src/Controller/ProfileController.php line 761

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\Accounts\Users;
  6. use App\Entity\Accounts\UserRecovery;
  7. use App\Repository\Accounts\UsersRepository;
  8. use App\Repository\Accounts\UserRecoveryRepository;
  9. use App\Form\ChangePasswordType;
  10. use App\Form\PasswordRecoveryType;
  11. use App\Repository\Accounts\UserTokensRepository;
  12. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  13. use Symfony\Component\Form\FormFactoryInterface;
  14. use Symfony\Component\HttpFoundation\Request;
  15. use Symfony\Component\HttpFoundation\Response;
  16. use Symfony\Component\HttpFoundation\RedirectResponse;
  17. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  18. use Symfony\Component\Routing\Annotation\Route;
  19. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  20. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  21. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  22. use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  23. use Symfony\Component\Security\Core\Security;
  24. use Symfony\Component\Security\Core\User\UserInterface;
  25. use Doctrine\ORM\EntityManagerInterface;
  26. use Symfony\Contracts\Translation\TranslatorInterface;
  27. use Symfony\Component\HttpKernel\KernelInterface;
  28. use Symfony\Component\HttpFoundation\JsonResponse;
  29. use Symfony\Component\Mailer\MailerInterface;
  30. use Symfony\Component\Mime\Email;
  31. use Symfony\Component\Mime\Address;
  32. use Symfony\Component\Mime\Header\PathHeader;
  34. class ProfileController extends AbstractController
  35. {
  36.     private EntityManagerInterface $em;
  37.     private TranslatorInterface $translator;
  38.     private KernelInterface $kernel;
  39.     private TokenStorageInterface $tokenStorage;
  41.     public function __construct(EntityManagerInterface $emTranslatorInterface $translatorKernelInterface $kernelTokenStorageInterface $tokenStorage)
  42.     {
  43.         $this->em $em;
  44.         $this->translator $translator;
  45.         $this->kernel $kernel;
  46.         $this->tokenStorage $tokenStorage;
  47.     }
  49.     #[Route(path'/acc/profile'name'acc_profile')]
  50.     public function profile(Request $requestUsersRepository $usersRepository): Response
  51.     {
  52.         /** @var $user \App\Entity\Accounts\Users */
  53.         $user $this->getUser();
  55.         if (!$user instanceof UserInterface) {
  56.             return new RedirectResponse($this->generateUrl('acc_login'));
  57.         }
  59.         $currentLocale $request->getLocale(); // Або $this->translator->getLocale();
  61.         $avatar $request->files->get('avatar');
  62.         if ($avatar) {
  63.             $mimeType $avatar->getMimeType();
  64.             if (in_array($mimeType, ['image/jpeg''image/png'])) {
  65.                 $ch curl_init('https://www.turpravda.com/acc/profile/avatar?json=1');
  66.                 //curl_setopt($ch, CURLOPT_VERBOSE, true);
  67.                 curl_setopt($chCURLOPT_RETURNTRANSFERtrue);
  68.                 curl_setopt($chCURLOPT_FOLLOWLOCATIONfalse);
  69.                 //curl_setopt($ch, CURLOPT_FAILONERROR, true);
  70.                 curl_setopt($chCURLOPT_SSL_VERIFYHOSTfalse);
  71.                 curl_setopt($chCURLOPT_SSL_VERIFYPEERfalse);
  72.                 //curl_setopt($ch, CURLOPT_HEADER, true);
  73.                 curl_setopt($chCURLOPT_RETURNTRANSFER1);
  74.                 curl_setopt($chCURLOPT_USERAGENT'otpusk.com');
  75.                 $base64Image 'data:'$avatar->getMimeType() .';base64,' base64_encode(file_get_contents($avatar->getPathname()));
  76.                 $data = [
  77.                     'avatar' => $base64Image,
  78.                     'image' => new \CURLFile($avatar->getPathname(), $avatar->getMimeType(), $avatar->getClientOriginalName()),
  79.                     'token' => 'C04JG_9ECNG_ZF2SR_GE86G_0F7ZM',
  80.                     'user_id' => $user->getId(),
  81.                     'json' => 1,
  82.                 ];
  83.                 curl_setopt($chCURLOPT_POST1);
  84.                 curl_setopt($chCURLOPT_POSTFIELDS$data);
  85.                 $response curl_exec($ch);
  86.                 $code curl_getinfo($chCURLINFO_HTTP_CODE);
  87.                 curl_close($ch);
  88.                 $json json_decode($response,1);
  90.                 if ($this->kernel->getEnvironment() !== 'prod') {
  91.                     $user->setImage($user->getImageAvatar());
  92.                     //$imageInfo = getimagesize($avatar->getPathname());
  93.                     //if ($imageInfo !== false) $user->setImageSize($imageInfo[0] . 'x' . $imageInfo[1]);
  94.                     $this->em->persist($user);
  95.                     $this->em->flush();
  96.                 }
  98.                 if (curl_errno($ch) || $code!=200 || $json['error']==true) {
  99.                     $this->addFlash('error'$this->translator->trans('profile.upload_failed'));
  100.                 } else {
  101.                     $this->addFlash('success'$this->translator->trans('profile.upload_successful'));
  102.                 }
  103.             } else {
  104.                 $this->addFlash('error'$this->translator->trans('profile.invalid_image_format'));
  105.             }
  106.         }
  108.         if ($request->isMethod('POST')) {
  109.             $action $request->request->get('action''edit');
  111.             if ($action == 'delete_avatar') {
  112.                 $user->setImage('');
  113.                 $user->setImageSize('');
  115.                 $this->em->persist($user);
