From 827fdfb628597301e5ea905b26ebd5a33d322bb9 Mon Sep 17 00:00:00 2001 From: babak alizadeh Date: Wed, 29 May 2024 07:35:33 +0000 Subject: [PATCH] bug fix in reset password --- hesabixCore/config/packages/mailer.yaml | 2 +- .../Plugins/PlugRepserviceController.php | 15 +- hesabixCore/src/Controller/UserController.php | 253 +++++++++--------- hesabixCore/src/Service/Provider.php | 2 +- hesabixCore/src/Service/SMS.php | 2 +- 5 files changed, 141 insertions(+), 133 deletions(-) diff --git a/hesabixCore/config/packages/mailer.yaml b/hesabixCore/config/packages/mailer.yaml index e909546..40f8322 100644 --- a/hesabixCore/config/packages/mailer.yaml +++ b/hesabixCore/config/packages/mailer.yaml @@ -3,4 +3,4 @@ framework: dsn: '%env(MAILER_DSN)%' message_bus: false headers: - From: 'Hesabix.ir ' + From: 'Hesabix.ir ' diff --git a/hesabixCore/src/Controller/Plugins/PlugRepserviceController.php b/hesabixCore/src/Controller/Plugins/PlugRepserviceController.php index 0f62e9b..0a0e5e5 100644 --- a/hesabixCore/src/Controller/Plugins/PlugRepserviceController.php +++ b/hesabixCore/src/Controller/Plugins/PlugRepserviceController.php @@ -82,7 +82,7 @@ class PlugRepserviceController extends AbstractController if (array_key_exists('sms', $params)) { if ($params['sms'] == true) { //going to send sms - $sms->send( + $smsres = $sms->sendByBalance( [ $person->getNikename(), $order->getCode(), @@ -90,10 +90,21 @@ class PlugRepserviceController extends AbstractController $acc['bid']->getId() . '/' . $order->getShortlink() ], $registryMGR->get('sms', 'plugRepserviceStateGet'), - $person->getMobile() + $person->getMobile(), + $acc['bid'], + $this->getUser(), + 1 ); + if ($smsres == 2) { + return $this->json([ + 'code' => 11, + 'data' => '', + 'message' => 'operation success but sms not send' + ]); + } } } + return $this->json($extractor->operationSuccess()); } } diff --git a/hesabixCore/src/Controller/UserController.php b/hesabixCore/src/Controller/UserController.php index 214f957..758f8fb 100644 --- a/hesabixCore/src/Controller/UserController.php +++ b/hesabixCore/src/Controller/UserController.php @@ -1,6 +1,7 @@ json([ @@ -66,41 +67,41 @@ class UserController extends AbstractController return $this->json([ 'user' => $user->getUserIdentifier(), 'token' => $token->getToken(), - 'tokenID'=> $token->getTokenID() + 'tokenID' => $token->getTokenID() ]); } #[Route('/api/user/has/role/{id}', name: 'api_user_has_role')] - public function api_user_has_role(#[CurrentUser] ?User $user,EntityManagerInterface $entityManager,$id): Response + public function api_user_has_role(#[CurrentUser] ?User $user, EntityManagerInterface $entityManager, $id): Response { - if($this->isGranted($id)){ + if ($this->isGranted($id)) { return $this->json( - ['result'=>true] + ['result' => true] ); } return $this->json( - ['result'=>false] + ['result' => false] ); } #[Route('/api/user/check/login', name: 'api_user_check_login')] - public function api_user_check_login(#[CurrentUser] ?User $user,EntityManagerInterface $entityManager): Response + public function api_user_check_login(#[CurrentUser] ?User $user, EntityManagerInterface $entityManager): Response { if (null === $user) { return $this->json( - ['result'=>false] + ['result' => false] ); } return $this->json( [ - 'result'=>true, - 'email'=>$user->getEmail(), - 'active'=>$user->isActive() + 'result' => true, + 'email' => $user->getEmail(), + 'active' => $user->isActive() ] ); } #[Route('/api/user/get/permissions', name: 'api_user_get_permissions')] - public function api_user_get_permissions(#[CurrentUser] ?User $user,EntityManagerInterface $entityManager): Response + public function api_user_get_permissions(#[CurrentUser] ?User $user, EntityManagerInterface $entityManager): Response { if (null === $user) { return $this->json([ @@ -108,44 +109,44 @@ class UserController extends AbstractController ], Response::HTTP_UNAUTHORIZED); } return $this->json( - ['is_login'=>true] + ['is_login' => true] ); } #[Route('/api/user/get/users/of/business/{bid}', name: 'api_user_get_of_business')] - public function api_user_get_of_business($bid,#[CurrentUser] ?User $user,EntityManagerInterface $entityManager): Response + public function api_user_get_of_business($bid, #[CurrentUser] ?User $user, EntityManagerInterface $entityManager): Response { - $business = $entityManager->getRepository(Business::class)->find($bid); - if(!$business) - throw $this->createNotFoundException(); - $perms = $entityManager->getRepository(Permission::class)->findBy(['bid'=>$business]); - $out = []; - foreach ($perms as $perm){ - $temp=[]; - $temp['name'] = $perm->getUser()->getFullName(); - $temp['email'] = $perm->getUser()->getEmail(); - $temp['owner'] = $perm->isOwner(); - $out[] = $temp; - } + $business = $entityManager->getRepository(Business::class)->find($bid); + if (!$business) + throw $this->createNotFoundException(); + $perms = $entityManager->getRepository(Permission::class)->findBy(['bid' => $business]); + $out = []; + foreach ($perms as $perm) { + $temp = []; + $temp['name'] = $perm->getUser()->getFullName(); + $temp['email'] = $perm->getUser()->getEmail(); + $temp['owner'] = $perm->isOwner(); + $out[] = $temp; + } return $this->json($out); } #[Route('/api/user/current/info', name: 'api_user_current_info')] - public function api_user_current_info(#[CurrentUser] ?User $user,Provider $provider,EntityManagerInterface $entityManager): Response + public function api_user_current_info(#[CurrentUser] ?User $user, Provider $provider, EntityManagerInterface $entityManager): Response { return $this->json([ - 'id'=> $user->getId(), - 'email'=>$user->getEmail(), - 'fullname'=>$user->getFullName(), - 'businessCount'=>count($user->getBusinesses()), - 'hash_email'=> $provider->gravatarHash($user->getEmail()), - 'mobile'=>$user->getMobile() + 'id' => $user->getId(), + 'email' => $user->getEmail(), + 'fullname' => $user->getFullName(), + 'businessCount' => count($user->getBusinesses()), + 'hash_email' => $provider->gravatarHash($user->getEmail()), + 'mobile' => $user->getMobile() ]); } #[Route('/api/user/logout', name: 'api_user_logout')] - public function api_user_logout(Security $security,EntityManagerInterface $entityManager,Request $request): Response + public function api_user_logout(Security $security, EntityManagerInterface $entityManager, Request $request): Response { // logout the user in on the current firewall $security->logout(false); @@ -157,16 +158,16 @@ class UserController extends AbstractController throw new CustomUserMessageAuthenticationException('No API token provided'); } $tk = $entityManager->getRepository(UserToken::class)->findByApiToken($apiToken); - if (! $tk) { + if (!$tk) { throw new UserNotFoundException(); } - $entityManager->getRepository(UserToken::class)->remove($tk,true); - return $this->json(['result'=>true]); + $entityManager->getRepository(UserToken::class)->remove($tk, true); + return $this->json(['result' => true]); } #[Route('/api/user/update/info', name: 'api_user_update_info')] - public function api_user_update_info(#[CurrentUser] ?User $user,EntityManagerInterface $entityManager,Request $request): Response + public function api_user_update_info(#[CurrentUser] ?User $user, EntityManagerInterface $entityManager, Request $request): Response { $pameters = []; if ($content = $request->getContent()) { @@ -175,24 +176,24 @@ class UserController extends AbstractController $user->setFullName($pameters['fullname']); $entityManager->persist($user); $entityManager->flush(); - return $this->json(['result'=>true]); + return $this->json(['result' => true]); } #[Route('/api/user/is_superadmin', name: 