bug fix in reset password

This commit is contained in:
Hesabix 2024-05-29 07:35:33 +00:00
parent 7e7fc36f5d
commit 827fdfb628
5 changed files with 141 additions and 133 deletions

View file

@ -3,4 +3,4 @@ framework:
dsn: '%env(MAILER_DSN)%'
message_bus: false
headers:
From: 'Hesabix.ir <noreplay@hesabix.ir>'
From: 'Hesabix.ir <noreplay@cp.hesabix.ir>'

View file

@ -82,7 +82,7 @@ class PlugRepserviceController extends AbstractController
if (array_key_exists('sms', $params)) {
if ($params['sms'] == true) {
//going to send sms
$sms->send(
$smsres = $sms->sendByBalance(
[
$person->getNikename(),
$order->getCode(),
@ -90,10 +90,21 @@ class PlugRepserviceController extends AbstractController
$acc['bid']->getId() . '/' . $order->getShortlink()
],
$registryMGR->get('sms', 'plugRepserviceStateGet'),
$person->getMobile()
$person->getMobile(),
$acc['bid'],
$this->getUser(),
1
);
if ($smsres == 2) {
return $this->json([
'code' => 11,
'data' => '',
'message' => 'operation success but sms not send'
]);
}
}
}
return $this->json($extractor->operationSuccess());
}
}