  116.                 $this->em->flush();
  118.                 $this->addFlash('success'$this->translator->trans('profile.delete_avatar'));
  119.             } else {
  120.                 $name $request->request->get('name');
  121.                 $surname $request->request->get('surname');
  122.                 $middleName $request->request->get('middleName');
  123.                 $address $request->request->get('address');
  124.                 $birthday $request->request->get('birthday'false);
  125.                 $sex $request->request->get('sex');
  126.                 $email $request->request->get('email');
  127.                 $phone $request->request->get('phone');
  128.                 $phone2 $request->request->get('phone2');
  130.                 if ($user instanceof Users) {
  131.                     $user->setName($name . ($surname ' ' $surname '') . ($middleName ' ' $middleName ''));
  132.                     $user->setText($address);
  133.                     //$user->setSurname($surname);
  134.                     //$user->setMiddleName($middleName);
  135.                     //$user->setAddress($address);
  136.                     if ($birthday$user->setBirthDay(new \DateTime($birthday));
  137.                     else $user->setBirthDay(null);
  138.                     $user->setSex($sex);
  139.                     $user->setMail($email);
  140.                     //$user->setPhone($phone);
  141.                     if ($phone2 && $phone!=$phone2$user->setPhoneAdd($phone2);
  143.                     $this->em->persist($user);
  144.                     $this->em->flush();
  146.                     $usersRepository->getCrmUserId($user->getId(), $user->getMail(), $user->getPhone());
  148.                     $this->addFlash('success'$this->translator->trans('profile.update_successful'));
  149.                 }
  150.             }
  151.             return new RedirectResponse($this->generateUrl('acc_profile'));
  152.         }
  154.         list($name$surname$middleName) = array_pad(explode(' '$user->getName(), 3), 3null);
  155.         list($phone$phone2) = array_pad(explode(','$user->getPhone(), 2), 2null);
  156.         return $this->render('profile/index.html.twig', [
  157.             'user' => $user,
  158.             'currentLocale' => $currentLocale,
  159.             'name' => $name??'',
  160.             'surname' => $surname??'',
  161.             'middleName' => $middleName??'',
  162.             'phone' => $user->getPhone()??'',
  163.             'phoneNoVerifySms' => $user->getPhoneSms()!='verify',
  164.             'phone2' => $user->getPhoneAdd()??$phone2,
  165.             'phone2NoVerifySms' => $user->getPhoneAddSms()!='verify',
  166.         ]);
  167.     }
  169.     #[Route(path'/acc/api/profile'name'acc_api_profile_get'methods: ['GET'])]
  170.     public function apiProfileGet(Request $requestTranslatorInterface $translator): JsonResponse
  171.     {
  172.         /** @var Users|null $user */
  173.         $user $this->getUser();
  175.         if (!$user instanceof UserInterface) {
  176.             return new JsonResponse([
  177.                 'error'   => true,
  178.                 'message' => $translator->trans('verify.user_not_authorized')
  179.             ], 401);
  180.         }
  182.         return new JsonResponse([
  183.             'success' => true,
  184.             'user' => [
  185.                 'id'     => $user->getId(),
  186.                 'name'   => $user->getName(),
  187.                 'email'  => $user->getEmail(),
  188.                 'phone'  => $user->getPhone(),
  189.                 'phoneVerifySms' => $user->getPhone()&&$user->getPhoneSms()=='verify',
  190.                 'phone2' => $user->getPhoneAdd(),
  191.                 'phone2VerifySms' => $user->getPhoneAdd()&&$user->getPhoneAddSms()=='verify',
  192.                 'sex'    => $user->getSex(),
  193.                 'birthday' => $user->getBirthDay()?->format('Y-m-d'),
  194.                 'address'  => $user->getText(),
  195.             ],
  196.         ], 200);
  197.     }
  199.     #[Route(path'/acc/api/profile'name'acc_api_profile'methods: ['POST'])]
  200.     public function apiProfile(Request $requestTranslatorInterface $translatorUsersRepository $usersRepository): JsonResponse
  201.     {
  202.         /** @var Users|null $user */
  203.         $user $this->getUser();
  205.         if (!$user instanceof UserInterface) {
  206.             return new JsonResponse([
  207.                 'error'   => true,
  208.                 'message' => $translator->trans('verify.user_not_authorized')
  209.             ], 401);
  210.         }
  212.         $data json_decode($request->getContent(), true);
  213.         if (is_array($data)) {
  214.             $name       $data['name'] ?? false;
  215.             $address    $data['address'] ?? false;
  216.             $birthday   $data['birthday'] ?? false;
  217.             $sex        $data['sex'] ?? false;
  218.             $email      $data['email'] ?? false;
  219.             $phone      $data['phone'] ?? false;
  220.         } else {
  221.             $name       $request->request->get('name'false);
  222.             $address    $request->request->get('address'false);
  223.             $birthday   $request->request->get('birthday'false);
  224.             $sex        $request->request->get('sex'false);
  225.             $email      $request->request->get('email'false);
  226.             $phone      $request->request->get('phone'false);
  227.         }
  229.         if (!$name) {
