vendor/shopware/storefront/Controller/AuthController.php line 83

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Shopware\Storefront\Controller;
  5. use Shopware\Core\Checkout\Customer\Exception\BadCredentialsException;
  6. use Shopware\Core\Checkout\Customer\Exception\CustomerAuthThrottledException;
  7. use Shopware\Core\Checkout\Customer\Exception\CustomerNotFoundByHashException;
  8. use Shopware\Core\Checkout\Customer\Exception\CustomerNotFoundException;
  9. use Shopware\Core\Checkout\Customer\Exception\CustomerRecoveryHashExpiredException;
  10. use Shopware\Core\Checkout\Customer\Exception\InactiveCustomerException;
  11. use Shopware\Core\Checkout\Customer\SalesChannel\AbstractLoginRoute;
  12. use Shopware\Core\Checkout\Customer\SalesChannel\AbstractLogoutRoute;
  13. use Shopware\Core\Checkout\Customer\SalesChannel\AbstractResetPasswordRoute;
  14. use Shopware\Core\Checkout\Customer\SalesChannel\AbstractSendPasswordRecoveryMailRoute;
  15. use Shopware\Core\Framework\DataAbstractionLayer\Exception\InconsistentCriteriaIdsException;
  16. use Shopware\Core\Framework\Feature;
  17. use Shopware\Core\Framework\RateLimiter\Exception\RateLimitExceededException;
  18. use Shopware\Core\Framework\Routing\Annotation\Since;
  19. use Shopware\Core\Framework\Validation\DataBag\RequestDataBag;
  20. use Shopware\Core\Framework\Validation\Exception\ConstraintViolationException;
  21. use Shopware\Core\System\SalesChannel\SalesChannelContext;
  22. use Shopware\Storefront\Checkout\Cart\SalesChannel\StorefrontCartFacade;
  23. use Shopware\Storefront\Framework\Routing\Annotation\NoStore;
  24. use Shopware\Storefront\Framework\Routing\RequestTransformer;
  25. use Shopware\Storefront\Page\Account\Login\AccountGuestLoginPageLoadedHook;
  26. use Shopware\Storefront\Page\Account\Login\AccountLoginPageLoadedHook;
  27. use Shopware\Storefront\Page\Account\Login\AccountLoginPageLoader;
  28. use Shopware\Storefront\Page\Account\RecoverPassword\AccountRecoverPasswordPage;
  29. use Shopware\Storefront\Page\Account\RecoverPassword\AccountRecoverPasswordPageLoadedHook;
  30. use Shopware\Storefront\Page\Account\RecoverPassword\AccountRecoverPasswordPageLoader;
  31. use Symfony\Component\HttpFoundation\Request;
  32. use Symfony\Component\HttpFoundation\Response;
  33. use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
  34. use Symfony\Component\Routing\Annotation\Route;
  36. /**
  37.  * @Route(defaults={"_routeScope"={"storefront"}})
  38.  *
  39.  * @deprecated tag:v6.5.0 - reason:becomes-internal - Will be internal
  40.  */
  41. class AuthController extends StorefrontController
  42. {
  43.     private AccountLoginPageLoader $loginPageLoader;
  45.     private AbstractSendPasswordRecoveryMailRoute $sendPasswordRecoveryMailRoute;
  47.     private AbstractResetPasswordRoute $resetPasswordRoute;
  49.     private AbstractLoginRoute $loginRoute;
  51.     private AbstractLogoutRoute $logoutRoute;
  53.     private StorefrontCartFacade $cartFacade;
  55.     private AccountRecoverPasswordPageLoader $recoverPasswordPageLoader;
  57.     /**
  58.      * @internal
  59.      */
  60.     public function __construct(
  61.         AccountLoginPageLoader $loginPageLoader,
  62.         AbstractSendPasswordRecoveryMailRoute $sendPasswordRecoveryMailRoute,
  63.         AbstractResetPasswordRoute $resetPasswordRoute,
  64.         AbstractLoginRoute $loginRoute,
  65.         AbstractLogoutRoute $logoutRoute,
  66.         StorefrontCartFacade $cartFacade,
  67.         AccountRecoverPasswordPageLoader $recoverPasswordPageLoader
  68.     ) {
  69.         $this->loginPageLoader $loginPageLoader;
  70.         $this->sendPasswordRecoveryMailRoute $sendPasswordRecoveryMailRoute;
  71.         $this->resetPasswordRoute $resetPasswordRoute;
  72.         $this->loginRoute $loginRoute;