View file

@ -1,6 +1,7 @@
<?php
namespace App\Controller;
use App\Entity\Business;
use App\Entity\EmailHistory;
use App\Entity\Permission;
@ -41,16 +42,16 @@ class UserController extends AbstractController
* @param int $length number of characters in the generated string
* @return string a new string is created with random characters of the desired length
*/
private function RandomString(int $length = 32 , $justNumber = false): string
private function RandomString(int $length = 32, $justNumber = false): string
{
if($justNumber)
return substr(str_shuffle(str_repeat($x='0123456789', ceil($length/strlen($x)) )),1,$length);
if ($justNumber)
return substr(str_shuffle(str_repeat($x = '0123456789', ceil($length / strlen($x)))), 1, $length);
return substr(str_shuffle(str_repeat($x='0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', ceil($length/strlen($x)) )),1,$length);
return substr(str_shuffle(str_repeat($x = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', ceil($length / strlen($x)))), 1, $length);
}
#[Route('/api/user/login', name: 'api_login')]
public function api_login(#[CurrentUser] ?User $user,EntityManagerInterface $entityManager): Response
public function api_login(#[CurrentUser] ?User $user, EntityManagerInterface $entityManager): Response
{
if (null === $user) {
return $this->json([
@ -66,41 +67,41 @@ class UserController extends AbstractController
return $this->json([
'user' => $user->getUserIdentifier(),
'token' => $token->getToken(),
'tokenID'=> $token->getTokenID()
'tokenID' => $token->getTokenID()
]);
}
#[Route('/api/user/has/role/{id}', name: 'api_user_has_role')]
public function api_user_has_role(#[CurrentUser] ?User $user,EntityManagerInterface $entityManager,$id): Response
public function api_user_has_role(#[CurrentUser] ?User $user, EntityManagerInterface $entityManager, $id): Response
{
if($this->isGranted($id)){
if ($this->isGranted($id)) {
return $this->json(
['result'=>true]
['result' => true]
);
}
return $this->json(
['result'=>false]
['result' => false]
);
}
#[Route('/api/user/check/login', name: 'api_user_check_login')]
public function api_user_check_login(#[CurrentUser] ?User $user,EntityManagerInterface $entityManager): Response
public function api_user_check_login(#[CurrentUser] ?User $user, EntityManagerInterface $entityManager): Response
{
if (null === $user) {
return $this->json(
['result'=>false]
['result' => false]
);
}
return $this->json(
[
'result'=>true,
'email'=>$user->getEmail(),
'active'=>$user->isActive()
'result' => true,
'email' => $user->getEmail(),
'active' => $user->isActive()
]
);
}
#[Route('/api/user/get/permissions', name: 'api_user_get_permissions')]
public function api_user_get_permissions(#[CurrentUser] ?User $user,EntityManagerInterface $entityManager): Response
public function api_user_get_permissions(#[CurrentUser] ?User $user, EntityManagerInterface $entityManager): Response
{
if (null === $user) {
return $this->json([
@ -108,44 +109,44 @@ class UserController extends AbstractController
], Response::HTTP_UNAUTHORIZED);
}
return $this->json(
['is_login'=>true]
['is_login' => true]
);
}
#[Route('/api/user/get/users/of/business/{bid}', name: 'api_user_get_of_business')]
public function api_user_get_of_business($bid,#[CurrentUser] ?User $user,EntityManagerInterface $entityManager): Response
public function api_user_get_of_business($bid, #[CurrentUser] ?User $user, EntityManagerInterface $entityManager): Response
{
$business = $entityManager->getRepository(Business::class)->find($bid);
if(!$business)
throw $this->createNotFoundException();
$perms = $entityManager->getRepository(Permission::class)->findBy(['bid'=>$business]);
$out = [];
foreach ($perms as $perm){
$temp=[];
$temp['name'] = $perm->getUser()->getFullName();
$temp['email'] = $perm->getUser()->getEmail();
$temp['owner'] = $perm->isOwner();
$out[] = $temp;
}
$business = $entityManager->getRepository(Business::class)->find($bid);
if (!$business)
throw $this->createNotFoundException();
$perms = $entityManager->getRepository(Permission::class)->findBy(['bid' => $business]);
$out = [];
foreach ($perms as $perm) {
$temp = [];
$temp['name'] = $perm->getUser()->getFullName();
$temp['email'] = $perm->getUser()->getEmail();
$temp['owner'] = $perm->isOwner();
