app/Customize/Controller/AuthController.php line 139

Open in your IDE?
  1. <?php
  3. namespace Customize\Controller;
  5. use Eccube\Form\Type\Front\CustomerLoginType;
  6. use Eccube\Repository\NewsRepository;
  7. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
  8. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
  9. use Symfony\Component\HttpFoundation\Response;
  10. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
  11. use Symfony\Component\HttpFoundation\Request;
  12. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  13. use Eccube\Event\EventArgs;
  14. use Eccube\Entity\Customer;
  15. use Eccube\Event\EccubeEvents;
  16. use Eccube\Controller\AbstractController;
  17. use Eccube\Repository\CustomerRepository;
  18. use Eccube\Form\Type\Front\EntryType;
  19. use Eccube\Repository\PageRepository;
  20. use Eccube\Service\MailService;
  21. use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
  22. use Eccube\Repository\BaseInfoRepository;
  23. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  24. use Symfony\Component\Validator\Validator\ValidatorInterface;
  25. use Eccube\Entity\Master\CustomerStatus;
  26. use Eccube\Service\CartService;
  27. use Eccube\Repository\Master\CustomerStatusRepository;
  28. use Symfony\Component\Validator\Constraints as Assert;
  29. use Symfony\Component\HttpKernel\Exception as HttpException;
  30. use Eccube\Form\Type\Front\ForgotType;
  31. use Eccube\Form\Type\Front\PasswordResetType;
  32. use Exception;
  33. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  35. class AuthController extends AbstractController
  36. {
  37. /**
  38. * @var CustomerRepository
  39. */
  40. protected $customerRepository;
  42. /**
  43. * @var PageRepository
  44. */
  45. protected $pageRepository;
  47. /**
  48. * @var EncoderFactoryInterface
  49. */
  50. protected $encoderFactory;
  53. /**
  54. * @var CustomerStatusRepository
  55. */
  56. protected $customerStatusRepository;
  59. /**
  60. * @var BaseInfo
  61. */
  62. protected $BaseInfo;
  64. /**
  65. * @var MailService
  66. */
  67. protected $mailService;
  69. /**
  70. * @var \Eccube\Service\CartService
  71. */
  72. protected $cartService;
  74. /**
  75. * @var ValidatorInterface
  76. */
  77. protected $recursiveValidator;
  79. /**
  80. * @var TokenStorageInterface
  81. */
  82. protected $tokenStorage;
  84. public function __construct(
  85. CustomerRepository $customerRepository,
  86. PageRepository $pageRepository,
  87. BaseInfoRepository $baseInfoRepository,
  88. MailService $mailService,
  89. EncoderFactoryInterface $encoderFactory,
  90. ValidatorInterface $validatorInterface,
  91. CartService $cartService,
  92. CustomerStatusRepository $customerStatusRepository,
  93. TokenStorageInterface $tokenStorage
  94. ) {
  95. $this->BaseInfo = $baseInfoRepository->get();
  96. $this->customerRepository = $customerRepository;
  97. $this->pageRepository = $pageRepository;
  98. $this->encoderFactory = $encoderFactory;
  99. $this->mailService = $mailService;
  100. $this->recursiveValidator = $validatorInterface;
  101. $this->cartService = $cartService;
  102. $this->customerStatusRepository = $customerStatusRepository;
  103. $this->tokenStorage = $tokenStorage;
  104. }
  105. /**
  106. * @Route("/mypage-login", name="mypage-login", methods={"GET", "POST"})
  107. * @Template("@user_data/auth/mypage_login.twig")
  108. */
  109. public function login(Request $request, AuthenticationUtils $utils)
  110. {
  111. if ($this->isGranted('IS_AUTHENTICATED_FULLY')) {
  112. log_info('認証済のためログイン処理をスキップ');
  114. return $this->redirectToRoute('mypage_index');
  115. }
  117. /* @var $form \Symfony\Component\Form\FormInterface */
  118. $builder = $this->formFactory
  119. ->createNamedBuilder('', CustomerLoginType::class);
  121. $builder->get('login_memory')->setData((bool) $request->getSession()->get('_security.login_memory'));
  123. if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
  124. $Customer = $this->getUser();
  125. if ($Customer instanceof Customer) {
  126. $builder->get('login_email')
  127. ->setData($Customer->getEmail());
  128. }
  129. }
  131. $event = new EventArgs(
  132. [
  133. 'builder' => $builder,
  134. ],
  135. $request
  136. );
  137. $this->eventDispatcher->dispatch($event, EccubeEvents::FRONT_MYPAGE_MYPAGE_LOGIN_INITIALIZE);
  139. $form = $builder->getForm();
  140. return [
  141. 'error' => $utils->getLastAuthenticationError(false),
  142. 'form' => $form->createView(),
  143. ];
  144. }
  146. /**
  147. * Logout
  148. *
  149. * @Route("/customer_logout", name="customer_logout", methods={"GET"})
  150. */
  151. public function logout()
  152. {
  153. if ($this->tokenStorage->getToken() && $this->tokenStorage->getToken()->getUser() instanceof Customer) {
  154. $this->tokenStorage->setToken(null);
  156. return $this->redirectToRoute('homepage');
  157. }
  158. }
  160. /**
  161. * 会員登録画面.
