|
$mailer->send(
|
|
|
|
|
new TemplatedEmail()
|
2026-04-14 16:38:55 +02:00
|
|
|
->from('noreply@mineseeker.hu')
|
2026-04-12 08:49:47 +02:00
|
|
|
->to($user->getEmail())
|
|
|
|
|
->subject('Activate your MineSeeker account')
|
|
|
|
|
->htmlTemplate('emails/activation.html.twig')
|
|
|
|
|
->context([
|
|
|
|
|
'username' => $user->getUsername(),
|
|
|
|
|
'activation_url' => $activationUrl,
|
|
|
|
|
])
|
|
|
|
|
);
|
|
|
|
|
|
2026-04-15 20:19:29 +02:00
|
|
|
/** Send admin notification about new user registration */
|
|
|
|
|
$mailer->send(
|
|
|
|
|
new TemplatedEmail()
|
|
|
|
|
->from('noreply@mineseeker.hu')
|
|
|
|
|
->to($this->appContactMailAddress)
|
|
|
|
|
->subject('🎉 New User Registration: ' . $user->getUsername())
|
|
|
|
|
->htmlTemplate('emails/user_registration_notification.html.twig')
|
|
|
|
|
->context([
|
|
|
|
|
'user' => $user,
|
|
|
|
|
'registeredAt' => new DateTime(),
|
|
|
|
|
])
|
|
|
|
|
);
|
|
|
|
|
|
2026-04-12 08:49:47 +02:00
|
|
|
$this->addFlash('verify_email', $user->getEmail());
|
|
|
|
|
|
|
|
|
|
return $this->redirectToRoute('MineSeekerBundle_register');
|
2026-04-11 20:45:51 +02:00
|
|
|
}
|
|
|
|
|
|
2026-04-12 08:49:47 +02:00
|
|
|
return $this->render('Security/register.html.twig', ['form' => $form]);
|
2026-04-11 20:45:51 +02:00
|
|
|
}
|
|
|
|
|
|
2026-04-12 08:10:36 +02:00
|
|
|
#[Route('/forgot-password', name: 'MineSeekerBundle_forgot_password')]
|
|
|
|
|
public function forgotPassword(
|
2026-04-12 17:55:57 +02:00
|
|
|
Request $request,
|
|
|
|
|
UserRepository $userRepository,
|
2026-04-12 08:10:36 +02:00
|
|
|
EntityManagerInterface $em,
|
2026-04-12 17:55:57 +02:00
|
|
|
MailerInterface $mailer,
|
2026-04-12 08:10:36 +02:00
|
|
|
): Response {
|
|
|
|
|
if ($this->getUser()) {
|
|
|
|
|
return $this->redirectToRoute('MineSeekerBundle_homepage');
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-12 08:49:47 +02:00
|
|
|
$form = $this->createForm(ForgotPasswordFormType::class);
|
|
|
|
|
$form->handleRequest($request);
|
|
|
|
|
|
|
|
|
|
if ($form->isSubmitted() && $form->isValid()) {
|
|
|
|
|
$email = $form->get('email')->getData();
|
2026-04-12 17:55:57 +02:00
|
|
|
$user = $userRepository->findOneByEmail($email);
|
2026-04-12 08:10:36 +02:00
|
|
|
|
|
|
|
|
if ($user && $user->isVerified()) {
|
|
|
|
|
$token = bin2hex(random_bytes(32));
|
|
|
|
|
$user
|
|
|
|
|
->setResetToken($token)
|
|
|
|
|
->setResetTokenExpiresAt(new DateTime('+1 hour'));
|
|
|
|
|
$em->flush();
|
|
|
|
|
|
|
|
|
|
$resetUrl = $this->generateUrl(
|
|
|
|
|
'MineSeekerBundle_reset_password',
|
|
|
|
|
['token' => $token],
|
|
|
|
|
UrlGeneratorInterface::ABSOLUTE_URL,
|
|
|
|
|
);
|
|
|
|
|
|
2026-04-15 20:19:29 +02:00
|
|
|
/** Ensure HTTPS scheme in production */
|
2026-04-15 20:13:38 +02:00
|
|
|
if ($this->getParameter('kernel.environment') === 'prod') {
|
|
|
|
|
$resetUrl = str_replace('http://', 'https://', $resetUrl);
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-12 08:10:36 +02:00
|
|
|
$mailer->send(
|
|
|
|
|
new TemplatedEmail()
|
2026-04-14 16:38:55 +02:00
|
|
|
->from('noreply@mineseeker.hu')
|
2026-04-12 08:10:36 +02:00
|
|
|
->to($email)
|
|
|
|
|
->subject('Reset your MineSeeker password')
|
|
|
|
|
->htmlTemplate('emails/reset_password.html.twig')
|
|
|
|
|
->context([
|
|
|
|
|
'username' => $user->getUsername(),
|
|
|
|
|
'reset_url' => $resetUrl,
|
|
|
|
|
])
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Always show the same flash to prevent email enumeration
|
|
|
|
|
