<?php
/**
* Created by PhpStorm.
* User: xfloyd
* Date: 9/9/2015
* Time: 4:57 PM
*/
namespace Globals\CoreBundle\Controller;
use Cassandra\Exception\TruncateException;
use Globals\MailManagementBundle\Entity\Mail;
use Globals\CoreBundle\Entity\ResourceSmsSent;
use Globals\MailManagementBundle\Entity\MailRecipient;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
//use \Globals\ResourceManagementBundle\Services\SLogger;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\JsonResponse;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use Globals\CoreBundle\Services\SendMessageService;
use Twilio\Rest\Client;
use Globals\ResourceManagementBundle\Entity\Resource;
class SecurityController extends Controller
{
/**
* Log Error/Status Messages to predefined file location
*
* @param $str
*/
function log($str)
{
$file_path = "/tmp/slogger_output.txt";
if (!file_exists($file_path)) {
$fh = fopen($file_path, 'w');
} else {
$fh = fopen($file_path, 'a');
}
fwrite($fh, print_r($str, true) . "\n");
fclose($fh);
}
/**
* @Route("/")
* @Route("/login", name="login")
*/
public function loginAction(Request $request)
{
if ($this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY') && !$request->isXmlHttpRequest()) {
/**
* Used to load this Resource's "NumPerPage" Setting,
* into the session, to be used on all datatables
*/
$user = $this->container->get("security.token_storage")->getToken()->getUser();
if (!is_scalar($user) && get_class($user) == "Globals\\ResourceManagementBundle\\Entity\\Resource") {
$session = new Session();
$session->set("NumPerPage", 10);
}
return $this->redirect($this->generateUrl('globals_claimmanagement_claimintakecontainer_mainactivity')); // secure_homepage
}
try {
$this->getDoctrine()->getConnection()->connect();
} catch (\Exception $e) {
// failed to connect time to go to the main landing page where you can select your customer ID
return $this->render('CoreBundle:Default:index.html.twig');
}
return $this->render('@Core/Default/login_base.html.twig', ['IS_MODAL' => $request->isXmlHttpRequest()]);
}
/**
* @Route("/savesmsresponse")
*/
public function saveSmsResponse(Request $request)
{
// header("content-type: text/xml");
// $response = new MessagingResponse();
// $response->message(
// "I'm using the Twilio PHP library to respond to this SMS!"
// );
$em = $this->container->get("doctrine.orm.entity_manager");
$twilioresponse = json_decode($_REQUEST,true);
file_put_contents("test.txt",$_REQUEST);
$messageId = $twilioresponse['sid'];
$messageStatus = $twilioresponse['status'];
$objSmsInfo = $em->getRepository("CoreBundle:ResourceSmsSent")->findOneBy(array('smsId'=> $messageId));
$objSmsInfo->setSmsSentStatus($messageStatus);
$em->persist($objSmsInfo);
$em->flush();
$response = 'success';
return new JsonResponse($response);
// echo $_SERVER['REQUEST_SCHEME'].'://'.$_SERVER['HTTP_HOST'].