$out[] = $temp;
}
return $this->json($out);
}
#[Route('/api/user/current/info', name: 'api_user_current_info')]
public function api_user_current_info(#[CurrentUser] ?User $user,Provider $provider,EntityManagerInterface $entityManager): Response
public function api_user_current_info(#[CurrentUser] ?User $user, Provider $provider, EntityManagerInterface $entityManager): Response
{
return $this->json([
'id'=> $user->getId(),
'email'=>$user->getEmail(),
'fullname'=>$user->getFullName(),
'businessCount'=>count($user->getBusinesses()),
'hash_email'=> $provider->gravatarHash($user->getEmail()),
'mobile'=>$user->getMobile()
'id' => $user->getId(),
'email' => $user->getEmail(),
'fullname' => $user->getFullName(),
'businessCount' => count($user->getBusinesses()),
'hash_email' => $provider->gravatarHash($user->getEmail()),
'mobile' => $user->getMobile()
]);
}
#[Route('/api/user/logout', name: 'api_user_logout')]
public function api_user_logout(Security $security,EntityManagerInterface $entityManager,Request $request): Response
public function api_user_logout(Security $security, EntityManagerInterface $entityManager, Request $request): Response
{
// logout the user in on the current firewall
$security->logout(false);
@ -157,16 +158,16 @@ class UserController extends AbstractController
throw new CustomUserMessageAuthenticationException('No API token provided');
}
$tk = $entityManager->getRepository(UserToken::class)->findByApiToken($apiToken);
if (! $tk) {
if (!$tk) {
throw new UserNotFoundException();
}
$entityManager->getRepository(UserToken::class)->remove($tk,true);
return $this->json(['result'=>true]);
$entityManager->getRepository(UserToken::class)->remove($tk, true);
return $this->json(['result' => true]);
}
#[Route('/api/user/update/info', name: 'api_user_update_info')]
public function api_user_update_info(#[CurrentUser] ?User $user,EntityManagerInterface $entityManager,Request $request): Response
public function api_user_update_info(#[CurrentUser] ?User $user, EntityManagerInterface $entityManager, Request $request): Response
{
$pameters = [];
if ($content = $request->getContent()) {
@ -175,24 +176,24 @@ class UserController extends AbstractController
$user->setFullName($pameters['fullname']);
$entityManager->persist($user);
$entityManager->flush();
return $this->json(['result'=>true]);
return $this->json(['result' => true]);
}
#[Route('/api/user/is_superadmin', name: 'api_user_is_super_admin')]
public function api_user_is_super_admin(#[CurrentUser] ?User $user,EntityManagerInterface $entityManager,Request $request): Response
public function api_user_is_super_admin(#[CurrentUser] ?User $user, EntityManagerInterface $entityManager, Request $request): Response
{
$this->denyAccessUnlessGranted('ROLE_ADMIN');
return $this->json(['result'=>1]);
return $this->json(['result' => 1]);
}
#[Route('/api/user/change/password', name: 'api_user_change_password')]
public function api_user_change_password(#[CurrentUser] ?User $user,UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager,Request $request): Response
public function api_user_change_password(#[CurrentUser] ?User $user, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager, Request $request): Response
{
$params = [];
if ($content = $request->getContent()) {
$params = json_decode($content, true);
}
if($params['pass'] == $params['repass']){
if ($params['pass'] == $params['repass']) {
$user->setPassword(
$userPasswordHasher->hashPassword(
$user,
@ -201,29 +202,28 @@ class UserController extends AbstractController
);
$entityManager->persist($user);
$entityManager->flush();
return $this->json(['result'=>true]);
return $this->json(['result' => true]);
}
return $this->json(['result'=>false]);
return $this->json(['result' => false]);
}
#[Route('/api/user/register', name: 'api_user_register')]
public function api_user_register(registryMGR $registryMGR,SMS $SMS,MailerInterface $mailer,Request $request, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager): Response
public function api_user_register(registryMGR $registryMGR, SMS $SMS, MailerInterface $mailer, Request $request, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager): Response
{
$params = [];
if ($content = $request->getContent()) {