  73.         $this->logoutRoute $logoutRoute;
  74.         $this->cartFacade $cartFacade;
  75.         $this->recoverPasswordPageLoader $recoverPasswordPageLoader;
  76.     }
  78.     /**
  79.      * @Since("6.0.0.0")
  80.      * @Route("/account/login", name="frontend.account.login.page", methods={"GET"})
  81.      * @NoStore
  82.      */
  83.     public function loginPage(Request $requestRequestDataBag $dataSalesChannelContext $context): Response
  84.     {
  85.         /** @var string $redirect */
  86.         $redirect $request->get('redirectTo''frontend.account.home.page');
  88.         $customer $context->getCustomer();
  90.         if ($customer !== null && $customer->getGuest() === false) {
  91.             $request->request->set('redirectTo'$redirect);
  93.             return $this->createActionResponse($request);
  94.         }
  96.         $page $this->loginPageLoader->load($request$context);
  98.         $this->hook(new AccountLoginPageLoadedHook($page$context));
  100.         return $this->renderStorefront('@Storefront/storefront/page/account/register/index.html.twig', [
  101.             'redirectTo' => $redirect,
  102.             'redirectParameters' => $request->get('redirectParameters'json_encode([])),
  103.             'page' => $page,
  104.             'loginError' => (bool) $request->get('loginError'),
  105.             'waitTime' => $request->get('waitTime'),
  106.             'errorSnippet' => $request->get('errorSnippet'),
  107.             'data' => $data,
  108.         ]);
  109.     }
  111.     /**
  112.      * @Since("6.3.4.1")
  113.      * @Route("/account/guest/login", name="frontend.account.guest.login.page", methods={"GET"})
  114.      * @NoStore
  115.      */
  116.     public function guestLoginPage(Request $requestSalesChannelContext $context): Response
  117.     {
  118.         /** @var string $redirect */
  119.         $redirect $request->get('redirectTo''frontend.account.home.page');
  121.         $customer $context->getCustomer();
  123.         if ($customer !== null) {
  124.             $request->request->set('redirectTo'$redirect);
  126.             return $this->createActionResponse($request);
  127.         }
  129.         $waitTime = (int) $request->get('waitTime');
  130.         if ($waitTime) {
  131.             $this->addFlash(self::INFO$this->trans('account.loginThrottled', ['%seconds%' => $waitTime]));
  132.         }
  134.         if ((bool) $request->get('loginError')) {
  135.             $this->addFlash(self::DANGER$this->trans('account.orderGuestLoginWrongCredentials'));
  136.         }
  138.         $page $this->loginPageLoader->load($request$context);
  140.         $this->hook(new AccountGuestLoginPageLoadedHook($page$context));
  142.         return $this->renderStorefront('@Storefront/storefront/page/account/guest-auth.html.twig', [
  143.             'redirectTo' => $redirect,
  144.             'redirectParameters' => $request->get('redirectParameters'json_encode([])),
  145.             'page' => $page,
  146.         ]);
  147.     }
  149.     /**
  150.      * @Since("6.0.0.0")
  151.      * @Route("/account/logout", name="frontend.account.logout.page", methods={"GET"})
  152.      */
  153.     public function logout(Request $requestSalesChannelContext $contextRequestDataBag $dataBag): Response
  154.     {
  155.         if ($context->getCustomer() === null) {
  156.             return $this->redirectToRoute('frontend.account.login.page');
  157.         }
  159.         try {
  160.             $this->logoutRoute->logout($context$dataBag);
  161.             $this->addFlash(self::SUCCESS$this->trans('account.logoutSucceeded'));
  163.             $parameters = [];
  164.         } catch (ConstraintViolationException $formViolations) {
  165.             $parameters = ['formViolations' => $formViolations];