'api_user_is_super_admin')] - public function api_user_is_super_admin(#[CurrentUser] ?User $user,EntityManagerInterface $entityManager,Request $request): Response + public function api_user_is_super_admin(#[CurrentUser] ?User $user, EntityManagerInterface $entityManager, Request $request): Response { $this->denyAccessUnlessGranted('ROLE_ADMIN'); - return $this->json(['result'=>1]); + return $this->json(['result' => 1]); } #[Route('/api/user/change/password', name: 'api_user_change_password')] - public function api_user_change_password(#[CurrentUser] ?User $user,UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager,Request $request): Response + public function api_user_change_password(#[CurrentUser] ?User $user, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager, Request $request): Response { $params = []; if ($content = $request->getContent()) { $params = json_decode($content, true); } - if($params['pass'] == $params['repass']){ + if ($params['pass'] == $params['repass']) { $user->setPassword( $userPasswordHasher->hashPassword( $user, @@ -201,29 +202,28 @@ class UserController extends AbstractController ); $entityManager->persist($user); $entityManager->flush(); - return $this->json(['result'=>true]); + return $this->json(['result' => true]); } - return $this->json(['result'=>false]); + return $this->json(['result' => false]); } #[Route('/api/user/register', name: 'api_user_register')] - public function api_user_register(registryMGR $registryMGR,SMS $SMS,MailerInterface $mailer,Request $request, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager): Response + public function api_user_register(registryMGR $registryMGR, SMS $SMS, MailerInterface $mailer, Request $request, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager): Response { $params = []; if ($content = $request->getContent()) { $params = json_decode($content, true); } - if(array_key_exists('name',$params) && array_key_exists('email',$params) && array_key_exists('mobile',$params) && array_key_exists('password',$params )){ - if($entityManager->getRepository(User::class)->findOneBy(['email'=>trim($params['email'])])){ + if (array_key_exists('name', $params) && array_key_exists('email', $params) && array_key_exists('mobile', $params) && array_key_exists('password', $params)) { + if ($entityManager->getRepository(User::class)->findOneBy(['email' => trim($params['email'])])) { return $this->json([ - 'error'=> 1, - 'message'=> 'این پست الکترونیکی قبلا ثبت شده است.' + 'error' => 1, + 'message' => 'این پست الکترونیکی قبلا ثبت شده است.' ]); - } - elseif($entityManager->getRepository(User::class)->findOneBy(['mobile'=>trim($params['mobile'])])){ + } elseif ($entityManager->getRepository(User::class)->findOneBy(['mobile' => trim($params['mobile'])])) { return $this->json([ - 'error'=> 2, - 'message'=> 'این شماره تلفن قبلا ثبت شده است.' + 'error' => 2, + 'message' => 'این شماره تلفن قبلا ثبت شده است.' ]); } $user = new User(); @@ -232,7 +232,7 @@ class UserController extends AbstractController $user->setFullName($params['name']); $user->setMobile($params['mobile']); $user->setVerifyCodeTime(time() + 300); - $user->setVerifyCode($this->RandomString(6,true)); + $user->setVerifyCode($this->RandomString(6, true)); $user->setDateRegister(time()); $user->setPassword( $userPasswordHasher->hashPassword( @@ -245,7 +245,7 @@ class UserController extends AbstractController $entityManager->flush(); $SMS->send( [$user->getVerifyCode()], - $registryMGR->get('sms','f2a'), + $registryMGR->get('sms', 'f2a'), $user->getMobile() ); try { @@ -254,68 +254,66 @@ class UserController extends AbstractController ->priority(Email::PRIORITY_HIGH) ->subject('تایید ایمیل در حسابیکس') ->html( - $this->renderView('user/email/confrim-register.html.twig',[ - 