$params = json_decode($content, true);
}
if(array_key_exists('name',$params) && array_key_exists('email',$params) && array_key_exists('mobile',$params) && array_key_exists('password',$params )){
if($entityManager->getRepository(User::class)->findOneBy(['email'=>trim($params['email'])])){
if (array_key_exists('name', $params) && array_key_exists('email', $params) && array_key_exists('mobile', $params) && array_key_exists('password', $params)) {
if ($entityManager->getRepository(User::class)->findOneBy(['email' => trim($params['email'])])) {
return $this->json([
'error'=> 1,
'message'=> 'این پست الکترونیکی قبلا ثبت شده است.'
'error' => 1,
'message' => 'این پست الکترونیکی قبلا ثبت شده است.'
]);
}
elseif($entityManager->getRepository(User::class)->findOneBy(['mobile'=>trim($params['mobile'])])){
} elseif ($entityManager->getRepository(User::class)->findOneBy(['mobile' => trim($params['mobile'])])) {
return $this->json([
'error'=> 2,
'message'=> 'این شماره تلفن قبلا ثبت شده است.'
'error' => 2,
'message' => 'این شماره تلفن قبلا ثبت شده است.'
]);
}
$user = new User();
@ -232,7 +232,7 @@ class UserController extends AbstractController
$user->setFullName($params['name']);
$user->setMobile($params['mobile']);
$user->setVerifyCodeTime(time() + 300);
$user->setVerifyCode($this->RandomString(6,true));
$user->setVerifyCode($this->RandomString(6, true));
$user->setDateRegister(time());
$user->setPassword(
$userPasswordHasher->hashPassword(
@ -245,7 +245,7 @@ class UserController extends AbstractController
$entityManager->flush();
$SMS->send(
[$user->getVerifyCode()],
$registryMGR->get('sms','f2a'),
$registryMGR->get('sms', 'f2a'),
$user->getMobile()
);
try {
@ -254,68 +254,66 @@ class UserController extends AbstractController
->priority(Email::PRIORITY_HIGH)
->subject('تایید ایمیل در حسابیکس')
->html(
$this->renderView('user/email/confrim-register.html.twig',[
'code'=>$user->getVerifyCode()
$this->renderView('user/email/confrim-register.html.twig', [
'code' => $user->getVerifyCode()
])
);
$mailer->send($email);
}catch (Exception $exception){
} catch (Exception $exception) {
}
return $this->json([
'error'=> 0,
'id'=>$user->getId(),
'message'=> 'ok',
'error' => 0,
'id' => $user->getId(),
'message' => 'ok',
]);
}
return $this->json([
'error'=> 999,
'message'=> 'تمام موارد لازم را وارد کنید.'
'error' => 999,
'message' => 'تمام موارد لازم را وارد کنید.'
]);
return $this->json(['ok']);
}
#[Route('/api/user/active/code/info/{id}', name: 'api_user_active_code_info')]
public function api_user_active_code_info(registryMGR $registryMGR,MailerInterface $mailer,SMS $SMS,String $id,#[CurrentUser] ?User $user,UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager,Request $request): Response
public function api_user_active_code_info(registryMGR $registryMGR, MailerInterface $mailer, SMS $SMS, String $id, #[CurrentUser] ?User $user, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager, Request $request): Response
{
$send = false;
$user = $entityManager->getRepository(User::class)->find($id);
if(!$user)
if (!$user)
throw $this->createNotFoundException('user not exist');
if(!$user->getMobile())
return $this->json(['id'=>$user->getId(),'active'=>false,'result'=>'mobilenotset']);
if($user->isActive())
return $this->json(['id'=>$user->getId(),'active'=>true]);
if (!$user->getMobile())
return $this->json(['id' => $user->getId(), 'active' => false, 'result' => 'mobilenotset']);
if ($user->isActive())
return $this->json(['id' => $user->getId(), 'active' => true]);
$res = [];
$res['id'] = $user->getId();
$res['email'] = $user->getEmail();
$res['time'] = time();
$res['active'] = false;
if($user->getVerifyCodeTime()){
if(time() > $user->getVerifyCodeTime()){
if ($user->getVerifyCodeTime()) {
if (time() > $user->getVerifyCodeTime()) {
$user->setVerifyCodeTime(time() + 300);
$user->setVerifyCode($this->RandomString(6,true));
$user->setVerifyCode($this->RandomString(6, true));
$entityManager->persist($user);
$entityManager->flush();
$send = true;
}
}
else{
} else {
$user->setVerifyCodeTime(time() + 300);
$user->setVerifyCode($this->RandomString(6,true));
$user->setVerifyCode($this->RandomString(6, true));
$entityManager->persist($user);
$entityManager->flush();
$send = true;
}