  162. *
  163. * @Route("/register", name="register", methods={"GET", "POST"})
  164. * @Route("/register", name="register_confirm", methods={"GET", "POST"})
  165. * @Template("@user_data/auth/mypage_register.twig")
  166. */
  167. public function index(Request $request)
  168. {
  169. if ($this->isGranted('ROLE_USER')) {
  170. log_info('認証済のためログイン処理をスキップ');
  172. return $this->redirectToRoute('mypage_index');
  173. }
  175. /** @var $Customer \Eccube\Entity\Customer */
  176. $Customer = $this->customerRepository->newCustomer();
  178. /* @var $builder \Symfony\Component\Form\FormBuilderInterface */
  179. $builder = $this->formFactory->createBuilder(EntryType::class, $Customer);
  181. $event = new EventArgs(
  182. [
  183. 'builder' => $builder,
  184. 'Customer' => $Customer,
  185. ],
  186. $request
  187. );
  188. $this->eventDispatcher->dispatch($event, EccubeEvents::FRONT_ENTRY_INDEX_INITIALIZE);
  190. /* @var $form \Symfony\Component\Form\FormInterface */
  191. $form = $builder->getForm();
  193. $form->handleRequest($request);
  195. if ($form->isSubmitted() && $form->isValid()) {
  196. $mailmagaFlg = $form->get('mailmaga_flg')->getData() ? 1 : 0;
  197. $Customer->setMailmagaFlg($mailmagaFlg);
  198. switch ($request->get('mode')) {
  199. case 'confirm':
  200. log_info('会員登録確認開始');
  201. log_info('会員登録確認完了');
  203. return $this->render(
  204. '@user_data/auth/mypage_register_confirm.twig',
  205. [
  206. 'form' => $form->createView(),
  207. 'Page' => $this->pageRepository->getPageByRoute('register_confirm'),
  208. ]
  209. );
  211. case 'complete':
  212. log_info('会員登録開始');
  214. $encoder = $this->encoderFactory->getEncoder($Customer);
  215. $salt = $encoder->createSalt();
  216. $password = $encoder->encodePassword($Customer->getPlainPassword(), $salt);
  217. $secretKey = $this->customerRepository->getUniqueSecretKey();
  219. $Customer
  220. ->setSalt($salt)
  221. ->setPassword($password)
  222. ->setSecretKey($secretKey)
  223. ->setPoint(0);
  225. $this->entityManager->persist($Customer);
  226. $this->entityManager->flush();
  228. log_info('会員登録完了');
  230. $event = new EventArgs(
  231. [
  232. 'form' => $form,
  233. 'Customer' => $Customer,
  234. ],
  235. $request
  236. );
  237. $this->eventDispatcher->dispatch($event, EccubeEvents::FRONT_ENTRY_INDEX_COMPLETE);
  239. $activateFlg = $this->BaseInfo->isOptionCustomerActivate();
  241. // 仮会員設定が有効な場合は、確認メールを送信し完了画面表示.
  242. if ($activateFlg) {
  243. $activateUrl = $this->generateUrl('register_activate', ['secret_key' => $Customer->getSecretKey()], UrlGeneratorInterface::ABSOLUTE_URL);
  245. // メール送信
  246. $this->mailService->sendCustomerConfirmMail($Customer, $activateUrl);
  248. if ($event->hasResponse()) {
  249. return $event->getResponse();
  250. }
  252. log_info('仮会員登録完了画面へリダイレクト');
  254. return $this->redirectToRoute('register_complete');
  255. } else {
  256. // 仮会員設定が無効な場合は、会員登録を完了させる.
  257. $qtyInCart = $this->entryActivate($request, $Customer->getSecretKey());
  259. // URLを変更するため完了画面にリダイレクト
  260. return $this->redirectToRoute('register_activate', [
  261. 'secret_key' => $Customer->getSecretKey(),
  262. 'qtyInCart' => $qtyInCart,
  263. ]);
  264. }
  265. }
  266. }
  268. return [
  269. 'form' => $form->createView(),
  270. ];
  271. }
  273. /**
  274. * 会員登録完了画面.
  275. *
  276. * @Route("/register/complete", name="register_complete", methods={"GET"})
  277. * @Template("@user_data/auth/mypage_register_complete.twig")
  278. */
  279. public function register_complete()
  280. {
  281. return [];
  282. }
  284. /**
  285. * 会員のアクティベート(本会員化)を行う.