  230.             return new JsonResponse([
  231.                 'error' => true,
  232.                 'message' => $translator->trans('profile.form.name_empty'),
  233.             ], 400);
  234.         }
  235.         $user->setName($name);
  237.         if (!$email) {
  238.             return new JsonResponse([
  239.                 'error' => true,
  240.                 'message' => $translator->trans('profile.form.email_empty'),
  241.             ], 400);
  242.         }
  244.         $existingUser $this->em->getRepository(Users::class)->findOneBy(['mail' => $email]);
  245.         if ($existingUser && $existingUser->getId() !== $user->getId()) {
  246.             return new JsonResponse([
  247.                 'error'   => true,
  248.                 'message' => $translator->trans('profile.form.email_in_use'),
  249.             ], 400);
  250.         }
  251.         $user->setMail($email);
  253.         if ($address$user->setText($address);
  254.         if ($birthday$user->setBirthDay(new \DateTime($birthday));
  255.         if ($sex$user->setSex($sex);
  257.         if (!$phone) {
  258.             return new JsonResponse([
  259.                 'error' => true,
  260.                 'message' => $translator->trans('profile.form.phone_empty'),
  261.             ], 400);
  262.         }
  263.         $user->setPhone($phone);
  265.         try {
  266.             $this->em->persist($user);
  267.             $this->em->flush();
  269.             $usersRepository->saveCrmUserProfile($user->getId(), $user->getMail(), $user->getPhone());
  270.         } catch (\Exception $e) {
  271.             return new JsonResponse([
  272.                 'error' => true,
  273.                 'message' => $e->getMessage(),
  274.             ], 400);
  275.         }
  277.         return new JsonResponse([
  278.             'success' => true,
  279.             'user' => [
  280.                 'id'=>$user->getId(),
  281.                 'name'=>$user->getName(),
  282.                 'email'=>$user->getEmail(),
  283.                 'phone'=>$user->getPhone(),
  284.             ],
  285.             'message' => $translator->trans('profile.update_successful'),
  286.         ], 200);
  287.     }
  289.     #[Route(path'/acc/api/sendsms'name'acc_api_sendsms'methods: ['POST'])]
  290.     public function sendSms(Request $request): JsonResponse
  291.     {
  292.         /** @var Users|null $user */
  293.         $user $this->getUser();
  294.         if (!$user instanceof Users) {
  295.             return new JsonResponse([
  296.                 'error' => true,
  297.                 'message' => 'User not authorized',
  298.             ], 401);
  299.         }
  301.         $phone $request->request->get('phone');
  302.         $phone2 $request->request->get('phone2');
  303.         if ($phone2$phone $phone2;
  305.         if (!$phone) {
  306.             return new JsonResponse([
  307.                 'error' => true,
  308.                 'message' => 'Phone number is required',
  309.             ], 400);
  310.         }
  312.         if ($phone2 && $user->getPhone() == $phone2 && $user->getPhoneAddSms()=='verify') {
  313.             return new JsonResponse([
  314.                 'error' => false,
  315.                 'message' => 'SMS sent successfully',
  316.             ], 200);
  317.         } elseif ($user->getPhone() == $phone && $user->getPhoneSms()=='verify'){
  318.             return new JsonResponse([
  319.                 'error' => false,
  320.                 'message' => 'SMS sent successfully',
  321.             ], 200);
  322.         }
  324.         //$user->setPhone($phone);
  325.         $code random_int(100000999999);
  326.         if ($this->kernel->getEnvironment() === 'dev') {
  327.             $code 123456;
  328.         }
  330.         if ($phone2$user->setPhoneAddSms($code);
  331.         else $user->setPhoneSms($code);
  333.         try {
  334.             $this->em->persist($user);
  335.             $this->em->flush();
  336.         } catch (\Exception $e) {
  337.             return new JsonResponse([
  338.                 'error' => true,
  339.                 'message' => 'Failed to save verification code',
  340.             ], 500);
  341.         }
  343.         if ($this->kernel->getEnvironment() !== 'dev') {
  344.             $this->messengersRepository->addNew($phone'Ваш код: ' $code);
  345.         }
  347.         return new JsonResponse([
  348.             'error' => false,
  349.             'message' => 'SMS sent successfully',
  350.         ], 200);
  351.     }
  353.     #[Route(path'/acc/api/verifysms'name'acc_api_verifysms'methods: ['POST'])]
  354.     public function verifySms(Request $requestUsersRepository $usersRepository): JsonResponse
  355.     {
  356.         $phone $request->request->get('phone');
  357.         $phone2 $request->request->get('phone2');
  358.         $code $request->request->get('code');
  360.         if ($phone2$phone $phone2;
  361.         if (!$phone || !$code) {
  362.             return new JsonResponse([
  363.                 'error' => true,
  364.                 'message' => 'Phone number and code are required',
  365.             ], 400);
  366.         }
  368.         /** @var Users|null $user */
  369.         $user $this->getUser();
  370.         if (!$user instanceof Users/* || $user->getPhone() !== $phone)*/) {
  371.             return new JsonResponse([
  372.                 'error'   => true,
  373.                 'message' => 'User not authorized or phone number mismatch',
