src/OEW/LoginBundle/Controller/LoginController.php line 116
<?php
namespace OEW\LoginBundle\Controller;
use Exception;
use Doctrine\Persistence\ManagerRegistry;
use Twig\Environment;
use OEW\RegistrationBundle\Entity\Logging;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
use Symfony\Contracts\Translation\TranslatorInterface;
use App\Security\User;
use App\Security\UserProvider;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Http\Authentication\UserAuthenticatorInterface;
use Symfony\Component\Security\Http\Authenticator\FormLoginAuthenticator;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
class LoginController extends AbstractController {
private UserCheckerInterface $checker;
private UserAuthenticatorInterface $userAuthenticator;
private $router;
##private FormLoginAuthenticator $formLoginAuthenticator;
/**
* @param UserCheckerInterface $checker
* @param UserAuthenticatorInterface $userAuthenticator
* @param FormLoginAuthenticator $formLoginAuthenticator
*/
public function __construct(UserCheckerInterface $checker, UserAuthenticatorInterface $userAuthenticator, UrlGeneratorInterface $router)//, FormLoginAuthenticator $formLoginAuthenticator)
{
$this->checker = $checker;
$this->userAuthenticator = $userAuthenticator;
$this->router = $router;
#$this->formLoginAuthenticator = $formLoginAuthenticator;
}
public function logg( $teilnehmerId, $veranstaltungid, $aktion, ManagerRegistry $doctrine, $beschreibung="" ) {
$em = $doctrine->getManager();
if(!$veranstaltungid) return;
$logg = new Logging();
$logg->setTeilnehmerId($teilnehmerId);
$logg->setAnTeilnehmerId($teilnehmerId);
$logg->setVeranstaltungId($veranstaltungid);
$logg->setZeitpunkt( new \DateTime(date("Y-m-d H:i:s")) );
$logg->setAktion($aktion);
$logg->setBeschreibung($beschreibung);
try { $em->persist($logg);$em->flush(); }
catch (Exception $e) {}
}
public function passworthashAction( Request $request, TranslatorInterface $translator, $mailhash, ManagerRegistry $doctrine, Environment $twig ) {
$formerrors = array();
// $session = $request->getSession();
$passok = false;
$em = $doctrine->getManager();
$hash = strip_tags($mailhash);
$teilnehmer = $doctrine->getRepository('OEW\RegistrationBundle\Entity\Teilnehmer')->findOneByKontrolleHash($hash);
if ( !$teilnehmer ) return $this->redirect( $this->generateUrl('login') );
$teilnahme = $doctrine->getRepository('OEW\RegistrationBundle\Entity\Teilnahme')->findOneByTeilnehmerId($teilnehmer->getId());
$veranstaltungid = null;
if ($teilnahme) $veranstaltungid = $teilnahme->getVeranstaltungId();
$passwort = strip_tags(trim($request->get('f_passwort')));
$passwort2 = strip_tags(trim($request->get('f_passwort2')));
$error = array();
$errorfields = array();
if ($request->isMethod('POST') && $passwort) {
if ( $passwort != $passwort2 ) {
$error['type'] = "";
$error['text'] = $translator->trans('Fehler.Passwoerter');
$formerrors[] = $error;
$errorfields[] = "f_passwort";
$errorfields[] = "f_passwort2";
$registration['login']['passwort2'] = "";
}
if ( strlen($passwort)<6 ) {
$error['type'] = "";
$error['text'] = $translator->trans('Fehler.Passwort');
$formerrors[] = $error;
$errorfields[] = "f_passwort";
$errorfields[] = "f_passwort2";
}
if ( !$formerrors ) {
$teilnehmer->setPasswort( md5($passwort) );
$teilnehmer->setKontrolleHash(Null);
$teilnehmer->setPasswortVerschickt(Null);
$em->flush();
$passok = true;
$this->logg( $teilnehmer->getId(), $veranstaltungid, "PASSWORT_MAIL", $doctrine, "" );
}
}
$html = $twig->render('@OEWLoginBundle/passworthash.html.twig', array( 'formerrors' => $formerrors, 'passok' => $passok, 'mailhash' => $mailhash ));
return new Response( $html );
}
public function passwortreqAction(Request $request, TranslatorInterface $translator, ManagerRegistry $doctrine, Environment $twig) {
$formerrors = array();
// $session = $request->getSession();
// $veranstaltungid = $session->get('veranstaltungid');
$hashok = false;
$username = trim($request->get('f_benutzername'));
if ( $request->isMethod('POST') && $username) {
$em = $doctrine->getManager();
$query = $em->createQuery("
SELECT t FROM OEW\RegistrationBundle\Entity\Teilnehmer t
WHERE t.benutzername = :username AND
t.aktiviert IS NOT NULL AND t.deaktiviert IS NULL AND t.geloescht IS NULL