// $_SERVER['PHP_SELF'];
// dd($_SERVER);
// die("dfdfdf");
}
/**
* @Route("/smsvalidate")
*/
public function smsValidate(Request $request)
{
//return $this->redirect($this->generateUrl('globals_claimmanagement_claimintakecontainer_mainactivity')); // secure_homepage
//$phone_number_only = '+13109895228';
//$client = new Client('ACd025cc7fe51bd8f5ad59f7aaccaf0446', '73344d257e7d5313e2c89543a99e2d1b');
//$sms = $client->messages->create(
// $phone_number_only, // to
// [
// "body" => 'Dear MO, 100000 has been deposited in to your account.But total amount will not change', // message contents
// "from" => "+17405737242" // from number
// ]
// );
$em = $this->container->get("doctrine.orm.entity_manager");
$resource = $em->getRepository("ResourceManagementBundle:Resource")->find(base64_decode(urldecode($_GET['id'])));
$objSmsInfo = $em->getRepository("CoreBundle:ResourceSmsSent")->findOneBy(array('userId'=> base64_decode(urldecode($_GET['id'])),'isActive'=>'Y'),
array('id' => 'DESC'));
$smsSentTimeDiff = 0;
if(!empty($objSmsInfo)) {
$smsSentTime = strtotime($objSmsInfo->getSentOn()->format('Y-m-d H:i:s'));
$currentTime = strtotime(date('Y-m-d H:i:s'));
$smsSentTimeDiff = $currentTime - $smsSentTime;
}
return $this->render('@Core/Default/sms_validate.html.twig', ['IS_MODAL' => $request->isXmlHttpRequest(),'smsSentMobileNO'=>$resource->getMobilePhone(),'userId'=>$resource->getId(),'smsSentTimeDiff'=>$smsSentTimeDiff,'counterTot'=>180]);
}
/**
* @Route("/")
* @Route("/get_auth_info", name="get_auth_info")
*/
public function getAuthInfoAction(Request $request)
{
$em = $this->container->get("doctrine.orm.entity_manager");
$auth_code = $request->request->get("auth_code");
$userId= $request->request->get("userId");
$validsms = $em->getRepository("CoreBundle:ResourceSmsSent")->findBy(array("smsStatus" => array('sent','wrong1','wrong2'),'isActive'=>'Y',"userId"=> $userId),
array('id' => 'DESC'));
if(!empty($validsms) && $auth_code==$validsms[0]->getSmsCode()) {
$validsms[0]->setSmsStatus('validated');
$em->persist($validsms[0]);
$em->flush();
$objResource = $em->getRepository("ResourceManagementBundle:Resource")->findOneBy([
"id" => $userId,
"isActive" => 1
]);
$userRole = $objResource->getRoles();
if (in_array('ROLE_REGISTERED',$userRole )) {
return new JsonResponse($this->generateUrl('globals_resourcemanagement_resource_resources2'). '#' . preg_replace("/^\/(?!app_dev.php)/", "", $this->generateUrl('globals_resourcemanagement_resource_editresourceajax', ["id" => $userId])));
}else{
return new JsonResponse(($this->generateUrl('globals_claimmanagement_claimintakecontainer_mainactivity'))); // secure_homepage
// return new JsonResponse($this->generateUrl('globals_claimmanagement_claimintakecontainer_mainactivity'). '#' . preg_replace("/^\/(?!app_dev.php)/", "", $this->generateUrl('globals_claimmanagement_claimintakefragments_viewmyclaims')));
}
//return $this->redirect($this->generateUrl('globals_claimmanagement_claimintakecontainer_mainactivity')); // secure_homepage
}
else{
$validsms = $em->getRepository("CoreBundle:ResourceSmsSent")->findOneBy(array('isActive'=>'Y',"userId"=> $userId), array('id' => 'DESC'));
if($validsms->getSmsStatus()=='sent'){
$validsms->setSmsStatus('wrong1');
$em->persist($validsms);
$em->flush();
return new JsonResponse('NOTVALID');
}
if($validsms->getSmsStatus()=='wrong1'){
$validsms->setSmsStatus('wrong2');
$em->persist($validsms);
$em->flush();
return new JsonResponse('NOTVALID');
}
if($validsms->getSmsStatus()=='wrong2'){
$validsms->setSmsStatus('wrong3');
$em->persist($validsms);
$em->flush();
return new JsonResponse($this->generateUrl('logout'));
}
}
}
/**
* @Route("/")
* @Route("/resend_auth_code", name="resend_auth_code")