  374.             ], 401);
  375.         }
  377.         if ($phone2){
  378.             if ($user->getPhoneAddSms() !== $code) {
  379.                 return new JsonResponse([
  380.                     'error' => true,
  381.                     'message' => 'Invalid verification code',
  382.                 ], 400);
  383.             }
  384.         } elseif ($user->getPhoneSms() !== $code) {
  385.             return new JsonResponse([
  386.                 'error'   => true,
  387.                 'message' => 'Invalid verification code',
  388.             ], 400);
  389.         }
  391.         if ($phone2) {
  392.             $user->setPhoneAdd($phone2);
  393.             $user->setPhoneAddSms('verify');
  394.         } else {
  395.             $user->setPhone($phone);
  396.             $user->setPhoneSms('verify');
  397.         }
  399.         try {
  400.             $this->em->persist($user);
  401.             $this->em->flush();
  402.         } catch (\Exception $e) {
  403.             return new JsonResponse([
  404.                 'error' => true,
  405.                 'message' => 'Failed to save phone',
  406.             ], 500);
  407.         }
  409.         return new JsonResponse([
  410.             'error'   => false,
  411.             'message' => 'Verification successful',
  412.         ], 200);
  413.     }
  415.     #[Route(path'/acc/change-password'name'acc_change_password')]
  416.     public function changePassword(Request $requestUserPasswordHasherInterface $passwordHasherTranslatorInterface $translatorEntityManagerInterface $emFormFactoryInterface $formFactory): Response
  417.     {
  418.         /** @var \App\Entity\Accounts\Users $user */
  419.         $user $this->getUser();
  421.         if (!$user) {
  422.             $this->addFlash('error'$translator->trans('profile.error_auth_required'));
  423.             return $this->redirectToRoute('acc_login');
  424.         }
  426.         $form $formFactory->create(ChangePasswordType::class, null, [
  427.             'email' => $user->getMail(),
  428.             'is_api' => false,
  429.         ]);
  430.         $form->handleRequest($request);
  432.         if ($form->isSubmitted() && $form->isValid()) {
  433.             $data $form->getData();
  435.             if (!$passwordHasher->isPasswordValid($user$data['old_password'])) {
  436.                 $this->addFlash('error'$translator->trans('profile.error_old_password_invalid'));
  437.             } else {
  438.                 $hashedPassword $passwordHasher->hashPassword($user$data['new_password']);
  439.                 $user->setPassword($hashedPassword);
  440.                 $em->flush();
  442.                 $this->addFlash('success'$translator->trans('profile.password_changed_success'));
  443.                 return $this->redirectToRoute('acc_change_password');
  444.             }
  445.         }
  447.         return $this->render('profile/change_password.html.twig', [
  448.             'form' => $form->createView(),
  449.             'user' => $user,
  450.         ]);
  451.     }
  453.     #[Route(path'/acc/api/change-password'name'acc_api_change_password'methods: ['POST'])]
  454.     public function apiChangePassword(Request $requestUsersRepository $usersRepositoryUserRecoveryRepository $userRecoveryRepositoryUserPasswordHasherInterface $passwordHasherTranslatorInterface $translatorEntityManagerInterface $em): JsonResponse
  455.     {
  456.         $data $request->request->all();
  458.         if (empty($data)) {
  459.             return new JsonResponse([
  460.                 'error' => true,
  461.                 'message' => $translator->trans('profile.error_old_password_empty'),
  462.             ], 400);
  463.         }
  465.         $form $this->createForm(ChangePasswordType::class, null, [
  466.             'is_api' => true,
  467.         ]);
  469.         $expectedFields = ['email''old_password''new_password''confirm_password'];
  470.         $data array_intersect_key($dataarray_flip($expectedFields));
  472.         $form->submit($data);
  474.         if (!$form->isValid()) {
  475.             $errors $form->getErrors(true);
  476.             $fieldErrors = [];
  477.             foreach ($errors as $error) {
  478.                 $field $error->getOrigin()->getName();
  479.                 $message $error->getMessage();
  480.                 $fieldErrors[$field][] = $message;
  481.             }
  482.             return new JsonResponse([
  483.                 'error' => true,
  484.                 'field' => $field,
  485.                 'message' => $message,
  486.                 //'message' => $this->translator->trans('registration.invalid_data'),
  487.                 'field_errors' => $fieldErrors,
  488.             ], 400);
  489.         }
  491.         $email $data['email'] ?? null;
  492.         $oldPassword $data['old_password'] ?? null;
  493.         $newPassword $data['new_password'] ?? null;
  495.         $user $usersRepository->findOneBy(['mail' => $email]);
  496.         if (!$user) {
  497.             return new JsonResponse([
  498.                 'error' => true,
  499.                 'message' => $translator->trans('profile.error_email'),
  500.             ], 400);
  501.         }
  503.         if (!$passwordHasher->isPasswordValid($user$oldPassword)) {
  504.             return new JsonResponse([
  505.                 'error' => true,
  506.                 'message' => $translator->trans('profile.error_old_password_invalid'),
  507.             ], 400);
  508.         }