$res['cutDown'] = $user->getVerifyCodeTime();
if($send){
if ($send) {
//send sms and email
$SMS->send(
[$user->getVerifyCode()],
$registryMGR->get('sms','f2a'),
$registryMGR->get('sms', 'f2a'),
$user->getMobile()
);
$email = (new Email())
@ -323,8 +321,8 @@ class UserController extends AbstractController
->priority(Email::PRIORITY_HIGH)
->subject('تایید ایمیل در حسابیکس')
->html(
$this->renderView('user/email/confrim-register.html.twig',[
'code'=>$user->getVerifyCode()
$this->renderView('user/email/confrim-register.html.twig', [
'code' => $user->getVerifyCode()
])
);
@ -334,20 +332,20 @@ class UserController extends AbstractController
}
#[Route('/api/user/reset/password/send-to-sms/{id}', name: 'api_user_forget_reset_password')]
public function api_user_forget_reset_password(registryMGR $registryMGR,MailerInterface $mailer,SMS $SMS,String $id,UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager,Request $request): Response
public function api_user_forget_reset_password(registryMGR $registryMGR, MailerInterface $mailer, SMS $SMS, String $id, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager, Request $request): Response
{
$params = [];
if ($content = $request->getContent()) {
$params = json_decode($content, true);
}
if(array_key_exists('code',$params)){
if (array_key_exists('code', $params)) {
$obj = $entityManager->getRepository(User::class)->find($id);
if($obj){
if($obj->getVerifyCodeTime() > time()){
$obj = $entityManager->getRepository(User::class)->findOneBy(['id'=>$id,'verifyCode'=>$params['code']]);
if($obj){
if ($obj) {
if ($obj->getVerifyCodeTime() > time()) {
$obj = $entityManager->getRepository(User::class)->findOneBy(['id' => $id, 'verifyCode' => $params['code']]);
if ($obj) {
//reset password
$password = $this->RandomString(12,true);
$password = $this->RandomString(12, true);
$obj->setPassword(
$userPasswordHasher->hashPassword(
$obj,
@ -356,10 +354,10 @@ class UserController extends AbstractController
);
$entityManager->persist($obj);
$entityManager->flush();
$SMS->send(
[$password],
$registryMGR->get('sms','changePassword'),
$registryMGR->get('sms', 'changePassword'),
$obj->getMobile()
);
$email = (new Email())
@ -367,72 +365,71 @@ class UserController extends AbstractController
->priority(Email::PRIORITY_HIGH)
->subject('تغییر کلمه عبور')
->html(
$this->renderView('user/email/reset-password.html.twig',[
'code'=>$password
$this->renderView('user/email/reset-password.html.twig', [
'code' => $password
])
);
$mailer->send($email);
return $this->json(['result'=>'ok']);
return $this->json(['result' => 'ok']);
}
//code is incorrect
return $this->json(['result'=>'false']);
}
else
return $this->json(['result'=>'expired']);
return $this->json(['result' => 'false']);
} else
return $this->json(['result' => 'expired']);
}
}
throw $this->createAccessDeniedException();
}
#[Route('/api/user/active/account/{id}', name: 'api_user_active_account')]
public function api_user_active_account(MailerInterface $mailer,SMS $SMS,String $id,#[CurrentUser] ?User $user,UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager,Request $request): Response
public function api_user_active_account(MailerInterface $mailer, SMS $SMS, String $id, #[CurrentUser] ?User $user, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager, Request $request): Response
{
$send = false;
$user = $entityManager->getRepository(User::class)->find($id);
if(!$user)
if (!$user)
throw $this->createNotFoundException('user not exist');
if($user->isActive())
return $this->json(['result'=>'active before','id'=>$user->getId(),'active'=>true]);
if ($user->isActive())
return $this->json(['result' => 'active before', 'id' => $user->getId(), 'active' => true]);
$params = [];
if ($content = $request->getContent()) {
$params = json_decode($content, true);
}
if(!array_key_exists('code',$params))
if (!array_key_exists('code', $params))
throw $this->createNotFoundException('code not exist');
if($user->getVerifyCode() == $params['code']){
if ($user->getVerifyCode() == $params['code']) {
$user->setActive(true);
$entityManager->persist($user);
$entityManager->flush();
return $this->json(['result'=>'ok','id'=>$user->getId(),'active'=>true]);
return $this->json(['result' => 'ok', 'id' => $user->getId(), 'active' => true]);
