3 namespace Wallabag\CoreBundle\Controller
;
5 use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route
;
6 use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method
;
7 use Symfony\Bundle\FrameworkBundle\Controller\Controller
;
8 use Symfony\Component\HttpFoundation\Request
;
9 use Symfony\Component\Security\Core\SecurityContext
;
10 use Wallabag\CoreBundle\Form\Type\ResetPasswordType
;
12 class SecurityController
extends Controller
14 public function loginAction(Request
$request)
16 $session = $request->getSession();
17 // get the login error if there is one
18 if ($request->attributes
->has(SecurityContext
::AUTHENTICATION_ERROR
)) {
19 $error = $request->attributes
->get(SecurityContext
::AUTHENTICATION_ERROR
);
21 $error = $session->get(SecurityContext
::AUTHENTICATION_ERROR
);
22 $session->remove(SecurityContext
::AUTHENTICATION_ERROR
);
25 return $this->render('WallabagCoreBundle:Security:login.html.twig', array(
26 // last username entered by the user
27 'last_username' => $session->get(SecurityContext
::LAST_USERNAME
),
33 * Request forgot password: show form
35 * @Route("/forgot-password", name="forgot_password")
36 * @Method({"GET", "POST"})
38 public function forgotPasswordAction(Request
$request)
40 $form = $this->createForm('forgot_password');
41 $form->handleRequest($request);
43 if ($form->isValid()) {
44 $user = $this->getDoctrine()->getRepository('WallabagCoreBundle:User')->findOneByEmail($form->get('email')->getData());
46 // generate "hard" token
47 $user->setConfirmationToken(rtrim(strtr(base64_encode(hash('sha256', uniqid(mt_rand(), true), true)), '+/', '-_'), '='));
48 $user->setPasswordRequestedAt(new \
DateTime());
50 $em = $this->getDoctrine()->getManager();
54 $message = \Swift_Message
::newInstance()
55 ->setSubject('Reset Password')
56 ->setFrom($this->container
->getParameter('from_email'))
57 ->setTo($user->getEmail())
58 ->setBody($this->renderView('WallabagCoreBundle:Mail:forgotPassword.txt.twig', array(
59 'username' => $user->getUsername(),
60 'confirmationUrl' => $this->generateUrl('forgot_password_reset', array('token' => $user->getConfirmationToken()), true),
63 $this->get('mailer')->send($message);
65 return $this->redirect($this->generateUrl('forgot_password_check_email',
66 array('email' => $this->getObfuscatedEmail($user->getEmail()))
70 return $this->render('WallabagCoreBundle:Security:forgotPassword.html.twig', array(
71 'form' => $form->createView(),
76 * Tell the user to check his email provider
78 * @Route("/forgot-password/check-email", name="forgot_password_check_email")
81 public function checkEmailAction(Request
$request)
83 $email = $request->query
->get('email');
86 // the user does not come from the forgotPassword action
87 return $this->redirect($this->generateUrl('forgot_password'));
90 return $this->render('WallabagCoreBundle:Security:checkEmail.html.twig', array(
98 * @Route("/forgot-password/{token}", name="forgot_password_reset")
99 * @Method({"GET", "POST"})
101 public function resetAction(Request
$request, $token)
103 $user = $this->getDoctrine()->getRepository('WallabagCoreBundle:User')->findOneByConfirmationToken($token);
105 if (null === $user) {
106 throw $this->createNotFoundException(sprintf('No user found with token "%s"', $token));
109 $form = $this->createForm(new ResetPasswordType());
110 $form->handleRequest($request);
112 if ($form->isValid()) {
113 $user->setPassword($form->get('new_password')->getData());
115 $em = $this->getDoctrine()->getManager();
119 $this->get('session')->getFlashBag()->add(
121 'The password has been reset successfully'
124 return $this->redirect($this->generateUrl('login'));
127 return $this->render('WallabagCoreBundle:Security:reset.html.twig', array(
129 'form' => $form->createView(),
134 * Get the truncated email displayed when requesting the resetting.
136 * Keeping only the part following @ in the address.
138 * @param string $email
142 protected function getObfuscatedEmail($email)
144 if (false !== $pos = strpos($email, '@')) {
145 $email = '...'.substr($email, $pos);