  510.         $hashedPassword $passwordHasher->hashPassword($user$newPassword);
  511.         $user->setPassword($hashedPassword);
  513.         $recovery $userRecoveryRepository->findOneBy(
  514.             ['userId' => $user->getId(), 'used' => null],
  515.             ['date' => 'DESC']
  516.         );
  518.         if (!$recovery) {
  519.             //$hash = hash('ripemd128', $user->getId() . $user->getLogin() . $user->getMail() . time() . $_ENV['APP_SECRET']);
  520.             $hash UserTokensRepository::genToken($user);
  522.             $recovery = new UserRecovery();
  523.             $recovery->setUser($user);
  524.             $recovery->setHash($hash);
  525.             $recovery->setIp($request->getClientIp() ?? '0');
  526.             $recovery->setUseragent($request->headers->get('User-Agent') ?? 'unknown');
  527.             $recovery->setDate(new \DateTime());
  529.             $em->persist($recovery);
  530.         }
  532.         $em->flush();
  534.         $response = new JsonResponse([
  535.             'error' => false,
  536.             'message' => $translator->trans('profile.password_changed_success'),
  537.         ], 200);
  539.         $response->headers->set('X-Access-Login'$user->getLogin());
  540.         $response->headers->set('X-Access-Email'$user->getEmail());
  541.         $response->headers->set('X-Access-Token'$recovery->getHash());
  542.         $response->headers->set('X-Access-Avatar'$user->getImageAvatar());
  544.         return $response;
  545.     }
  547.     /*
  548.     #[Route(path: '/acc/changepassword2', name: 'acc_change_password2')]
  549.     public function changePassword2(UsersRepository $usersRepository, Request $request, UserPasswordHasherInterface $passwordHasher, TranslatorInterface $translator): Response
  550.     {
  551.         $user = $this->getUser();
  553.         $isJsonRequest = $request->headers->get('Accept') === 'application/json';
  555.         if ($request->isMethod('POST')) {
  556.             $email = $request->request->get('email', false);
  557.             $oldPassword = $request->request->get('old_password', false);
  559.             if ($email && $oldPassword) {
  560.                 $userCheck = $usersRepository->findOneBy(['mail' => $email]);
  561.                 if (!$userCheck) {
  562.                     $this->addFlash('error', $translator->trans('profile.error_email'));
  563.                     if ($isJsonRequest) return $this->jsonResultFromFlash(400);
  564.                 }
  565.                 if ($passwordHasher->isPasswordValid($userCheck, $oldPassword)) $user = $userCheck;
  566.                 else {
  567.                     $this->addFlash('error', $translator->trans('profile.error_old_password_invalid'));
  568.                     if ($isJsonRequest) return $this->jsonResultFromFlash(400);
  569.                 }
  570.                 unset($userCheck);
  571.             }
  572.         }
  573.         if (!$user) {
  574.             $this->addFlash('error', $translator->trans('profile.error_auth_required'));
  575.             if ($isJsonRequest) return $this->jsonResultFromFlash(401);
  576.             return $this->redirectToRoute('acc_login');
  577.         }
  578.         $currentLocale = $request->getLocale();
  580.         if ($request->isMethod('POST')) {
  581.             $newPassword = $request->request->get('new_password');
  582.             $confirmPassword = $request->request->get('new_password');
  584.             if (!$oldPassword) {
  585.                 $this->addFlash('error', $translator->trans('profile.error_old_password_empty'));
  586.             }
  587.             elseif ($user && !$passwordHasher->isPasswordValid($user, $oldPassword)) {
  588.                 $this->addFlash('error', $translator->trans('profile.error_old_password_invalid'));
  589.             }
  590.             elseif (!preg_match('/^(?=.*[A-Z])(?=.*\d)[A-Za-z\d!@#$%^&*()_+]{8,}$/', $newPassword)) {
  591.                 $this->addFlash('error', $translator->trans('profile.error_password_rules'));
  592.             }
  593.             elseif (!$newPassword || !$confirmPassword) {
  594.                 $this->addFlash('error', $translator->trans('profile.error_new_password_empty'));
  595.             }
  596.             elseif ($newPassword !== $confirmPassword) {
  597.                 $this->addFlash('error', $translator->trans('profile.error_password_mismatch'));
  598.             }
  599.             else {
  600.                 $hashedPassword = $passwordHasher->hashPassword($user, $newPassword);
  601.                 $user->setPassword($hashedPassword);
  603.                 $entityManager = $this->getDoctrine()->getManager();
  604.                 $entityManager->flush();
  606.                 $this->addFlash('success', $translator->trans('profile.password_changed_success'));
  608.                 if ($isJsonRequest) {
  609.                     return $this->jsonResultFromFlash(200);
  610.                 }
  612.                 return $this->redirectToRoute('acc_change_password');
  613.             }
  614.         }
  616.         if ($isJsonRequest) {
  617.             return $this->jsonResultFromFlash();
  618.         }
  620.         return $this->render('profile/change_password.html.twig', [
  621.             'user' => $user,
  622.             'currentLocale' => $currentLocale,
  623.         ]);
  624.     }
  625.     */
  627.     #[Route(path'/acc/forgot'name'acc_forgot'methods: ['GET''POST'])]
  628.     public function forgot(Request $requestUsersRepository $usersRepositoryUserRecoveryRepository $userRecoveryRepositoryUrlGeneratorInterface $urlGeneratorMailerInterface $mailer): Response