*/
public function resendAuthCodeAction(Request $request)
{
$em = $this->container->get("doctrine.orm.entity_manager");
$userId = $request->request->get("userId");
$callfrm = $request->request->get("frm");
$objSmsInfo = $em->getRepository("CoreBundle:ResourceSmsSent")->findOneBy(array('userId' => $userId,'isActive'=>'Y'),
array('id' => 'DESC'));
if (!empty($objSmsInfo) && $callfrm!='resend'){
$objSmsInfo->setSmsStatus('expired');
$em->persist($objSmsInfo);
$em->flush();
return new JsonResponse('Expired');
}
$objSmsInfo = $em->getRepository("CoreBundle:ResourceSmsSent")->findBy(array('userId' => $userId,'isActive'=>'Y'),
array('id' => 'DESC'));
if($callfrm=='resend' && $objSmsInfo[0]->getSmsStatus()!='Sent') {
$objResInfo = $em->getRepository("ResourceManagementBundle:Resource")->findOneBy(array('id' => $userId));
$messageSendService = new SendMessageService($em);
$smsArrayData = array();
$smsArrayData['user_id'] = $userId;
$smsArrayData['user_mobile_phone'] = $objResInfo->getMobilePhone();
$messageSendService->sendSMS($smsArrayData);
return new JsonResponse('Sent');
}else{
return new JsonResponse('noSent');
}
}
/**
* @Route("/login_check", name="login_check")
*/
public function loginCheckAction()
{
// this controller will not be executed,
// as the route is handled by the Security system
}
/**
* @Route("/check_password", name="check_password")
*/
public function isPasswordValid(Request $request)
{
$response = 'error';
$user = false;
if ($request->isMethod('POST') && $password = $request->get('password')) {
if ($username = $this->get('security.token_storage')->getToken()->getUser()->getUsername()) {
$em = $this->getDoctrine()->getManager();
$user = $em->getRepository("ResourceManagementBundle:Resource")->findOneBy([
"username" => $username,
"isActive" => 1
]);
}
if ($user)
{
// Get the encoder for the users password
//$encoder_service = $this->get('security.encoder_factory');
// $encoder = $encoder_service->getEncoder($user);
$passwordService = $this->container->get("core.password_validate");
if ( $passwordService->passwordIsValidForCurrentUser($password)) {
// Password ok
$response = 'valid';
} else {
// Password bad
$response = 'invalid';
}
} else {
if ($username = $this->get('security.token_storage')->getToken()->getUser()->getUsername()) {
$em = $this->getDoctrine()->getManager();
$query = $em->createQuery("SELECT u FROM \Globals\ResourceManagementBundle\Entity\Resource u WHERE u.username = :username");
$query->setParameter('username', $username);
$resource = $query->getOneOrNullResult();
}
if ($resource) {
// Get the encoder for the users password
//$encoder_service = $this->get('security.encoder_factory');
// $encoder = $encoder_service->getEncoder($user);
$passwordService = $this->container->get("core.password_validate");
//if ($encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) {
if ( $passwordService->passwordIsValidForCurrentUser($password)) {
// Password ok
$response = 'valid';
} else {
// Password bad
$response = 'invalid';
}
}
}
}
return new JsonResponse(['response' => $response]);
}
/**
* @Route("/send_forget_password_email", name="send_forget_password_email")
* @Method({"POST"})
*/
public function sendForgetPasswordEmailAction(Request $request)
{
$user = false;
$forget_password_email = $request->request->get('_forget_password_email');
if ($forget_password_email)
{
$em = $this->getDoctrine()->getManager();
$query = $em->createQuery("SELECT u FROM \Globals\ResourceManagementBundle\Entity\Resource u WHERE u.email = :email");
$query->setParameter('email', $forget_password_email);
$user = $query->getOneOrNullResult();
}
if ($user && $user_email = $user->getEmail()) // let's see if we have the user and the user has an email.