  286. *
  287. * @Route("/register/activate/{secret_key}/{qtyInCart}", name="register_activate", methods={"GET"})
  288. * @Template("@user_data/auth/mypage_register_activate.twig")
  289. */
  290. public function activate(Request $request, $secret_key, $qtyInCart = null)
  291. {
  292. $errors = $this->recursiveValidator->validate(
  293. $secret_key,
  294. [
  295. new Assert\NotBlank(),
  296. new Assert\Regex(
  297. [
  298. 'pattern' => '/^[a-zA-Z0-9]+$/',
  299. ]
  300. ),
  301. ]
  302. );
  304. if (!$this->session->has('eccube.login.target.path')) {
  305. $this->setLoginTargetPath($this->generateUrl('mypage', [], UrlGeneratorInterface::ABSOLUTE_URL));
  306. }
  308. if (!is_null($qtyInCart)) {
  309. return [
  310. 'qtyInCart' => $qtyInCart,
  311. ];
  312. } elseif ($request->getMethod() === 'GET' && count($errors) === 0) {
  313. // 会員登録処理を行う
  314. try {
  315. $qtyInCart = $this->entryActivate($request, $secret_key);
  317. return [
  318. 'qtyInCart' => $qtyInCart,
  319. ];
  320. } catch(Exception $e) {
  321. return $this->redirectToRoute('homepage');
  322. }
  323. }
  325. throw new HttpException\NotFoundHttpException();
  326. }
  328. /**
  329. * 会員登録処理を行う
  330. *
  331. * @param Request $request
  332. * @param $secret_key
  333. *
  334. * @return \Eccube\Entity\Cart|mixed
  335. */
  336. private function entryActivate(Request $request, $secret_key)
  337. {
  338. log_info('本会員登録開始');
  339. $Customer = $this->customerRepository->getProvisionalCustomerBySecretKey($secret_key);
  340. if (is_null($Customer)) {
  341. throw new HttpException\NotFoundHttpException();
  342. }
  344. $CustomerStatus = $this->customerStatusRepository->find(CustomerStatus::REGULAR);
  345. $Customer->setStatus($CustomerStatus);
  346. $this->entityManager->persist($Customer);
  347. $this->entityManager->flush();
  349. log_info('本会員登録完了');
  351. $event = new EventArgs(
  352. [
  353. 'Customer' => $Customer,
  354. ],
  355. $request
  356. );
  357. $this->eventDispatcher->dispatch($event, EccubeEvents::FRONT_ENTRY_ACTIVATE_COMPLETE);
  359. // メール送信
  360. $this->mailService->sendCustomerCompleteMail($Customer);
  362. // Assign session carts into customer carts
  363. $Carts = $this->cartService->getCarts();
  364. $qtyInCart = 0;
  365. foreach ($Carts as $Cart) {
  366. $qtyInCart += $Cart->getTotalQuantity();
  367. }
  369. if ($qtyInCart) {
  370. $this->cartService->save();
  371. }
  373. return $qtyInCart;
  374. }
  376. /**
  377. * パスワードリマインダ.
  378. *
  379. * @Route("/forgot_password", name="forgot_password", methods={"GET", "POST"})
  380. * @Template("@user_data/auth/mypage_forgot_password.twig")
  381. */
  382. public function forgot(Request $request)
  383. {
  384. if ($this->isGranted('IS_AUTHENTICATED_FULLY')) {
  385. throw new HttpException\NotFoundHttpException();
  386. }
  388. $builder = $this->formFactory
  389. ->createNamedBuilder('', ForgotType::class);
  391. $event = new EventArgs(
  392. [
  393. 'builder' => $builder,
  394. ],
  395. $request
  396. );
  397. $this->eventDispatcher->dispatch($event, EccubeEvents::FRONT_FORGOT_INDEX_INITIALIZE);
  399. $form = $builder->getForm();
  400. $form->handleRequest($request);
  402. if ($form->isSubmitted() && $form->isValid()) {
  403. $Customer = $this->customerRepository
  404. ->getRegularCustomerByEmail($form->get('login_email')->getData());
  406. if (!is_null($Customer)) {
  407. // リセットキーの発行・有効期限の設定
  408. $Customer
  409. ->setResetKey($this->customerRepository->getUniqueResetKey())
  410. ->setResetExpire(new \DateTime('+' . $this->eccubeConfig['eccube_customer_reset_expire'] . ' min'));
  412. // リセットキーを更新
  413. $this->entityManager->persist($Customer);
  414. $this->entityManager->flush();
  416. $event = new EventArgs(
  417. [
  418. 'form' => $form,
  419. 'Customer' => $Customer,
  420. ],
  421. $request
  422. );
  423. $this->eventDispatcher->dispatch($event, EccubeEvents::FRONT_FORGOT_INDEX_COMPLETE);
  425. // 完了URLの生成
  426. $reset_url = $this->generateUrl('forgot_password_reset', ['reset_key' => $Customer->getResetKey()], UrlGeneratorInterface::ABSOLUTE_URL);
  428. // メール送信
  429. $this->mailService->sendPasswordResetNotificationMail($Customer, $reset_url);
  431. // ログ出力
  432. log_info('send reset password mail to:' . "{$Customer->getId()} {$Customer->getEmail()} {$request->getClientIp()}");
  433. } else {
  434. log_warning(
  435. 'Un active customer try send reset password email: ',
  436. ['Enter email' => $form->get('login_email')->getData()]
  437. );
  438. }
  440. return $this->redirectToRoute('forgot_password_complete');
  441. }
  443. return [
  444. 'form' => $form->createView(),
  445. ];
  446. }
  448. /**
  449. * 再設定URL送信完了画面.