$this->addFlash('reset_sent', $email);
|
|
|
|
|
|
|
|
|
|
return $this->redirectToRoute('MineSeekerBundle_forgot_password');
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-12 08:49:47 +02:00
|
|
|
return $this->render('Security/forgot_password.html.twig', ['form' => $form]);
|
2026-04-12 08:10:36 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[Route('/reset-password/{token}', name: 'MineSeekerBundle_reset_password')]
|
|
|
|
|
public function resetPassword(
|
2026-04-12 17:55:57 +02:00
|
|
|
string $token,
|
|
|
|
|
Request $request,
|
|
|
|
|
UserRepository $userRepository,
|
|
|
|
|
EntityManagerInterface $em,
|
2026-04-12 08:10:36 +02:00
|
|
|
UserPasswordHasherInterface $hasher,
|
|
|
|
|
): Response {
|
|
|
|
|
$user = $userRepository->findOneByResetToken($token);
|
|
|
|
|
|
|
|
|
|
if (!$user || $user->getResetTokenExpiresAt() < new DateTime()) {
|
|
|
|
|
$this->addFlash('error', 'This password reset link is invalid or has expired.');
|
|
|
|
|
return $this->redirectToRoute('MineSeekerBundle_forgot_password');
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-12 08:49:47 +02:00
|
|
|
$form = $this->createForm(ResetPasswordFormType::class);
|
|
|
|
|
$form->handleRequest($request);
|
2026-04-12 08:10:36 +02:00
|
|
|
|
2026-04-12 08:49:47 +02:00
|
|
|
if ($form->isSubmitted() && $form->isValid()) {
|
|
|
|
|
$user
|
|
|
|
|
->setPassword($hasher->hashPassword($user, $form->get('plainPassword')->getData()))
|
|
|
|
|
->setResetToken(null)
|
|
|
|
|
->setResetTokenExpiresAt(null);
|
|
|
|
|
$em->flush();
|
2026-04-12 08:10:36 +02:00
|
|
|
|
2026-04-12 08:49:47 +02:00
|
|
|
$this->addFlash('success', 'Your password has been reset. You can now sign in.');
|
2026-04-12 08:10:36 +02:00
|
|
|
|
2026-04-12 08:49:47 +02:00
|
|
|
return $this->redirectToRoute('MineSeekerBundle_login');
|
2026-04-12 08:10:36 +02:00
|
|
|
}
|
|
|
|
|
|
2026-04-12 08:49:47 +02:00
|
|
|
return $this->render('Security/reset_password.html.twig', ['form' => $form]);
|
2026-04-12 08:10:36 +02:00
|
|
|
}
|
|
|
|
|
|
2026-04-11 20:45:51 +02:00
|
|
|
#[Route('/activate/{token}', name: 'MineSeekerBundle_activate')]
|
2026-04-15 20:23:41 +02:00
|
|
|
public function activate(string $token, EntityManagerInterface $em, MailerInterface $mailer): Response
|
2026-04-11 20:45:51 +02:00
|
|
|
{
|
|
|
|
|
$user = $em->getRepository(User::class)->findOneBy(['verificationToken' => $token]);
|
|
|
|
|
|
|
|
|
|
if (!$user) {
|
|
|
|
|
$this->addFlash('error', 'This activation link is invalid or has already been used.');
|
|
|
|
|
return $this->redirectToRoute('MineSeekerBundle_login');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$user->setIsVerified(true)->setVerificationToken(null);
|
|
|
|
|
$em->flush();
|
|
|
|
|
|
2026-04-15 20:23:41 +02:00
|
|
|
/** Send admin notification about account activation */
|
|
|
|
|
$mailer->send(
|
|
|
|
|
new TemplatedEmail()
|
|
|
|
|
->from('noreply@mineseeker.hu')
|
|
|
|
|
->to($this->appContactMailAddress)
|
|
|
|
|
->subject('✅ User Account Activated: ' . $user->getUsername())
|
|
|
|
|
->htmlTemplate('emails/user_activation_notification.html.twig')
|
|
|
|
|
->context([
|
|
|
|
|
'user' => $user,
|
|
|
|
|
'activatedAt' => new DateTime(),
|
|
|
|
|
])
|
|
|
|
|
);
|
|
|
|
|
|
2026-04-11 20:45:51 +02:00
|
|
|
$this->addFlash('success', 'Your account is now active. Welcome, ' . $user->getUsername() . '!');
|
|
|
|
|
|
|
|
|
|
return $this->redirectToRoute('MineSeekerBundle_login');
|
|
|
|
|
}
|
2026-04-12 08:01:46 +02:00
|
|
|
}
|