{
$x = md5(time());
$y = str_split($x, 16);
$token = $y[0] . date('Hi') . $y[1];
$user->setPasswordResetToken($token);
$user->setPasswordChangeDate(new \DateTime());
$em->persist($user);
$em->flush();
$url = $this->generateUrl(
'password_reset_form',
array('password_reset_token' => $token),
UrlGeneratorInterface::ABSOLUTE_URL
);
$mailer = $this->container->get('mail_management.mailer');
$mailer->setSendingConfig();
$Mail = new Mail();
# Recipient
$Recipient = new MailRecipient();
$Recipient->setEmail($user_email);
$Recipient->setDisplayName($user->getFullName());
$Recipient->setMail($Mail);
$Recipient->setRecipientId($user->getId());
$entityName = $em->getMetadataFactory()->getMetadataFor(get_class($user))->getName();
$Recipient->setRecipientType($entityName);
//$em->persist($Recipient);
//$em->flush();
# Adds the single recipient (resource);
$Mail->addRecipient($Recipient);
$Mail->setSubject('Forgotten password reset');
# Finalize the MAIL object
$Mail->setBody($this->renderView(
'CoreBundle:email:forget_password_email.html.twig',
array('user' => $user, 'url' => $url)
), 'text/html');
$mailer->sendEmail($Mail);
return new JsonResponse(['response' => true]);
} else {
return new JsonResponse(['response' => false]);
}
}
/**
* @Route("/password_reset_form/{password_reset_token}", defaults={"password_reset_token" = 0}, name="password_reset_form")
*/
public function passwordResetForm(Request $request, $password_reset_token)
{
$user = false;
$password_reset_token = $password_reset_token ? $password_reset_token : $request->request->get('password_reset_token');
$em = $this->getDoctrine()->getManager();
$query = $em->createQuery("SELECT u FROM \Globals\ResourceManagementBundle\Entity\Resource u WHERE u.passwordResetToken = :password_reset_token");
$query->setParameter('password_reset_token', $password_reset_token);
$user = $query->getOneOrNullResult();
$reset_token_time = str_split($password_reset_token, 4); //5th segment should be time and we will check if it's 2 hours or less
if ($request->isMethod('POST'))
{
$new_password = $request->request->get('new_password');
if ($new_password)
{
$encoder = $this->container->get('security.password_encoder');
$encoded = $encoder->encodePassword($user, $new_password);
$user->setPasswordResetToken('');
$user->setPassword($encoded);
$user->setPasswordChangeDate(new \DateTime());
$em->persist($user);
$em->flush();
return new JsonResponse(['response' => true]);
}
} else {
if ($user && (strtotime($reset_token_time[4]) + 7200 > time())) {
return $this->render('CoreBundle:Default:password_reset_form.html.twig', array('password_reset_token' => $user->getPasswordResetToken()));
} else {
return $this->render('CoreBundle:Default:index.html.twig');
}
}
return new JsonResponse(['response' => false]);
}
/**
* @Route("/keep_alive", name="keep_alive")
*/
public function keepAliveAction()
{
return new JsonResponse('Alive');
}
/**
*
* @Route("/forcedpasswordchange", name="forcedpasswordchange")
*/
public function forcedpasswordchangeAction(Request $request)
{
// print_r($request->query->get('id'));
if ($request->isMethod('POST'))
{
//print_r($request->request);
$user = new Resource();
$old_password = $request->request->get('old_password');
$new_password = $request->request->get('new_password');
$decoded_id = base64_decode(urldecode($request->request->get('_user_token')));
$em = $this->getDoctrine()->getManager();
$ResourceData = $em->getRepository("ResourceManagementBundle:Resource")->findOneBy([
"id" => $decoded_id,
"isActive" => 1
]);
if(empty($ResourceData)){
return new JsonResponse(['response' => false]);
}
if ($new_password)
{
$encoder = $this->container->get('security.password_encoder');
$newEncoded = $encoder->encodePassword($user, $new_password);
$ResourceData->setPasswordResetToken('');
$ResourceData->setPassword($newEncoded);
$ResourceData->setPasswordChangeDate(new \DateTime());
$em->persist($ResourceData);
$em->flush();
return new JsonResponse(['response' => true]);
}
}
return $this->render('CoreBundle:Default:forced_password_reset_form.html.twig', array("TempId" =>$request->query->get('id') ));
}
}