  450. *
  451. * @Route("/forgot_password/complete", name="forgot_password_complete", methods={"GET"})
  452. * @Template("@user_data/auth/forgot_password_complete.twig")
  453. */
  454. public function complete(Request $request)
  455. {
  456. if ($this->isGranted('IS_AUTHENTICATED_FULLY')) {
  457. throw new HttpException\NotFoundHttpException();
  458. }
  460. return [];
  461. }
  463. /**
  464. * パスワード再発行実行画面.
  465. *
  466. * @Route("/forgot_password/reset/{reset_key}", name="forgot_password_reset", methods={"GET", "POST"})
  467. * @Template("@user_data/auth/mypage_reset_password.twig")
  468. */
  469. public function reset(Request $request, $reset_key)
  470. {
  471. if ($this->isGranted('IS_AUTHENTICATED_FULLY')) {
  472. throw new HttpException\NotFoundHttpException();
  473. }
  475. $errors = $this->recursiveValidator->validate(
  476. $reset_key,
  477. [
  478. new Assert\NotBlank(),
  479. new Assert\Regex(
  480. [
  481. 'pattern' => '/^[a-zA-Z0-9]+$/',
  482. ]
  483. ),
  484. ]
  485. );
  487. if (count($errors) > 0) {
  488. // リセットキーに異常がある場合
  489. throw new HttpException\NotFoundHttpException();
  490. }
  492. $Customer = $this->customerRepository
  493. ->getRegularCustomerByResetKey($reset_key);
  495. if (null === $Customer) {
  496. // リセットキーから会員データが取得できない場合
  497. throw new HttpException\NotFoundHttpException();
  498. }
  500. $builder = $this->formFactory
  501. ->createNamedBuilder('', PasswordResetType::class);
  503. $form = $builder->getForm();
  504. $form->handleRequest($request);
  505. $error = null;
  507. if ($form->isSubmitted() && $form->isValid()) {
  508. // リセットキー・入力メールアドレスで会員情報検索
  509. $Customer = $this->customerRepository
  510. ->getRegularCustomerByResetKey($reset_key, $form->get('login_email')->getData());
  511. if ($Customer) {
  512. // パスワードの発行・更新
  513. $encoder = $this->encoderFactory->getEncoder($Customer);
  514. $pass = $form->get('password')->getData();
  515. $Customer->setPassword($pass);
  517. // 発行したパスワードの暗号化
  518. if ($Customer->getSalt() === null) {
  519. $Customer->setSalt($this->encoderFactory->getEncoder($Customer)->createSalt());
  520. }
  521. $encPass = $encoder->encodePassword($pass, $Customer->getSalt());
  523. // パスワードを更新
  524. $Customer->setPassword($encPass);
  525. // リセットキーをクリア
  526. $Customer->setResetKey(null);
  528. // パスワードを更新
  529. $this->entityManager->persist($Customer);
  530. $this->entityManager->flush();
  532. $event = new EventArgs(
  533. [
  534. 'Customer' => $Customer,
  535. ],
  536. $request
  537. );
  538. $this->eventDispatcher->dispatch($event, EccubeEvents::FRONT_FORGOT_RESET_COMPLETE);
  540. // 完了メッセージを設定
  541. $this->addFlash('password_reset_complete', trans('front.forgot.reset_complete'));
  543. // ログインページへリダイレクト
  544. return $this->redirectToRoute('mypage-login');
  545. } else {
  546. // リセットキー・メールアドレスから会員データが取得できない場合
  547. $error = trans('front.forgot.reset_not_found');
  548. }
  549. }
  551. return [
  552. 'error' => $error,
  553. 'form' => $form->createView(),
  554. ];
  555. }
  557. }