3 namespace Wallabag\CoreBundle\Controller
;
5 use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route
;
6 use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method
;
7 use Symfony\Bundle\FrameworkBundle\Controller\Controller
;
8 use Symfony\Component\HttpFoundation\Request
;
9 use Symfony\Component\Security\Core\SecurityContext
;
10 use Wallabag\CoreBundle\Form\Type\ResetPasswordType
;
12 class SecurityController
extends Controller
14 public function loginAction(Request
$request)
16 $session = $request->getSession();
17 // get the login error if there is one
18 if ($request->attributes
->has(SecurityContext
::AUTHENTICATION_ERROR
)) {
19 $error = $request->attributes
->get(SecurityContext
::AUTHENTICATION_ERROR
);
21 $error = $session->get(SecurityContext
::AUTHENTICATION_ERROR
);
22 $session->remove(SecurityContext
::AUTHENTICATION_ERROR
);
25 return $this->render('WallabagCoreBundle:Security:login.html.twig', array(
26 // last username entered by the user
27 'last_username' => $session->get(SecurityContext
::LAST_USERNAME
),
33 * Request forgot password: show form.
35 * @Route("/forgot-password", name="forgot_password")
37 * @Method({"GET", "POST"})
39 public function forgotPasswordAction(Request
$request)
41 $form = $this->createForm('forgot_password');
42 $form->handleRequest($request);
44 if ($form->isValid()) {
45 $user = $this->getDoctrine()->getRepository('WallabagCoreBundle:User')->findOneByEmail($form->get('email')->getData());
47 // generate "hard" token
48 $user->setConfirmationToken(rtrim(strtr(base64_encode(hash('sha256', uniqid(mt_rand(), true), true)), '+/', '-_'), '='));
49 $user->setPasswordRequestedAt(new \
DateTime());
51 $em = $this->getDoctrine()->getManager();
55 $message = \Swift_Message
::newInstance()
56 ->setSubject('Reset Password')
57 ->setFrom($this->container
->getParameter('from_email'))
58 ->setTo($user->getEmail())
59 ->setBody($this->renderView('WallabagCoreBundle:Mail:forgotPassword.txt.twig', array(
60 'username' => $user->getUsername(),
61 'confirmationUrl' => $this->generateUrl('forgot_password_reset', array('token' => $user->getConfirmationToken()), true),
64 $this->get('mailer')->send($message);
66 return $this->redirect($this->generateUrl('forgot_password_check_email',
67 array('email' => $this->getObfuscatedEmail($user->getEmail()))
71 return $this->render('WallabagCoreBundle:Security:forgotPassword.html.twig', array(
72 'form' => $form->createView(),
77 * Tell the user to check his email provider.
79 * @Route("/forgot-password/check-email", name="forgot_password_check_email")
83 public function checkEmailAction(Request
$request)
85 $email = $request->query
->get('email');
88 // the user does not come from the forgotPassword action
89 return $this->redirect($this->generateUrl('forgot_password'));
92 return $this->render('WallabagCoreBundle:Security:checkEmail.html.twig', array(
98 * Reset user password.
100 * @Route("/forgot-password/{token}", name="forgot_password_reset")
102 * @Method({"GET", "POST"})
104 public function resetAction(Request
$request, $token)
106 $user = $this->getDoctrine()->getRepository('WallabagCoreBundle:User')->findOneByConfirmationToken($token);
108 if (null === $user) {
109 throw $this->createNotFoundException(sprintf('No user found with token "%s"', $token));
112 $form = $this->createForm(new ResetPasswordType());
113 $form->handleRequest($request);
115 if ($form->isValid()) {
116 $user->setPassword($form->get('new_password')->getData());
118 $em = $this->getDoctrine()->getManager();
122 $this->get('session')->getFlashBag()->add(
124 'The password has been reset successfully'
127 return $this->redirect($this->generateUrl('login'));
130 return $this->render('WallabagCoreBundle:Security:reset.html.twig', array(
132 'form' => $form->createView(),
137 * Get the truncated email displayed when requesting the resetting.
139 * Keeping only the part following @ in the address.
141 * @param string $email
145 protected function getObfuscatedEmail($email)
147 if (false !== $pos = strpos($email, '@')) {
148 $email = '...'.substr($email, $pos);