'code'=>$user->getVerifyCode() + $this->renderView('user/email/confrim-register.html.twig', [ + 'code' => $user->getVerifyCode() ]) ); $mailer->send($email); - }catch (Exception $exception){ - + } catch (Exception $exception) { } return $this->json([ - 'error'=> 0, - 'id'=>$user->getId(), - 'message'=> 'ok', + 'error' => 0, + 'id' => $user->getId(), + 'message' => 'ok', ]); } return $this->json([ - 'error'=> 999, - 'message'=> 'تمام موارد لازم را وارد کنید.' + 'error' => 999, + 'message' => 'تمام موارد لازم را وارد کنید.' ]); return $this->json(['ok']); } #[Route('/api/user/active/code/info/{id}', name: 'api_user_active_code_info')] - public function api_user_active_code_info(registryMGR $registryMGR,MailerInterface $mailer,SMS $SMS,String $id,#[CurrentUser] ?User $user,UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager,Request $request): Response + public function api_user_active_code_info(registryMGR $registryMGR, MailerInterface $mailer, SMS $SMS, String $id, #[CurrentUser] ?User $user, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager, Request $request): Response { $send = false; $user = $entityManager->getRepository(User::class)->find($id); - if(!$user) + if (!$user) throw $this->createNotFoundException('user not exist'); - if(!$user->getMobile()) - return $this->json(['id'=>$user->getId(),'active'=>false,'result'=>'mobilenotset']); - if($user->isActive()) - return $this->json(['id'=>$user->getId(),'active'=>true]); + if (!$user->getMobile()) + return $this->json(['id' => $user->getId(), 'active' => false, 'result' => 'mobilenotset']); + if ($user->isActive()) + return $this->json(['id' => $user->getId(), 'active' => true]); $res = []; $res['id'] = $user->getId(); $res['email'] = $user->getEmail(); $res['time'] = time(); $res['active'] = false; - if($user->getVerifyCodeTime()){ - if(time() > $user->getVerifyCodeTime()){ + if ($user->getVerifyCodeTime()) { + if (time() > $user->getVerifyCodeTime()) { $user->setVerifyCodeTime(time() + 300); - $user->setVerifyCode($this->RandomString(6,true)); + $user->setVerifyCode($this->RandomString(6, true)); $entityManager->persist($user); $entityManager->flush(); $send = true; } - } - else{ + } else { $user->setVerifyCodeTime(time() + 300); - $user->setVerifyCode($this->RandomString(6,true)); + $user->setVerifyCode($this->RandomString(6, true)); $entityManager->persist($user); $entityManager->flush(); $send = true; } $res['cutDown'] = $user->getVerifyCodeTime(); - if($send){ + if ($send) { //send sms and email $SMS->send( [$user->getVerifyCode()], - $registryMGR->get('sms','f2a'), + $registryMGR->get('sms', 'f2a'), $user->getMobile() ); $email = (new Email()) @@ -323,8 +321,8 @@ class UserController extends AbstractController ->priority(Email::PRIORITY_HIGH) ->subject('تایید ایمیل در حسابیکس') ->html( - $this->renderView('user/email/confrim-register.html.twig',[ - 'code'=>$user->getVerifyCode() + $this->renderView('user/email/confrim-register.html.twig', [ + 'code' => $user->getVerifyCode() ]) ); @@ -334,20 +332,20 @@ class UserController extends AbstractController } #[Route('/api/user/reset/password/send-to-sms/{id}', name: 'api_user_forget_reset_password')] - public function api_user_forget_reset_password(registryMGR $registryMGR,MailerInterface $mailer,SMS $SMS,String $id,UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager,Request $request): Response + public function api_user_forget_reset_password(registryMGR $registryMGR, MailerInterface $mailer, SMS $SMS, String $id, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager, Request $request): Response { $params = []; if ($content = $request->getContent()) { $params = json_decode($content, true); } - if(array_key_exists('code',$params)){ + if (array_key_exists('code', $params)) { $obj = $entityManager->getRepository(User::class)->find($id); - if($obj){ - if($obj->getVerifyCodeTime() > time()){ - $obj = $entityManager->getRepository(User::class)->findOneBy(['id'=>$id,'verifyCode'=>$params['code']]); - if($obj){ + if ($obj) { + if ($obj->getVerifyCodeTime() > time()) { + $obj = $entityManager->getRepository(User::class)->findOneBy(['id' => $id, 'verifyCode' => $params['code']]); + if ($obj) { //reset password - $password = $this->RandomString(12,true); + $password = $this->RandomString(12, true); $obj->setPassword( $userPasswordHasher->hashPassword( $obj, @@ -356,10 +354,10 @@ class UserController extends AbstractController ); $entityManager->persist($obj); $entityManager->flush(); - + $SMS->send( [$password], - $registryMGR->get('sms','changePassword'), + $registryMGR->get('sms', 'changePassword'), $obj->getMobile() ); $email = (new Email()) @@ -367,72 +365,71 @@ class UserController extends AbstractController ->priority(Email::PRIORITY_HIGH) ->subject('تغییر کلمه عبور') ->html( - $this->renderView('user/email/reset-password.html.twig',[ - 'code'=>$password + $this->renderView('user/email/reset-password.html.twig', [ + 'code' => $password ]) ); $mailer->send($email); - return $this->json(['result'=>'ok']); + return $this->json(['result' => 'ok']); } //code is incorrect - return $this->json(['result'=>'false']); - } - else - return $this->json(['result'=>'expired']); + return $this->json(['result' => 'false']); + } else + return $this->json(['result' => 'expired']); } } throw $this->createAccessDeniedException(); } #[Route('/api/user/active/account/{id}', name: 'api_user_active_account')] - public function api_user_active_account(MailerInterface $mailer,SMS $SMS,String $id,#[CurrentUser] ?User $user,UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager,Request $request): Response + public function api_user_active_account(MailerInterface $mailer, SMS $SMS, String $id, #[CurrentUser] ?User $user, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager, Request $request): Response { $send = false; $user = $entityManager->getRepository(User::class)->find($id); - if(!$user) + if (!$user) throw $this->createNotFoundException('user not exist'); - if($user->isActive()) - return $this->json(['result'=>'active before','id'=>$user->getId(),'active'=>true]); + if ($user->isActive()) + return $this->json(['result' => 'active before', 'id' => $user->getId(), 'active' => true]); $params = []; if ($content = $request->getContent()) { $params = json_decode($content, true); } - if(!array_key_exists('code',$params)) + if (!array_key_exists('code', $params)) throw $this->createNotFoundException('code not exist'); - if($user->getVerifyCode() == $params['code']){ + if ($user->getVerifyCode() == $params['code']) { $user->setActive(true); $entityManager->persist($user); $entityManager->flush(); - return $this->json(['result'=>'ok','id'=>$user->getId(),'active'=>true]); + return $this->json(['result' => 'ok', 'id' => $user->getId(), 'active' => true]); } - return $this->json(['result'=>'not correct','id'=>$user->getId(),'active'=>false]); + return $this->json(['result' => 'not correct', 'id' => $user->getId(), 'active' => false]); } #[Route('/api/user/forget/password/send-code', name: 'api_user_forget_password_send_code')] - public function api_user_forget_password_send_code(registryMGR $registryMGR,#[CurrentUser] ?User $user,SMS $SMS,MailerInterface $mailer,UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager,Request $request): Response + public function api_user_forget_password_send_code(registryMGR $registryMGR, #[CurrentUser] ?User $user, SMS $SMS, MailerInterface $mailer, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager, Request $request): Response { $params = []; if ($content = $request->getContent()) { $params = json_decode($content, true); } - if(! array_key_exists('email',$params)) + if (!array_key_exists('email', $params)) throw $this->createAccessDeniedException('email not send'); - $user = $entityManager->getRepository(User::class)->findOneBy(['email'=>$params['email']]); - if(!