chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Chamilo is a learning management system focused on ease of use and accessibility
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
51357 Commits
17 Branches
107 Tags
940 MiB
 
 
 
 
 
 
Tag: Branch: Tree: 18158f3ad3
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '18158f3ad3'
${ noResults }
chamilo-lms/src/CoreBundle/Controller/SecurityController.php

117 lines
4.6 KiB
Raw Blame History

<?php
declare(strict_types=1);
/* For licensing terms, see /license.txt */
namespace Chamilo\CoreBundle\Controller;
use Chamilo\CoreBundle\Entity\ExtraFieldValues;
use Chamilo\CoreBundle\Entity\Legal;
use Chamilo\CoreBundle\Entity\User;
use Chamilo\CoreBundle\Repository\TrackELoginRecordRepository;
use Chamilo\CoreBundle\Settings\SettingsManager;
use Doctrine\ORM\EntityManager;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
use Symfony\Component\Serializer\SerializerInterface;
use Symfony\Contracts\Translation\TranslatorInterface;
class SecurityController extends AbstractController
{
public function __construct(
private SerializerInterface $serializer,
private TrackELoginRecordRepository $trackELoginRecordRepository,
private EntityManagerInterface $entityManager,
private SettingsManager $settingsManager,
private TokenStorageInterface $tokenStorage,
private AuthorizationCheckerInterface $authorizationChecker
) {}
#[Route('/login_json', name: 'login_json', methods: ['POST'])]
public function loginJson(Request $request, EntityManager $entityManager, SettingsManager $settingsManager, TokenStorageInterface $tokenStorage, TranslatorInterface $translator): Response
{
if (!$this->isGranted('IS_AUTHENTICATED_FULLY')) {
return $this->json(
[
'error' => 'Invalid login request: check that the Content-Type header is "application/json".',
],
400
);
}
/** @var User $user */
$user = $this->getUser();
if (1 !== $user->getActive()) {
if (0 === $user->getActive()) {
$message = $translator->trans('Account not activated.');
} else {
$message = $translator->trans('Invalid credentials. Please try again or contact support if you continue to experience issues.');
}
$tokenStorage->setToken(null);
$request->getSession()->invalidate();
return $this->json(['error' => $message], 401);
}
if (null !== $user->getExpirationDate() && $user->getExpirationDate() <= new \DateTime()) {
$message = $translator->trans('Your account has expired.');
$tokenStorage->setToken(null);
$request->getSession()->invalidate();
return $this->json(['error' => $message], 401);
}
$extraFieldValuesRepository = $this->entityManager->getRepository(ExtraFieldValues::class);
$legalTermsRepo = $this->entityManager->getRepository(Legal::class);
if ($user->hasRole('ROLE_STUDENT')
&& 'true' === $this->settingsManager->getSetting('allow_terms_conditions')
&& 'login' === $this->settingsManager->getSetting('load_term_conditions_section')
) {
$termAndConditionStatus = false;
$extraValue = $extraFieldValuesRepository->findLegalAcceptByItemId($user->getId());
if (!empty($extraValue['value'])) {
$result = $extraValue['value'];
$userConditions = explode(':', $result);
$version = $userConditions[0];
$langId = (int) $userConditions[1];
$realVersion = $legalTermsRepo->getLastVersion($langId);
$termAndConditionStatus = ($version >= $realVersion);
}
if (false === $termAndConditionStatus) {
$tempTermAndCondition = ['user_id' => $user->getId()];
$this->tokenStorage->setToken(null);
$request->getSession()->invalidate();
$request->getSession()->start();
$request->getSession()->set('term_and_condition', $tempTermAndCondition);
$responseData = [
'redirect' => '/main/auth/inscription.php',
'load_terms' => true,
];
return new JsonResponse($responseData, Response::HTTP_OK);
}
$request->getSession()->remove('term_and_condition');
}
$data = null;
if ($user) {
$data = $this->serializer->serialize($user, 'jsonld', ['groups' => ['user:read']]);
}
return new JsonResponse($data, Response::HTTP_OK, [], true);
}
}