vendor/shopware/storefront/Controller/AuthController.php line 83

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Shopware\Storefront\Controller;
  5. use Shopware\Core\Checkout\Customer\Exception\BadCredentialsException;
  6. use Shopware\Core\Checkout\Customer\Exception\CustomerAuthThrottledException;
  7. use Shopware\Core\Checkout\Customer\Exception\CustomerNotFoundByHashException;
  8. use Shopware\Core\Checkout\Customer\Exception\CustomerNotFoundException;
  9. use Shopware\Core\Checkout\Customer\Exception\CustomerRecoveryHashExpiredException;
  10. use Shopware\Core\Checkout\Customer\Exception\InactiveCustomerException;
  11. use Shopware\Core\Checkout\Customer\SalesChannel\AbstractLoginRoute;
  12. use Shopware\Core\Checkout\Customer\SalesChannel\AbstractLogoutRoute;
  13. use Shopware\Core\Checkout\Customer\SalesChannel\AbstractResetPasswordRoute;
  14. use Shopware\Core\Checkout\Customer\SalesChannel\AbstractSendPasswordRecoveryMailRoute;
  15. use Shopware\Core\Framework\DataAbstractionLayer\Exception\InconsistentCriteriaIdsException;
  16. use Shopware\Core\Framework\Feature;
  17. use Shopware\Core\Framework\Log\Package;
  18. use Shopware\Core\Framework\RateLimiter\Exception\RateLimitExceededException;
  19. use Shopware\Core\Framework\Routing\Annotation\Since;
  20. use Shopware\Core\Framework\Validation\DataBag\RequestDataBag;
  21. use Shopware\Core\Framework\Validation\Exception\ConstraintViolationException;
  22. use Shopware\Core\PlatformRequest;
  23. use Shopware\Core\System\SalesChannel\Context\SalesChannelContextServiceInterface;
  24. use Shopware\Core\System\SalesChannel\Context\SalesChannelContextServiceParameters;
  25. use Shopware\Core\System\SalesChannel\SalesChannelContext;
  26. use Shopware\Storefront\Checkout\Cart\SalesChannel\StorefrontCartFacade;
  27. use Shopware\Storefront\Framework\Routing\Annotation\NoStore;
  28. use Shopware\Storefront\Framework\Routing\RequestTransformer;
  29. use Shopware\Storefront\Page\Account\Login\AccountGuestLoginPageLoadedHook;
  30. use Shopware\Storefront\Page\Account\Login\AccountLoginPageLoadedHook;
  31. use Shopware\Storefront\Page\Account\Login\AccountLoginPageLoader;
  32. use Shopware\Storefront\Page\Account\RecoverPassword\AccountRecoverPasswordPage;
  33. use Shopware\Storefront\Page\Account\RecoverPassword\AccountRecoverPasswordPageLoadedHook;
  34. use Shopware\Storefront\Page\Account\RecoverPassword\AccountRecoverPasswordPageLoader;
  35. use Symfony\Component\HttpFoundation\Request;
  36. use Symfony\Component\HttpFoundation\Response;
  37. use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
  38. use Symfony\Component\Routing\Annotation\Route;
  40. /**
  41.  * @Route(defaults={"_routeScope"={"storefront"}})
  42.  *
  43.  * @deprecated tag:v6.5.0 - reason:becomes-internal - Will be internal
  44.  */
  45. #[Package('storefront')]
  46. class AuthController extends StorefrontController
  47. {
  48.     private AccountLoginPageLoader $loginPageLoader;
  50.     private AbstractSendPasswordRecoveryMailRoute $sendPasswordRecoveryMailRoute;
  52.     private AbstractResetPasswordRoute $resetPasswordRoute;
  54.     private AbstractLoginRoute $loginRoute;
  56.     private AbstractLogoutRoute $logoutRoute;
  58.     private StorefrontCartFacade $cartFacade;
  60.     private AccountRecoverPasswordPageLoader $recoverPasswordPageLoader;
  62.     private SalesChannelContextServiceInterface $salesChannelContext;
  64.     /**
  65.      * @internal
  66.      */
  67.     public function __construct(
  68.         AccountLoginPageLoader $loginPageLoader,
  69.         AbstractSendPasswordRecoveryMailRoute $sendPasswordRecoveryMailRoute,
  70.         AbstractResetPasswordRoute $resetPasswordRoute,
  71.         AbstractLoginRoute $loginRoute,
  72.         AbstractLogoutRoute $logoutRoute,
  73.         StorefrontCartFacade $cartFacade,
  74.         AccountRecoverPasswordPageLoader $recoverPasswordPageLoader,
  75.         SalesChannelContextServiceInterface $salesChannelContextService
  76.     ) {
  77.         $this->loginPageLoader $loginPageLoader;
  78.         $this->sendPasswordRecoveryMailRoute $sendPasswordRecoveryMailRoute;
  79.         $this->resetPasswordRoute $resetPasswordRoute;
  80.         $this->loginRoute $loginRoute;
  81.         $this->logoutRoute $logoutRoute;
  82.         $this->cartFacade $cartFacade;
  83.         $this->recoverPasswordPageLoader $recoverPasswordPageLoader;
  84.         $this->salesChannelContext $salesChannelContextService;
  85.     }
  87.     /**
  88.      * @Since("6.0.0.0")
  89.      * @Route("/account/login", name="frontend.account.login.page", methods={"GET"})
