<?php
namespace Platform\SecurityBundle\Controller\System;
use Cms\CoreBundle\Model\Scenes\DashboardScenes\DocumentScene;
use Cms\CoreBundle\Util\Controller;
use Cms\CoreBundle\Util\DateTimeUtils;
use Platform\SecurityBundle\Entity\Identity\Account;
use Platform\SecurityBundle\Form\Type\SignInType;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\HttpFoundation\Cookie;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\RouterInterface;
/**
* Class LoginController
* @package Platform\SecurityBundle\Controller\System
*/
final class InstancesController extends Controller
{
const ROUTES__PROMPT = 'campussuite.platform.security.system.instances.prompt';
const ROUTES__PRIVACY_POLICY = 'campussuite.platform.security.system.instances.privacy_policy';
const ROUTES__TERMS_OF_SERVICE = 'campussuite.platform.security.system.instances.terms_of_service';
const COOKIE = 'campussuite_auto_login_email';
const CODE = '1234';
/**
* @param Request $request
* @return Response|DocumentScene
* @throws \Exception
*
* @Route(
* "",
* name = InstancesController::ROUTES__PROMPT
* )
*/
public function promptAction(Request $request)
{
$instances = [];
// url generation helpers
$router = $this->getRouter();
$context = $router->getContext();
$host = $context->getHost();
// check if we are bypassing the email check screen
// check for email cookie first
// if not present, try to pull from query string
// TODO: do we need the cookie stuff?
$email = $request->cookies->get(self::COOKIE);
if ( ! empty($email)) {
$code = self::CODE;
} else {
$email = $request->query->get('email');
$code = $request->query->get('code');
}
// determine if we need to generate a form or not
if ( ! empty($email) && $code === self::CODE) {
$form = null;
} else {
$form = $this->createForm(
SignInType::class,
array(
'email' => $email,
),
[]
);
}
// process to get the email
if ( ! empty($form) && $this->handleForm($form)) {
$email = $form->get('email')->getData();
}
// if we have an email, show the accounts
// do only if no form of the form is ok
if ((empty($form) || ($form->isSubmitted() && $form->isValid())) && ! empty($email)) {
// encrypt the email for obfuscation
$encryptedEmail = openssl_encrypt(
$email,
'aes128',
$this->getParameter('kernel.secret')
);
// get the accounts that match us
/** @var Account[] $accounts */
$accounts = $this->getEntityManager()->getRepository(Account::class)
->createQueryBuilder('accounts')
->andWhere('accounts.email = :email')
->setParameter('email', $email)
->leftJoin('accounts.tenant', 'tenants')
->addSelect('tenants')
->orderBy('tenants.name', 'ASC')
->getQuery()
->getResult();
// branch on the amount of results
switch (true) {
// none are found
case count($accounts) === 0:
break;
// more than one, need to select which one to use
case count($accounts) > 1:
foreach ($accounts as $account) {
$context->setHost(sprintf(
'%s.%s',
$account->getTenant()->getSlug(),
$this->getParameter('dashboard.hostname')
));
$instances[] = array(
'name' => $account->getTenant()->getName(),
'url' => $this->generateUrl(
'platform.security.login.default.select',
array(
'autofill' => $encryptedEmail,
),
RouterInterface::ABSOLUTE_URL
),
);
}
break;
// only one, go ahead and do redirect
case count($accounts) === 1:
$context->setHost(sprintf(
'%s.%s',
$accounts[0]->getTenant()->getSlug(),
$this->getParameter('dashboard.hostname')
));
$response = new RedirectResponse($this->generateUrl(
'platform.security.login.default.select',
array(
'autofill' => $encryptedEmail,
),
RouterInterface::ABSOLUTE_URL
));
$response->headers->setCookie(new Cookie(
self::COOKIE,
$email,
DateTimeUtils::afterNow('P1Y')
));
return $response;
}
}
// be sure to return url context to original state
$context->setHost($host);
return $this->view(array(
'form' => ( ! empty($form)) ? $form->createView() : null,
'instances' => $instances,
));
}
/**
* @return DocumentScene
*
* @Route(
* "/privacy-policy",
* name = InstancesController::ROUTES__PRIVACY_POLICY
* )
*/
public function privacyAction()
{
return $this->view();
}
/**
* @return DocumentScene
*
* @Route(
* "/terms-of-service",
* name = InstancesController::ROUTES__TERMS_OF_SERVICE
* )
*/
public function termsAction()
{
return $this->view();
}
}