  166.         }
  168.         return $this->redirectToRoute('frontend.account.login.page'$parameters);
  169.     }
  171.     /**
  172.      * @Since("6.0.0.0")
  173.      * @Route("/account/login", name="frontend.account.login", methods={"POST"}, defaults={"XmlHttpRequest"=true})
  174.      */
  175.     public function login(Request $requestRequestDataBag $dataSalesChannelContext $context): Response
  176.     {
  177.         $customer $context->getCustomer();
  179.         if ($customer !== null && $customer->getGuest() === false) {
  180.             return $this->createActionResponse($request);
  181.         }
  183.         try {
  184.             $token $this->loginRoute->login($data$context)->getToken();
  185.             if (!empty($token)) {
  186.                 $this->addCartErrors($this->cartFacade->get($token$context));
  188.                 return $this->createActionResponse($request);
  189.             }
  190.         } catch (BadCredentialsException UnauthorizedHttpException InactiveCustomerException CustomerAuthThrottledException $e) {
  191.             if ($e instanceof InactiveCustomerException) {
  192.                 $errorSnippet $e->getSnippetKey();
  193.             }
  195.             if ($e instanceof CustomerAuthThrottledException) {
  196.                 $waitTime $e->getWaitTime();
  197.             }
  198.         }
  200.         $data->set('password'null);
  202.         return $this->forwardToRoute(
  203.             'frontend.account.login.page',
  204.             [
  205.                 'loginError' => true,
  206.                 'errorSnippet' => $errorSnippet ?? null,
  207.                 'waitTime' => $waitTime ?? null,
  208.             ]
  209.         );
  210.     }
  212.     /**
  213.      * @Since("6.1.0.0")
  214.      * @Route("/account/recover", name="frontend.account.recover.page", methods={"GET"})
  215.      */
  216.     public function recoverAccountForm(Request $requestSalesChannelContext $context): Response
  217.     {
  218.         $page $this->loginPageLoader->load($request$context);
  220.         return $this->renderStorefront('@Storefront/storefront/page/account/profile/recover-password.html.twig', [
  221.             'page' => $page,
  222.         ]);
  223.     }
  225.     /**
  226.      * @Since("6.1.0.0")
  227.      * @Route("/account/recover", name="frontend.account.recover.request", methods={"POST"})
  228.      */
  229.     public function generateAccountRecovery(Request $requestRequestDataBag $dataSalesChannelContext $context): Response
  230.     {
  231.         try {
  232.             $data->get('email')
  233.                 ->set('storefrontUrl'$request->attributes->get(RequestTransformer::STOREFRONT_URL));
  235.             $this->sendPasswordRecoveryMailRoute->sendRecoveryMail(
  236.                 $data->get('email')->toRequestDataBag(),
  237.                 $context,
  238.                 false
  239.             );
  241.             $this->addFlash(self::SUCCESS$this->trans('account.recoveryMailSend'));
  242.         } catch (CustomerNotFoundException $e) {
  243.             $this->addFlash(self::SUCCESS$this->trans('account.recoveryMailSend'));
  244.         } catch (InconsistentCriteriaIdsException $e) {
  245.             $this->addFlash(self::DANGER$this->trans('error.message-default'));
  246.         } catch (RateLimitExceededException $e) {
  247.             $this->addFlash(self::INFO$this->trans('error.rateLimitExceeded', ['%seconds%' => $e->getWaitTime()]));
  248.         }
  250.         return $this->redirectToRoute('frontend.account.recover.page');
  251.     }
  253.     /**
  254.      * @Since("6.1.0.0")
  255.      * @Route("/account/recover/password", name="frontend.account.recover.password.page", methods={"GET"})