  629.     {
  630.         /** @var $user \App\Entity\Accounts\Users */
  631.         $user $this->getUser();
  632.         if ($user instanceof UserInterface) {
  633.             return $this->redirectToRoute('acc_profile');
  634.         }
  636.         $currentLocale $request->getLocale();
  638.         if ($request->isMethod('GET')) {
  639.             $last_email $request->getSession()->get(Security::LAST_USERNAME'');
  640.             return $this->render('profile/forgot.html.twig', [
  641.                 'last_email' => $last_email,
  642.                 'title' => $this->translator->trans('profile.forgot.title', [], 'messages'$currentLocale),
  643.             ]);
  644.         }
  646.         $email $request->request->get('email');
  648.         if (!$email) {
  649.             $this->addFlash('error'$this->translator->trans('profile.forgot.email_required'));
  650.             return $this->redirectToRoute('acc_forgot');
  651.         }
  653.         if (!filter_var($emailFILTER_VALIDATE_EMAIL)) {
  654.             $this->addFlash('error'$this->translator->trans('profile.form.email_error'));
  655.             return $this->redirectToRoute('acc_forgot');
  656.         }
  658.         $user $usersRepository->findOneBy(['mail' => $email]);
  659.         if (!$user) {
  660.             $this->addFlash('error'$this->translator->trans('profile.forgot.user_not_found'));
  661.             return $this->redirectToRoute('acc_forgot');
  662.         }
  664.         $recovery $userRecoveryRepository->findOneBy(
  665.             ['userId' => $user->getId(), 'used' => null],
  666.             ['date' => 'DESC']
  667.         );
  668.         if (!$recovery || $recovery->getDate() < (new \DateTime('-1 day'))) {
  669.             //$hash = hash('ripemd128', $user->getId() . $user->getLogin() . $user->getMail() . time() . $_ENV['APP_SECRET']);
  670.             $hash UserTokensRepository::genToken($user);
  672.             $recovery = new UserRecovery();
  673.             $recovery->setUser($user);
  674.             //$recovery->setUserId($user->getId());
  675.             $recovery->setHash($hash);
  676.             $recovery->setIp($request->getClientIp() ?? '0');
  677.             $recovery->setUseragent($request->headers->get('User-Agent') ?? 'unknown');
  678.             $recovery->setDate(new \DateTime());
  680.             $this->em->persist($recovery);
  681.             $this->em->flush();
  682.         } else {
  683.             $this->addFlash('success'$this->translator->trans('profile.forgot.password_reset_email_sent'));
  684.             return $this->redirectToRoute('acc_forgot');
  685.         }
  687.         $this->sendEmail(false$user$recovery$urlGenerator$mailer);
  689.         $this->addFlash('success'$this->translator->trans('profile.forgot.password_reset_email_sent'));
  690.         return $this->redirectToRoute('acc_forgot');
  691.     }
  693.     #[Route(path'/acc/api/forgot'name'acc_api_forgot'methods: ['POST'])]
  694.     public function forgotPassword(Request $requestUsersRepository $usersRepositoryUserRecoveryRepository $userRecoveryRepositoryUrlGeneratorInterface $urlGeneratorMailerInterface $mailer): JsonResponse
  695.     {
  696.         /** @var $user \App\Entity\Accounts\Users */
  697.         $user $this->getUser();
  698.         if ($user instanceof UserInterface) {
  699.             return new JsonResponse([
  700.                 'error' => true,
  701.                 'message' => $this->translator->trans('profile.you_auth'),
  702.             ], 400);
  703.         }
  705.         $email $request->request->get('email');
  707.         if (!$email || !filter_var($emailFILTER_VALIDATE_EMAIL)) {
  708.             return new JsonResponse([
  709.                 'error' => true,
  710.                 'message' => $this->translator->trans('profile.forgot.invalid_email'),
  711.             ], 400);
  712.         }
  714.         $user $usersRepository->findOneBy(['mail' => $email]);
  715.         if (!$user) {
  716.             return new JsonResponse([
  717.                 'error' => true,
  718.                 'message' => $this->translator->trans('profile.forgot.user_not_found'),
  719.             ], 404);
  720.         }
  722.         $recovery $userRecoveryRepository->findOneBy(
  723.             ['userId' => $user->getId(), 'used' => null],
  724.             ['date' => 'DESC']
  725.         );
  726.         if (!$recovery || $recovery->getDate() < (new \DateTime('-1 day'))) {
  727.             //$hash = hash('ripemd128', $user->getId() . $user->getLogin() . $user->getMail() . time() . $_ENV['APP_SECRET']);
  728.             $hash UserTokensRepository::genToken($user);
  730.             $recovery = new UserRecovery();
  731.             $recovery->setUser($user);
  732.             $recovery->setHash($hash);
  733.             $recovery->setIp($request->getClientIp() ?? '0');
  734.             $recovery->setUseragent($request->headers->get('User-Agent') ?? 'unknown');
  735.             $recovery->setDate(new \DateTime());
  737.             $this->em->persist($recovery);
  738.             $this->em->flush();
  739.         } else {
  740.             return new JsonResponse([
  741.                 'error' => false,
  742.                 'message' => $this->translator->trans('profile.forgot.password_reset_email_sent'),
  743.             ], 200);
  744.         }
  746.         $this->sendEmail(true$user$recovery$urlGenerator$mailer);
  748.         $response = new JsonResponse([