$user){ - $user = $entityManager->getRepository(User::class)->findOneBy(['mobile'=>$params['email']]); - if(!$user) - throw $this->createNotFoundException('email not exist'); + $user = $entityManager->getRepository(User::class)->findOneBy(['email' => $params['email']]); + if (!$user) { + $user = $entityManager->getRepository(User::class)->findOneBy(['mobile' => $params['email']]); + if (!$user) + return $this->json(['result' => 404]); } - if($user->getVerifyCodeTime() > time()) - return $this->json(['result'=>'send before']); - $user->setVerifyCode($this->RandomString(6,true)); + if ($user->getVerifyCodeTime() > time()) + return $this->json(['result' => 'send before']); + $user->setVerifyCode($this->RandomString(6, true)); $user->setVerifyCodeTime(time() + 300); $entityManager->persist($user); $entityManager->flush(); //send sms and email $SMS->send( [$user->getVerifyCode()], - $registryMGR->get('sms','recPassword'), + $registryMGR->get('sms', 'recPassword'), $user->getMobile() ); $email = (new Email()) @@ -440,30 +437,30 @@ class UserController extends AbstractController ->priority(Email::PRIORITY_HIGH) ->subject('حسابیکس - فراموشی کلمه عبور') ->html( - $this->renderView('user/email/confrim-forget-password.html.twig',[ - 'code'=>$user->getVerifyCode() + $this->renderView('user/email/confrim-forget-password.html.twig', [ + 'code' => $user->getVerifyCode() ]) ); $mailer->send($email); - return $this->json(['result'=>true,'id'=>$user->getId()]); + return $this->json(['result' => true, 'id' => $user->getId()]); } #[Route('/api/user/save/mobile-number', name: 'api_user_save_mobile_number')] - public function api_user_save_mobile_number(MailerInterface $mailer,SMS $SMS,#[CurrentUser] ?User $user,UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager,Request $request): Response + public function api_user_save_mobile_number(MailerInterface $mailer, SMS $SMS, #[CurrentUser] ?User $user, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager, Request $request): Response { $params = []; if ($content = $request->getContent()) { $params = json_decode($content, true); } - if(! array_key_exists('mobile',$params)) + if (!array_key_exists('mobile', $params)) throw $this->createAccessDeniedException('mobile not set'); $user = $this->getUser(); - if(!$user->getMobile()){ + if (!$user->getMobile()) { $user->setMobile($params['mobile']); $entityManager->persist($user); $entityManager->flush(); - return $this->json(['result'=>'ok']); + return $this->json(['result' => 'ok']); } - return $this->json(['result'=>'exist-before']); + return $this->json(['result' => 'exist-before']); } } diff --git a/hesabixCore/src/Service/Provider.php b/hesabixCore/src/Service/Provider.php index 1d8a0b2..bf033e6 100644 --- a/hesabixCore/src/Service/Provider.php +++ b/hesabixCore/src/Service/Provider.php @@ -200,7 +200,7 @@ class Provider * @param int $length number of characters in the generated string * @return string a new string is created with random characters of the desired length */ - private function RandomString($length = 32) + public function RandomString($length = 32) { return substr(str_shuffle(str_repeat($x = '23456789ABCDEFGHJKLMNPQRSTUVWXYZ', ceil($length / strlen($x)))), 1, $length); } diff --git a/hesabixCore/src/Service/SMS.php b/hesabixCore/src/Service/SMS.php index 9972adc..1bd33a5 100644 --- a/hesabixCore/src/Service/SMS.php +++ b/hesabixCore/src/Service/SMS.php @@ -13,7 +13,7 @@ class SMS private Settings $settings; private registryMGR $registryMGR; - private int $smsPrice = 900; + private int $smsPrice = 150; /** * @param EntityManagerInterface $entityManager