  256.      */
  257.     public function resetPasswordForm(Request $requestSalesChannelContext $context): Response
  258.     {
  259.         /** @deprecated tag:v6.5.0 - call to loginPageLoader and $loginPage will be removed */
  260.         $loginPage null;
  261.         if (!Feature::isActive('v6.5.0.0')) {
  262.             $loginPage $this->loginPageLoader->load($request$context);
  263.         }
  265.         /** @var ?string $hash */
  266.         $hash $request->get('hash');
  268.         if (!$hash || !\is_string($hash)) {
  269.             $this->addFlash(self::DANGER$this->trans('account.passwordHashNotFound'));
  271.             return $this->redirectToRoute('frontend.account.recover.request');
  272.         }
  274.         try {
  275.             $page $this->recoverPasswordPageLoader->load($request$context$hash);
  276.         } catch (ConstraintViolationException $e) {
  277.             $this->addFlash(self::DANGER$this->trans('account.passwordHashNotFound'));
  279.             return $this->redirectToRoute('frontend.account.recover.request');
  280.         }
  282.         $this->hook(new AccountRecoverPasswordPageLoadedHook($page$context));
  284.         if ($page->getHash() === null || $page->isHashExpired()) {
  285.             $this->addFlash(self::DANGER$this->trans('account.passwordHashNotFound'));
  287.             return $this->redirectToRoute('frontend.account.recover.request');
  288.         }
  290.         if (Feature::isActive('v6.5.0.0')) {
  291.             return $this->renderStorefront('@Storefront/storefront/page/account/profile/reset-password.html.twig', [
  292.                 'page' => $page,
  293.                 'formViolations' => $request->get('formViolations'),
  294.             ]);
  295.         }
  297.         /** @deprecated tag:v6.5.0 - page will be instance of AccountRecoverPasswordPage and $hash will be moved to $page.getHash() */
  298.         return $this->renderStorefront('@Storefront/storefront/page/account/profile/reset-password.html.twig', [
  299.             'page' => $loginPage,
  300.             'hash' => $hash,
  301.             'formViolations' => $request->get('formViolations'),
  302.         ]);
  303.     }
  305.     /**
  306.      * @Since("6.1.0.0")
  307.      * @Route("/account/recover/password", name="frontend.account.recover.password.reset", methods={"POST"})
  308.      */
  309.     public function resetPassword(RequestDataBag $dataSalesChannelContext $context): Response
  310.     {
  311.         $hash $data->get('password')->get('hash');
  313.         try {
  314.             $pw $data->get('password');
  316.             $this->resetPasswordRoute->resetPassword($pw->toRequestDataBag(), $context);
  318.             $this->addFlash(self::SUCCESS$this->trans('account.passwordChangeSuccess'));
  319.         } catch (ConstraintViolationException $formViolations) {
  320.             $this->addFlash(self::DANGER$this->trans('account.passwordChangeNoSuccess'));
  322.             return $this->forwardToRoute(
  323.                 'frontend.account.recover.password.page',
  324.                 ['hash' => $hash'formViolations' => $formViolations'passwordFormViolation' => true]
  325.             );
  326.         } catch (CustomerNotFoundByHashException $e) {
  327.             $this->addFlash(self::DANGER$this->trans('account.passwordChangeNoSuccess'));
  329.             return $this->forwardToRoute('frontend.account.recover.request');
  330.         } catch (CustomerRecoveryHashExpiredException $e) {
  331.             $this->addFlash(self::DANGER$this->trans('account.passwordHashExpired'));
  333.             return $this->forwardToRoute('frontend.account.recover.request');
  334.         }
  336.         return $this->redirectToRoute('frontend.account.profile.page');
  337.     }
  338. }