  749.             'error' => false,
  750.             'message' => $this->translator->trans('profile.forgot.password_reset_email_sent'),
  751.         ], 200);
  753.         $response->headers->set('X-Access-Login'$user->getLogin());
  754.         $response->headers->set('X-Access-Email'$user->getMail());
  755.         $response->headers->set('X-Access-Token'$hash);
  756.         $response->headers->set('X-Access-Avatar'$user->getImageAvatar());
  758.         return $response;
  759.     }
  761.     private function sendEmail($api falseUsers $userUserRecovery $recoveryUrlGeneratorInterface $urlGeneratorMailerInterface $mailer): void
  762.     {
  763.         $html $this->renderView('profile/forgot_email.html.twig', [
  764.             'login' => $user->getLogin()??$user->getName(),
  765.             'forgotLink' => $urlGenerator->generate($api'acc_api_recovery''acc_recovery', [
  766.                 'autoaction' => 'change-password',
  767.                 'email' => $user->getMail(),
  768.                 'token' => $recovery->getHash(),
  769.                 'utm_source'=>'otpusk-mailings',
  770.                 'utm_medium'=>'email',
  771.                 'utm_campaign'=>'recovery',
  772.                 'utm_content'=>'otpusk',
  773.             ], UrlGeneratorInterface::ABSOLUTE_URL
  774.             ),
  775.             'confirm_code' => $recovery->getHash(),
  776.             'year' => date('Y'),
  777.         ]);
  779.         $email = (new Email())
  780.             ->from('no-reply@otpusk.com')
  781.             ->to($user->getMail())
  782.             ->subject($this->translator->trans('profile.forgot.title'))
  783.             ->html($html);
  784.         $returnPathAddress = new Address(sprintf('%d@return.otpusk.com'$user->getId()));
  785.         $email->getHeaders()->add(new PathHeader('Return-Path'$returnPathAddress));
  787.         if ($this->getParameter('kernel.environment') !== 'prod') {
  788.             // зберігаємо письма локально
  789.             $mimeMessage $email->toString();
  790.             $directory $this->getParameter('kernel.project_dir') . '/var/mails';
  791.             if (!is_dir($directory)) {
  792.                 mkdir($directory0775true);
  793.             }
  794.             $filePath $directory '/' date('YmdHis') . '_' uniqid('email_'true) . '.eml';
  795.             file_put_contents($filePath$mimeMessage);
  796.         } else {
  797.             $mailer->send($email);
  798.         }
  799.     }
  801.     #[Route(path'/acc/recovery'name'acc_recovery'methods: ['GET''POST'])]
  802.     public function recovery(Request $requestUserRecoveryRepository $userRecoveryRepositoryUsersRepository $usersRepositoryEntityManagerInterface $emTranslatorInterface $translator): Response
  803.     {
  804.         /** @var $user \App\Entity\Accounts\Users */
  805.         $user $this->getUser();
  806.         if ($user instanceof UserInterface) {
  807.             return $this->redirectToRoute('acc_profile');
  808.         }
  810.         $form $this->createForm(PasswordRecoveryType::class,  [
  811.             'email' => $request->query->get('email'''),
  812.             'token' => $request->query->get('token'''),
  813.         ], [
  814.             'is_api' => false,
  815.         ]);
  816.         $form->handleRequest($request);
  818.         if ($form->isSubmitted() && $form->isValid()) {
  819.             $data $form->getData();
  821.             if ($data['password'] !== $data['confirm_password']) {
  822.                 $this->addFlash('error'$translator->trans('profile.error_password_mismatch'));
  823.             } else {
  824.                 $recovery $userRecoveryRepository->findOneBy([
  825.                         'hash' => $data['token'],
  826.                         //'used' => null,
  827.                     ]
  828.                 );
  830.                 if (!$recovery) {
  831.                     $this->addFlash('error'$translator->trans('profile.recovery.token_invalid'));
  832.                 } else {
  833.                     $user $usersRepository->find($recovery->getUserId());
  835.                     if (!$user) {
  836.                         $this->addFlash('error'$translator->trans('profile.forgot.user_not_found'));
  837.                     } else {
  838.                         $user->setPassword(password_hash($data['password'], PASSWORD_BCRYPT));
  839.                         $em->persist($user);
  841.                         $recovery->setUsed(new \DateTime());
  842.                         $em->persist($recovery);
  843.                         $em->flush();
  845.                         $this->addFlash('success'$translator->trans('profile.password_changed_success'));
  847.                         $token = new UsernamePasswordToken($usernull$user->getRoles());
  848.                         $this->tokenStorage->setToken($token);
  850.                         return $this->redirectToRoute('acc_recovery', [
  851.                             'email' => $data['email'] ?? '',
  852.                             'token' => $data['token'] ?? '',
  853.                         ]);
  854.                     }
  855.                 }
  856.             }
  857.         }
  859.         return $this->render('profile/recovery.html.twig', [
  860.             'form' => $form->createView(),
  861.         ]);
  862.     }
  864.     #[Route(path'/acc/api/recovery'name'acc_api_recovery'methods: ['POST'])]
  865.     public function apiRecovery(Request $requestUserRecoveryRepository $userRecoveryRepositoryUsersRepository $usersRepositoryEntityManagerInterface $emTranslatorInterface $translator): JsonResponse
