vendor/shopware/storefront/Controller/AuthController.php line 216

Open in your IDE?
  1. <?php declare(strict_types=1);
  2. namespace Shopware\Storefront\Controller;
  3. use Shopware\Core\Checkout\Customer\Exception\BadCredentialsException;
  4. use Shopware\Core\Checkout\Customer\Exception\CustomerAuthThrottledException;
  5. use Shopware\Core\Checkout\Customer\Exception\CustomerNotFoundByHashException;
  6. use Shopware\Core\Checkout\Customer\Exception\CustomerNotFoundException;
  7. use Shopware\Core\Checkout\Customer\Exception\CustomerRecoveryHashExpiredException;
  8. use Shopware\Core\Checkout\Customer\Exception\InactiveCustomerException;
  9. use Shopware\Core\Checkout\Customer\SalesChannel\AbstractLoginRoute;
  10. use Shopware\Core\Checkout\Customer\SalesChannel\AbstractLogoutRoute;
  11. use Shopware\Core\Checkout\Customer\SalesChannel\AbstractResetPasswordRoute;
  12. use Shopware\Core\Checkout\Customer\SalesChannel\AbstractSendPasswordRecoveryMailRoute;
  13. use Shopware\Core\Framework\DataAbstractionLayer\Exception\InconsistentCriteriaIdsException;
  14. use Shopware\Core\Framework\Feature;
  15. use Shopware\Core\Framework\RateLimiter\Exception\RateLimitExceededException;
  16. use Shopware\Core\Framework\Routing\Annotation\Since;
  17. use Shopware\Core\Framework\Validation\DataBag\RequestDataBag;
  18. use Shopware\Core\Framework\Validation\Exception\ConstraintViolationException;
  19. use Shopware\Core\System\SalesChannel\SalesChannelContext;
  20. use Shopware\Storefront\Checkout\Cart\SalesChannel\StorefrontCartFacade;
  21. use Shopware\Storefront\Framework\Routing\Annotation\NoStore;
  22. use Shopware\Storefront\Framework\Routing\RequestTransformer;
  23. use Shopware\Storefront\Page\Account\Login\AccountGuestLoginPageLoadedHook;
  24. use Shopware\Storefront\Page\Account\Login\AccountLoginPageLoadedHook;
  25. use Shopware\Storefront\Page\Account\Login\AccountLoginPageLoader;
  26. use Shopware\Storefront\Page\Account\RecoverPassword\AccountRecoverPasswordPage;
  27. use Shopware\Storefront\Page\Account\RecoverPassword\AccountRecoverPasswordPageLoadedHook;
  28. use Shopware\Storefront\Page\Account\RecoverPassword\AccountRecoverPasswordPageLoader;
  29. use Symfony\Component\HttpFoundation\Request;
  30. use Symfony\Component\HttpFoundation\Response;
  31. use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
  32. use Symfony\Component\Routing\Annotation\Route;
  33. /**
  34.  * @Route(defaults={"_routeScope"={"storefront"}})
  35.  *
  36.  * @deprecated tag:v6.5.0 - reason:becomes-internal - Will be internal
  37.  */
  38. class AuthController extends StorefrontController
  39. {
  40.     private AccountLoginPageLoader $loginPageLoader;
  41.     private AbstractSendPasswordRecoveryMailRoute $sendPasswordRecoveryMailRoute;
  42.     private AbstractResetPasswordRoute $resetPasswordRoute;
  43.     private AbstractLoginRoute $loginRoute;
  44.     private AbstractLogoutRoute $logoutRoute;
  45.     private StorefrontCartFacade $cartFacade;
  46.     private AccountRecoverPasswordPageLoader $recoverPasswordPageLoader;
  47.     /**
  48.      * @internal
  49.      */
  50.     public function __construct(
  51.         AccountLoginPageLoader $loginPageLoader,
  52.         AbstractSendPasswordRecoveryMailRoute $sendPasswordRecoveryMailRoute,
  53.         AbstractResetPasswordRoute $resetPasswordRoute,
  54.         AbstractLoginRoute $loginRoute,
  55.         AbstractLogoutRoute $logoutRoute,
  56.         StorefrontCartFacade $cartFacade,
  57.         AccountRecoverPasswordPageLoader $recoverPasswordPageLoader
  58.     ) {
  59.         $this->loginPageLoader $loginPageLoader;
  60.         $this->sendPasswordRecoveryMailRoute $sendPasswordRecoveryMailRoute;
  61.         $this->resetPasswordRoute $resetPasswordRoute;
  62.         $this->loginRoute $loginRoute;