  90.      * @NoStore
  91.      */
  92.     public function loginPage(Request $requestRequestDataBag $dataSalesChannelContext $context): Response
  93.     {
  94.         /** @var string $redirect */
  95.         $redirect $request->get('redirectTo''frontend.account.home.page');
  97.         $customer $context->getCustomer();
  99.         if ($customer !== null && $customer->getGuest() === false) {
  100.             $request->request->set('redirectTo'$redirect);
  102.             return $this->createActionResponse($request);
  103.         }
  105.         $page $this->loginPageLoader->load($request$context);
  107.         $this->hook(new AccountLoginPageLoadedHook($page$context));
  109.         return $this->renderStorefront('@Storefront/storefront/page/account/register/index.html.twig', [
  110.             'redirectTo' => $redirect,
  111.             'redirectParameters' => $request->get('redirectParameters'json_encode([])),
  112.             'page' => $page,
  113.             'loginError' => (bool) $request->get('loginError'),
  114.             'waitTime' => $request->get('waitTime'),
  115.             'errorSnippet' => $request->get('errorSnippet'),
  116.             'data' => $data,
  117.         ]);
  118.     }
  120.     /**
  121.      * @Since("6.3.4.1")
  122.      * @Route("/account/guest/login", name="frontend.account.guest.login.page", methods={"GET"})
  123.      * @NoStore
  124.      */
  125.     public function guestLoginPage(Request $requestSalesChannelContext $context): Response
  126.     {
  127.         /** @var string $redirect */
  128.         $redirect $request->get('redirectTo''frontend.account.home.page');
  130.         $customer $context->getCustomer();
  132.         if ($customer !== null) {
  133.             $request->request->set('redirectTo'$redirect);
  135.             return $this->createActionResponse($request);
  136.         }
  138.         $waitTime = (int) $request->get('waitTime');
  139.         if ($waitTime) {
  140.             $this->addFlash(self::INFO$this->trans('account.loginThrottled', ['%seconds%' => $waitTime]));
  141.         }
  143.         if ((bool) $request->get('loginError')) {
  144.             $this->addFlash(self::DANGER$this->trans('account.orderGuestLoginWrongCredentials'));
  145.         }
  147.         $page $this->loginPageLoader->load($request$context);
  149.         $this->hook(new AccountGuestLoginPageLoadedHook($page$context));
  151.         return $this->renderStorefront('@Storefront/storefront/page/account/guest-auth.html.twig', [
  152.             'redirectTo' => $redirect,
  153.             'redirectParameters' => $request->get('redirectParameters'json_encode([])),
  154.             'page' => $page,
  155.         ]);
  156.     }
  158.     /**
  159.      * @Since("6.0.0.0")
  160.      * @Route("/account/logout", name="frontend.account.logout.page", methods={"GET"})
  161.      */
  162.     public function logout(Request $requestSalesChannelContext $contextRequestDataBag $dataBag): Response
  163.     {
  164.         if ($context->getCustomer() === null) {
  165.             return $this->redirectToRoute('frontend.account.login.page');
  166.         }
  168.         try {
  169.             $this->logoutRoute->logout($context$dataBag);
  170.             $this->addFlash(self::SUCCESS$this->trans('account.logoutSucceeded'));
  172.             $parameters = [];
  173.         } catch (ConstraintViolationException $formViolations) {
  174.             $parameters = ['formViolations' => $formViolations];
  175.         }
  177.         return $this->redirectToRoute('frontend.account.login.page'$parameters);
  178.     }
  180.     /**
  181.      * @Since("6.0.0.0")
  182.      * @Route("/account/login", name="frontend.account.login", methods={"POST"}, defaults={"XmlHttpRequest"=true})
  183.      */
  184.     public function login(Request $requestRequestDataBag $dataSalesChannelContext $context): Response
  185.     {
  186.         $customer $context->getCustomer();
  188.         if ($customer !== null && $customer->getGuest() === false) {
  189.             return $this->createActionResponse($request);
  190.         }
  192.         try {
  193.             $token $this->loginRoute->login($data$context)->getToken();
  194.             $cartBeforeNewContext $this->cartFacade->get($token$context);
  196.             $newContext $this->salesChannelContext->get(
  197.                 new SalesChannelContextServiceParameters(
  198.                     $context->getSalesChannelId(),
  199.                     $token,
  200.                     $context->getLanguageIdChain()[0],