}
return $this->json(['result'=>'not correct','id'=>$user->getId(),'active'=>false]);
return $this->json(['result' => 'not correct', 'id' => $user->getId(), 'active' => false]);
}
#[Route('/api/user/forget/password/send-code', name: 'api_user_forget_password_send_code')]
public function api_user_forget_password_send_code(registryMGR $registryMGR,#[CurrentUser] ?User $user,SMS $SMS,MailerInterface $mailer,UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager,Request $request): Response
public function api_user_forget_password_send_code(registryMGR $registryMGR, #[CurrentUser] ?User $user, SMS $SMS, MailerInterface $mailer, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager, Request $request): Response
{
$params = [];
if ($content = $request->getContent()) {
$params = json_decode($content, true);
}
if(! array_key_exists('email',$params))
if (!array_key_exists('email', $params))
throw $this->createAccessDeniedException('email not send');
$user = $entityManager->getRepository(User::class)->findOneBy(['email'=>$params['email']]);
if(!$user){
$user = $entityManager->getRepository(User::class)->findOneBy(['mobile'=>$params['email']]);
if(!$user)
throw $this->createNotFoundException('email not exist');
$user = $entityManager->getRepository(User::class)->findOneBy(['email' => $params['email']]);
if (!$user) {
$user = $entityManager->getRepository(User::class)->findOneBy(['mobile' => $params['email']]);
if (!$user)
return $this->json(['result' => 404]);
}
if($user->getVerifyCodeTime() > time())
return $this->json(['result'=>'send before']);
$user->setVerifyCode($this->RandomString(6,true));
if ($user->getVerifyCodeTime() > time())
return $this->json(['result' => 'send before']);
$user->setVerifyCode($this->RandomString(6, true));
$user->setVerifyCodeTime(time() + 300);
$entityManager->persist($user);
$entityManager->flush();
//send sms and email
$SMS->send(
[$user->getVerifyCode()],
$registryMGR->get('sms','recPassword'),
$registryMGR->get('sms', 'recPassword'),
$user->getMobile()
);
$email = (new Email())
@ -440,30 +437,30 @@ class UserController extends AbstractController
->priority(Email::PRIORITY_HIGH)
->subject('حسابیکس - فراموشی کلمه عبور')
->html(
$this->renderView('user/email/confrim-forget-password.html.twig',[
'code'=>$user->getVerifyCode()
$this->renderView('user/email/confrim-forget-password.html.twig', [
'code' => $user->getVerifyCode()
])
);
$mailer->send($email);
return $this->json(['result'=>true,'id'=>$user->getId()]);
return $this->json(['result' => true, 'id' => $user->getId()]);
}
#[Route('/api/user/save/mobile-number', name: 'api_user_save_mobile_number')]
public function api_user_save_mobile_number(MailerInterface $mailer,SMS $SMS,#[CurrentUser] ?User $user,UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager,Request $request): Response
public function api_user_save_mobile_number(MailerInterface $mailer, SMS $SMS, #[CurrentUser] ?User $user, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager, Request $request): Response
{
$params = [];
if ($content = $request->getContent()) {
$params = json_decode($content, true);
}
if(! array_key_exists('mobile',$params))
if (!array_key_exists('mobile', $params))
throw $this->createAccessDeniedException('mobile not set');
$user = $this->getUser();
if(!$user->getMobile()){
if (!$user->getMobile()) {
$user->setMobile($params['mobile']);
$entityManager->persist($user);
$entityManager->flush();
return $this->json(['result'=>'ok']);
return $this->json(['result' => 'ok']);
}
return $this->json(['result'=>'exist-before']);
return $this->json(['result' => 'exist-before']);
}
}

View file

@ -200,7 +200,7 @@ class Provider
* @param int $length number of characters in the generated string
* @return string a new string is created with random characters of the desired length
*/
private function RandomString($length = 32)
public function RandomString($length = 32)
{
return substr(str_shuffle(str_repeat($x = '23456789ABCDEFGHJKLMNPQRSTUVWXYZ', ceil($length / strlen($x)))), 1, $length);
}

View file

@ -13,7 +13,7 @@ class SMS
private Settings $settings;
private registryMGR $registryMGR;
private int $smsPrice = 900;
private int $smsPrice = 150;
/**
* @param EntityManagerInterface $entityManager