  63.         $this->logoutRoute $logoutRoute;
  64.         $this->cartFacade $cartFacade;
  65.         $this->recoverPasswordPageLoader $recoverPasswordPageLoader;
  66.     }
  67.     /**
  68.      * @Since("6.0.0.0")
  69.      * @Route("/account/login", name="frontend.account.login.page", methods={"GET"})
  70.      * @NoStore
  71.      */
  72.     public function loginPage(Request $requestRequestDataBag $dataSalesChannelContext $context): Response
  73.     {
  74.         /** @var string $redirect */
  75.         $redirect $request->get('redirectTo''frontend.account.home.page');
  76.         $customer $context->getCustomer();
  77.         if ($customer !== null && $customer->getGuest() === false) {
  78.             $request->request->set('redirectTo'$redirect);
  79.             return $this->createActionResponse($request);
  80.         }
  81.         $page $this->loginPageLoader->load($request$context);
  82.         $this->hook(new AccountLoginPageLoadedHook($page$context));
  83.         return $this->renderStorefront('@Storefront/storefront/page/account/register/index.html.twig', [
  84.             'redirectTo' => $redirect,
  85.             'redirectParameters' => $request->get('redirectParameters'json_encode([])),
  86.             'page' => $page,
  87.             'loginError' => (bool) $request->get('loginError'),
  88.             'waitTime' => $request->get('waitTime'),
  89.             'errorSnippet' => $request->get('errorSnippet'),
  90.             'data' => $data,
  91.         ]);
  92.     }
  93.     /**
  94.      * @Since("6.3.4.1")
  95.      * @Route("/account/guest/login", name="frontend.account.guest.login.page", methods={"GET"})
  96.      * @NoStore
  97.      */
  98.     public function guestLoginPage(Request $requestSalesChannelContext $context): Response
  99.     {
  100.         /** @var string $redirect */
  101.         $redirect $request->get('redirectTo''frontend.account.home.page');
  102.         $customer $context->getCustomer();
  103.         if ($customer !== null) {
  104.             $request->request->set('redirectTo'$redirect);
  105.             return $this->createActionResponse($request);
  106.         }
  107.         $waitTime = (int) $request->get('waitTime');
  108.         if ($waitTime) {
  109.             $this->addFlash(self::INFO$this->trans('account.loginThrottled', ['%seconds%' => $waitTime]));
  110.         }
  111.         if ((bool) $request->get('loginError')) {
  112.             $this->addFlash(self::DANGER$this->trans('account.orderGuestLoginWrongCredentials'));
  113.         }
  114.         $page $this->loginPageLoader->load($request$context);
  115.         $this->hook(new AccountGuestLoginPageLoadedHook($page$context));
  116.         return $this->renderStorefront('@Storefront/storefront/page/account/guest-auth.html.twig', [
  117.             'redirectTo' => $redirect,
  118.             'redirectParameters' => $request->get('redirectParameters'json_encode([])),
  119.             'page' => $page,
  120.         ]);
  121.     }
  122.     /**
  123.      * @Since("6.0.0.0")
  124.      * @Route("/account/logout", name="frontend.account.logout.page", methods={"GET"})
  125.      */
  126.     public function logout(Request $requestSalesChannelContext $contextRequestDataBag $dataBag): Response
  127.     {
  128.         if ($context->getCustomer() === null) {
  129.             return $this->redirectToRoute('frontend.account.login.page');
  130.         }
  131.         try {
  132.             $this->logoutRoute->logout($context$dataBag);
  133.             $this->addFlash(self::SUCCESS$this->trans('account.logoutSucceeded'));
  134.             $parameters = [];
  135.         } catch (ConstraintViolationException $formViolations) {
  136.             $parameters = ['formViolations' => $formViolations];