");
$query->setParameter('username', $username);
$user = $query->getOneOrNullResult();
if ( $user ) {
$person = $doctrine->getRepository('OEW\RegistrationBundle\Entity\Person')->findOneById($user->getPersonId());
if ( $person ) {
$id = uniqid(hash("sha1",rand()), TRUE);
$hash = hash("sha1", $id);
$user->setKontrolleHash($hash);
$user->setPasswortVerschickt(new \DateTime(date("Y-m-d H:i:s")));
$em->flush();
$hashok = true;
$hash_route = 'passwort_vergessen_hash';
$maildaten = array();
$maildaten['anrede'] = $translator->trans("Label.".$person->getAnrede());
$maildaten['name'] = $person->getVorname(). " ".$person->getNachname();
$maildaten['benutzername'] = $username;
$maildaten['link'] = $request->getSchemeAndHttpHost() ."". $this->router->generate($hash_route, array('mailhash' => $hash), true);
$mail_vorlage = "passworthash_".$request->getLocale();
$message = (new \Swift_Message())
->setSubject('Ă–sterreich Werbung: ' . $translator->trans("Passvergessen") )
->setFrom('noreply@austria.info')
->setTo($person->getEmail())
->setContentType('text/html')
->setBody($twig->render('@OEWLoginBundle/Emails/'.$mail_vorlage.'.txt.twig', array('daten' => $maildaten)));
//$mailer = $this->get('mailer');
$ps = openssl_decrypt ($_ENV["smtppass"], "AES-128-CTR", "03029771TGSzYaHI", 0);
$transport = (new \Swift_SmtpTransport($_ENV["smtphost"], 587, 'tls'))
->setUsername( $_ENV["smtpusername"] )
->setPassword( $ps )
;
// Create the Mailer using your created Transport
$mymailer = new \Swift_Mailer($transport);
// Or to use the Echo Logger
//$logger = (new \Swift_Plugins_Loggers_ArrayLogger());
//$mymailer->registerPlugin(new \Swift_Plugins_LoggerPlugin($logger));
//$mailer->registerPlugin(new Swift_Plugins_LoggerPlugin($logger));
$mymailer->send($message);
//print_r($logger);
}
else throw new Exception('Benutzername<->Person nicht gefunden!');
}
else {
$formerrors[] = array( 'type'=>'', 'text'=>$translator->trans("Fehler.Passwortvergessen.Text1") );
}
}
$html = $twig->render('@OEWLoginBundle/passwortreq.html.twig', array( 'formerrors' => $formerrors, 'hashok' => $hashok ));
return new Response( $html );
}
public function indexAction(
Request $request,
TranslatorInterface $translator,
TokenStorageInterface $tokenStorage,
EventDispatcherInterface $eventDispatcher,
ManagerRegistry $doctrine,
Environment $twig,
Security $security,
AuthorizationCheckerInterface $aci,
User $user,
AuthenticationUtils $authenticationUtils,
FormLoginAuthenticator $formLoginAuthenticator
) {
$formerrors = array();
$session = $request->getSession();
$sysuser = $session->get('sysuser');
$error = $authenticationUtils->getLastAuthenticationError();
/*
if ( $this->get('security.context')->isGranted('ROLE_ADMIN') )
return $this->redirect( $this->generateUrl('oew_admin_sys') );
elseif ( $this->get('security.context')->isGranted('ROLE_USER') )
return $this->redirect( $this->generateUrl('oew_admin_user') );
*/
if ( $aci->isGranted('ROLE_ADMIN') )
return $this->redirect( $this->generateUrl('oew_admin_sys') );
elseif ( $aci->isGranted('ROLE_USER') )
return $this->redirect( $this->generateUrl('oew_admin_user') );
$username = trim((string) $request->get('_username'));
$password = trim((string) $request->get('_password'));
if ( $request->isMethod('POST') && $username && $password ) {
$em = $doctrine->getManager();
$query = $em->createQuery("SELECT t FROM OEW\RegistrationBundle\Entity\Teilnehmer t WHERE t.benutzername = :username");
$query->setParameter('username', $username);
$user = $query->getOneOrNullResult();
$error_text = "";
$error = false;
$veranstaltungid = 999;
if ( $user ) {
if ( md5($password) === $user->getPasswort() ) {
if ( !$user->getAktiviert() ) {
$error = true;
$error_text = $translator->trans("Login.Fehler");
$this->logg($user->getId(), $veranstaltungid,"LOGIN_FEHLER", $doctrine, "Nicht aktiviert.");
}
elseif ( $user->getDeaktiviert() || $user->getGeloescht() ) {
$error = true;
$error_text = $translator->trans("Login.Fehler.deaktiviert");
$this->logg($user->getId(), $veranstaltungid, "LOGIN_FEHLER", $doctrine, "Deaktiviert oder gelöscht.");
}
else {
$teilnahme = $doctrine->getRepository('OEW\RegistrationBundle\Entity\Teilnahme')->findOneByTeilnehmerId($user->getId());
if ($teilnahme)