  866.     {
  867.         /** @var $user \App\Entity\Accounts\Users */
  868.         $user $this->getUser();
  869.         if ($user instanceof UserInterface) {
  870.             return new JsonResponse([
  871.                 'error' => true,
  872.                 'message' => $this->translator->trans('profile.you_auth'),
  873.             ], 400);
  874.         }
  876.         $form $this->createForm(PasswordRecoveryType::class, null, [
  877.             'is_api' => true,
  878.         ]);
  880.         $data $request->request->all();
  881.         $data['password'] = base64_decode($data['password']);
  882.         $data['confirm_password'] = base64_decode($data['confirm_password']);
  883.         $form->submit($data);
  885.         if (!$form->isValid()) {
  886.             $errors $form->getErrors(true);
  887.             $fieldErrors = [];
  888.             foreach ($errors as $error) {
  889.                 $field $error->getOrigin()->getName();
  890.                 $message $error->getMessage();
  891.                 $fieldErrors[$field][] = $message;
  892.             }
  893.             return new JsonResponse([
  894.                 'error' => true,
  895.                 'field' => $field,
  896.                 'message' => $message,
  897.                 //'message' => $this->translator->trans('registration.invalid_data'),
  898.                 'field_errors' => $fieldErrors,
  899.             ], 400);
  900.         }
  902.         $data $form->getData();
  904.         if ($data['password'] !== $data['confirm_password']) {
  905.             return new JsonResponse([
  906.                 'error' => true,
  907.                 'data' => $data,
  908.                 'message' => $this->translator->trans('profile.error_password_mismatch'),
  909.             ], 400);
  910.         }
  912.         $recovery $userRecoveryRepository->findOneBy([
  913.             'hash' => $data['token'],
  914.             //'used' => null,
  915.         ]);
  916.         if (!$recovery) {
  917.             return new JsonResponse([
  918.                 'error' => true,
  919.                 'message' => $this->translator->trans('profile.user_not_found'),
  920.             ], 404);
  921.         }
  923.         $user $usersRepository->find($recovery->getUserId());
  925.         if (!$user) {
  926.             return new JsonResponse([
  927.                 'error' => true,
  928.                 'message' => $this->translator->trans('profile.user_not_found'),
  929.             ], 404);
  930.         }
  932.         $user->setPassword(password_hash($data['password'], PASSWORD_BCRYPT));
  933.         $this->em->persist($user);
  935.         $recovery->setUsed(new \DateTime());
  936.         $this->em->persist($recovery);
  937.         $em->flush();
  939.         $token = new UsernamePasswordToken($usernull$user->getRoles());
  940.         $this->tokenStorage->setToken($token);
  942.         $response = new JsonResponse([
  943.             'error' => false,
  944.             'message' => $translator->trans('profile.password_changed_success'),
  945.         ], 200);
  947.         $response->headers->set('X-Access-Login'$user->getLogin());
  948.         $response->headers->set('X-Access-Email'$user->getMail());
  949.         $response->headers->set('X-Access-Token'$recovery->getHash());
  950.         $response->headers->set('X-Access-Avatar'$user->getImageAvatar());
  952.         return $response;
  953.     }
  955.     #[Route(path'/acc/delete'name'acc_delete_account')]
  956.     public function deleteAccount(Request $requestTranslatorInterface $translator): Response
  957.     {
  958.         /** @var \App\Entity\Accounts\Users $user */
  959.         $user $this->getUser();
  961.         if (!$user) {
  962.             $this->addFlash('error''profile.error_auth_required');
  963.             return $this->redirectToRoute('acc_login');
  964.         }
  965.         $currentLocale $request->getLocale();
  967.         // на деві не вимикаємо користувачів
  968.         if ($this->getParameter('kernel.environment') === 'prod') {
  969.             $user->setActive('no');
  971.             $entityManager $this->getDoctrine()->getManager();
  972.             $entityManager->flush();
  973.         }
  975.         $this->container->get('security.token_storage')->setToken(null);
  976.         //$request->getSession()->invalidate(); // не треба прибирати сесію
  978.         return $this->render('profile/delete_account.html.twig', [
  979.             'user' => false,
  980.             'currentLocale' => $currentLocale,
  981.         ]);
  982.     }
  984.     private function jsonResultFromFlash(int $httpCode 400): JsonResponse
  985.     {
  986.         $errors $this->get('session')->getFlashBag()->get('error', []);
  987.         $success $this->get('session')->getFlashBag()->get('success', []);
  989.         if (!empty($errors)) {
  990.             return new JsonResponse([
  991.                 'error' => true,
  992.                 'message' => implode(PHP_EOL$errors),
  993.             ], $httpCode);
  994.         }
  996.         if (!empty($success)) {
  997.             return new JsonResponse([
  998.                 'error' => false,
  999.                 'message' => implode(PHP_EOL$success),
  1000.             ], 200);
  1001.         }
  1003.         return new JsonResponse([
  1004.             'error' => false,
  1005.             'message' => '',
  1006.         ], 200);
  1007.     }
  1008. }