  137.         }
  138.         return $this->redirectToRoute('frontend.account.login.page'$parameters);
  139.     }
  140.     /**
  141.      * @Since("6.0.0.0")
  142.      * @Route("/account/login", name="frontend.account.login", methods={"POST"}, defaults={"XmlHttpRequest"=true})
  143.      */
  144.     public function login(Request $requestRequestDataBag $dataSalesChannelContext $context): Response
  145.     {
  146.         $customer $context->getCustomer();
  147.         if ($customer !== null && $customer->getGuest() === false) {
  148.             return $this->createActionResponse($request);
  149.         }
  150.         try {
  151.             $token $this->loginRoute->login($data$context)->getToken();
  152.             if (!empty($token)) {
  153.                 $this->addCartErrors($this->cartFacade->get($token$context));
  154.                 return $this->createActionResponse($request);
  155.             }
  156.         } catch (BadCredentialsException UnauthorizedHttpException InactiveCustomerException CustomerAuthThrottledException $e) {
  157.             if ($e instanceof InactiveCustomerException) {
  158.                 $errorSnippet $e->getSnippetKey();
  159.             }
  160.             if ($e instanceof CustomerAuthThrottledException) {
  161.                 $waitTime $e->getWaitTime();
  162.             }
  163.         }
  164.         $data->set('password'null);
  165.         return $this->forwardToRoute(
  166.             'frontend.account.login.page',
  167.             [
  168.                 'loginError' => true,
  169.                 'errorSnippet' => $errorSnippet ?? null,
  170.                 'waitTime' => $waitTime ?? null,
  171.             ]
  172.         );
  173.     }
  174.     /**
  175.      * @Since("6.1.0.0")
  176.      * @Route("/account/recover", name="frontend.account.recover.page", methods={"GET"})
  177.      */
  178.     public function recoverAccountForm(Request $requestSalesChannelContext $context): Response
  179.     {
  180.         $page $this->loginPageLoader->load($request$context);
  181.         return $this->renderStorefront('@Storefront/storefront/page/account/profile/recover-password.html.twig', [
  182.             'page' => $page,
  183.         ]);
  184.     }
  185.     /**
  186.      * @Since("6.1.0.0")
  187.      * @Route("/account/recover", name="frontend.account.recover.request", methods={"POST"})
  188.      */
  189.     public function generateAccountRecovery(Request $requestRequestDataBag $dataSalesChannelContext $context): Response
  190.     {
  191.         try {
  192.             $data->get('email')
  193.                 ->set('storefrontUrl'$request->attributes->get(RequestTransformer::STOREFRONT_URL));
  194.             $this->sendPasswordRecoveryMailRoute->sendRecoveryMail(
  195.                 $data->get('email')->toRequestDataBag(),
  196.                 $context,
  197.                 false
  198.             );
  199.             $this->addFlash(self::SUCCESS$this->trans('account.recoveryMailSend'));
  200.         } catch (CustomerNotFoundException $e) {
  201.             $this->addFlash(self::SUCCESS$this->trans('account.recoveryMailSend'));
  202.         } catch (InconsistentCriteriaIdsException $e) {
  203.             $this->addFlash(self::DANGER$this->trans('error.message-default'));
  204.         } catch (RateLimitExceededException $e) {
  205.             $this->addFlash(self::INFO$this->trans('error.rateLimitExceeded', ['%seconds%' => $e->getWaitTime()]));
  206.         }
  207.         return $this->redirectToRoute('frontend.account.recover.page');
  208.     }
  209.     /**
  210.      * @Since("6.1.0.0")
  211.      * @Route("/account/recover/password", name="frontend.account.recover.password.page", methods={"GET"})