$veranstaltungid = $teilnahme->getVeranstaltungId();
$sysuser = array();
if ( 1 == $user->getSystemadmin() ) {
$roles = array( 'ROLE_ADMIN' );
$sysuser['systemadmin'] = true;
$sysuser['rolle'] = 15;
} elseif ( isset($teilnahme) && 15 == $teilnahme->getRolleId() ) {
$roles = array( 'ROLE_ADMIN' );
$sysuser['rolle'] = 15;
$sysuser['systemadmin'] = true;
} else {
$roles = array( 'ROLE_USER' );
$sysuser['systemadmin'] = false;
$sysuser['rolle'] = $teilnahme->getRolleId();
}
$myuser = new User();
$myuser->setUsername( $username );
$myuser->setPassword( $password );
$token = new UsernamePasswordToken($myuser, "admin", $roles);
//$tokenStorage->setToken($token);
$this->tokenStorage->setToken($token);
$event = new InteractiveLoginEvent($request, $token);
$eventDispatcher->dispatch($event, "security.interactive_login");
//$session->set('_security_admin', serialize($token));
$session->set('_security_login_firewall', serialize($token));
$sysuser['teilnehmerId'] = $user->getId();
$sysuser['personId'] = $user->getPersonId();
$sysuser['benutzername'] = $user->getBenutzername();
if ( $user->getLetztesLogin() ) $sysuser['letztesLogin'] = $user->getLetztesLogin()->format('Y-m-d H:m');
$person = $doctrine->getRepository('OEW\RegistrationBundle\Entity\Person')->findOneById($user->getPersonId());
if ( $person ) {
$sysuser['vorname'] = $person->getVorname();
$sysuser['nachname'] = $person->getNachname();
$sysuser['firmaid'] = $person->getFirmaId();
}
// if MA rolle
if ( (isset($teilnahme) && 15 == $teilnahme->getRolleId()) || $sysuser['rolle'] == 15) {
$query = $em->createQuery("SELECT r FROM OEW\RegistrationBundle\Entity\Zustaendigkeit r WHERE r.veranstaltungId=".$veranstaltungid." AND r.teilnehmerId=".$user->getId());
$regionen = $query->getResult();
$sysuser['laender'] = array();
foreach ( $regionen as $region ) {
$sysuser['laender'][] = $region->getLandId();
}
}
$session->set('sysuser',$sysuser);
$session->set('veranstaltungid', $veranstaltungid);
$this->logg($user->getId(), $veranstaltungid, "LOGIN", $doctrine);
$user->setLetztesLogin( new \DateTime(date("Y-m-d H:i:s")) );
$em->flush();
if ( $this->isGranted('ROLE_ADMIN') ) {
return $this->redirect( $this->generateUrl('oew_admin_sys') );
} else {
return $this->redirect( $this->generateUrl('oew_admin_user') );
}
}
}
else {
$error = true;
$error_text = $translator->trans("Login.Fehler");
$this->logg($user->getId(), $veranstaltungid, "LOGIN_FEHLER", $doctrine, "Passwort falsch.");
}
}
else {
$error = true;
$error_text = $translator->trans("Login.Fehler");
}
if ( $error ) {
$formerrors[] = array( 'type'=>'', 'text'=>$error_text );
}
} elseif (isset($sysuser) && isset($sysuser['teilnehmerId']) && $sysuser['teilnehmerId'] > 0) {
$this->checker->checkPreAuth($user);
$this->userAuthenticator->authenticateUser($user, $formLoginAuthenticator, $request);
if ( $this->isGranted('ROLE_ADMIN') ) {
return $this->redirect( $this->generateUrl('oew_admin_sys') );
} else {
return $this->redirect( $this->generateUrl('oew_admin_user') );
}
}
$html = $twig->render('@OEWLoginBundle/login.html.twig', array( 'formerrors' => $formerrors, 'last_username' => $username ));
return new Response( $html );
}
public function logoutAction(Request $request) {
$session = $request->getSession();
$session->set('sysuser', "");
unset($_COOKIE['systid']);
setcookie("systid", "", time()-3600);
return $this->render('@OEWLoginBundle/login.html.twig', array());
}
public function customLogoutAction(Request $request) {
$session = $request->getSession();
$session->set('sysuser', "");
unset($_COOKIE['systid'], $_COOKIE['PHPSESSID'], $_COOKIE['SFSESSID']);
setcookie("PHPSESSID", "", time()-3600, "/", ".tourismustage.at", true);
setcookie("SFSESSID", "", time()-3600, "/", ".tourismustage.at", true);
setcookie("systid", "", time()+3600, "/", ".tourismustage.at", true);
/*setcookie("PHPSESSID", "", time()-3600, "/", ".tourismustage.at", true);
setcookie("SFSESSID", "", time()-3600, "/", ".tourismustage.at", true);
setcookie("systid", "", time()+3600, "/", ".tourismustage.at", true);
*/
if ($request->getLocale() == "en")
return $this->redirect( $this->generateUrl('oew_reg_welcome_en') );
else
return $this->redirect( $this->generateUrl('oew_reg_welcome_de') );
}
}