  212.      */
  213.     public function resetPasswordForm(Request $requestSalesChannelContext $context): Response
  214.     {
  215.         /** @deprecated tag:v6.5.0 - call to loginPageLoader and $loginPage will be removed */
  216.         $loginPage null;
  217.         if (!Feature::isActive('v6.5.0.0')) {
  218.             $loginPage $this->loginPageLoader->load($request$context);
  219.         }
  220.         /** @var ?string $hash */
  221.         $hash $request->get('hash');
  222.         if (!$hash || !\is_string($hash)) {
  223.             $this->addFlash(self::DANGER$this->trans('account.passwordHashNotFound'));
  224.             return $this->redirectToRoute('frontend.account.recover.request');
  225.         }
  226.         try {
  227.             $page $this->recoverPasswordPageLoader->load($request$context$hash);
  228.         } catch (ConstraintViolationException $e) {
  229.             $this->addFlash(self::DANGER$this->trans('account.passwordHashNotFound'));
  230.             return $this->redirectToRoute('frontend.account.recover.request');
  231.         }
  232.         $this->hook(new AccountRecoverPasswordPageLoadedHook($page$context));
  233.         if ($page->getHash() === null || $page->isHashExpired()) {
  234.             $this->addFlash(self::DANGER$this->trans('account.passwordHashNotFound'));
  235.             return $this->redirectToRoute('frontend.account.recover.request');
  236.         }
  237.         if (Feature::isActive('v6.5.0.0')) {
  238.             return $this->renderStorefront('@Storefront/storefront/page/account/profile/reset-password.html.twig', [
  239.                 'page' => $page,
  240.                 'formViolations' => $request->get('formViolations'),
  241.             ]);
  242.         }
  243.         /** @deprecated tag:v6.5.0 - page will be instance of AccountRecoverPasswordPage and $hash will be moved to $page.getHash() */
  244.         return $this->renderStorefront('@Storefront/storefront/page/account/profile/reset-password.html.twig', [
  245.             'page' => $loginPage,
  246.             'hash' => $hash,
  247.             'formViolations' => $request->get('formViolations'),
  248.         ]);
  249.     }
  250.     /**
  251.      * @Since("6.1.0.0")
  252.      * @Route("/account/recover/password", name="frontend.account.recover.password.reset", methods={"POST"})
  253.      */
  254.     public function resetPassword(RequestDataBag $dataSalesChannelContext $context): Response
  255.     {
  256.         $hash $data->get('password')->get('hash');
  257.         try {
  258.             $pw $data->get('password');
  259.             $this->resetPasswordRoute->resetPassword($pw->toRequestDataBag(), $context);
  260.             $this->addFlash(self::SUCCESS$this->trans('account.passwordChangeSuccess'));
  261.         } catch (ConstraintViolationException $formViolations) {
  262.             $this->addFlash(self::DANGER$this->trans('account.passwordChangeNoSuccess'));
  263.             return $this->forwardToRoute(
  264.                 'frontend.account.recover.password.page',
  265.                 ['hash' => $hash'formViolations' => $formViolations'passwordFormViolation' => true]
  266.             );
  267.         } catch (CustomerNotFoundByHashException $e) {
  268.             $this->addFlash(self::DANGER$this->trans('account.passwordChangeNoSuccess'));
  269.             return $this->forwardToRoute('frontend.account.recover.request');
  270.         } catch (CustomerRecoveryHashExpiredException $e) {
  271.             $this->addFlash(self::DANGER$this->trans('account.passwordHashExpired'));
  272.             return $this->forwardToRoute('frontend.account.recover.request');
  273.         }
  274.         return $this->redirectToRoute('frontend.account.profile.page');
  275.     }
  276. }