  201.                     $context->getCurrencyId(),
  202.                     $context->getDomainId(),
  203.                     $context->getContext()
  204.                 )
  205.             );
  207.             // Update the sales channel context for CacheResponseSubscriber
  208.             $request->attributes->set(PlatformRequest::ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT$newContext);
  210.             if (!empty($token)) {
  211.                 $this->addCartErrors($cartBeforeNewContext);
  213.                 return $this->createActionResponse($request);
  214.             }
  215.         } catch (BadCredentialsException UnauthorizedHttpException InactiveCustomerException CustomerAuthThrottledException $e) {
  216.             if ($e instanceof InactiveCustomerException) {
  217.                 $errorSnippet $e->getSnippetKey();
  218.             }
  220.             if ($e instanceof CustomerAuthThrottledException) {
  221.                 $waitTime $e->getWaitTime();
  222.             }
  223.         }
  225.         $data->set('password'null);
  227.         return $this->forwardToRoute(
  228.             'frontend.account.login.page',
  229.             [
  230.                 'loginError' => true,
  231.                 'errorSnippet' => $errorSnippet ?? null,
  232.                 'waitTime' => $waitTime ?? null,
  233.             ]
  234.         );
  235.     }
  237.     /**
  238.      * @Since("6.1.0.0")
  239.      * @Route("/account/recover", name="frontend.account.recover.page", methods={"GET"})
  240.      */
  241.     public function recoverAccountForm(Request $requestSalesChannelContext $context): Response
  242.     {
  243.         $page $this->loginPageLoader->load($request$context);
  245.         return $this->renderStorefront('@Storefront/storefront/page/account/profile/recover-password.html.twig', [
  246.             'page' => $page,
  247.         ]);
  248.     }
  250.     /**
  251.      * @Since("6.1.0.0")
  252.      * @Route("/account/recover", name="frontend.account.recover.request", methods={"POST"})
  253.      */
  254.     public function generateAccountRecovery(Request $requestRequestDataBag $dataSalesChannelContext $context): Response
  255.     {
  256.         try {
  257.             $data->get('email')
  258.                 ->set('storefrontUrl'$request->attributes->get(RequestTransformer::STOREFRONT_URL));
  260.             $this->sendPasswordRecoveryMailRoute->sendRecoveryMail(
  261.                 $data->get('email')->toRequestDataBag(),
  262.                 $context,
  263.                 false
  264.             );
  266.             $this->addFlash(self::SUCCESS$this->trans('account.recoveryMailSend'));
  267.         } catch (CustomerNotFoundException $e) {
  268.             $this->addFlash(self::SUCCESS$this->trans('account.recoveryMailSend'));
  269.         } catch (InconsistentCriteriaIdsException $e) {
  270.             $this->addFlash(self::DANGER$this->trans('error.message-default'));
  271.         } catch (RateLimitExceededException $e) {
  272.             $this->addFlash(self::INFO$this->trans('error.rateLimitExceeded', ['%seconds%' => $e->getWaitTime()]));
  273.         }
  275.         return $this->redirectToRoute('frontend.account.recover.page');
  276.     }
  278.     /**
  279.      * @Since("6.1.0.0")
  280.      * @Route("/account/recover/password", name="frontend.account.recover.password.page", methods={"GET"})
  281.      */
  282.     public function resetPasswordForm(Request $requestSalesChannelContext $context): Response
  283.     {
  284.         /** @deprecated tag:v6.5.0 - call to loginPageLoader and $loginPage will be removed */
  285.         $loginPage null;
  286.         if (!Feature::isActive('v6.5.0.0')) {
  287.             $loginPage $this->loginPageLoader->load($request$context);
  288.         }
  290.         /** @var ?string $hash */
  291.         $hash $request->get('hash');
  293.         if (!$hash || !\is_string($hash)) {
  294.             $this->addFlash(self::DANGER$this->trans('account.passwordHashNotFound'));
  296.             return $this->redirectToRoute('frontend.account.recover.request');
  297.         }
  299.         try {
  300.             $page $this->recoverPasswordPageLoader->load($request$context$hash);
  301.         } catch (ConstraintViolationException $e) {
  302.             $this->addFlash(self::DANGER$this->trans('account.passwordHashNotFound'));
  304.             return $this->redirectToRoute('frontend.account.recover.request');
  305.         }
  307.         $this->hook(new AccountRecoverPasswordPageLoadedHook($page$context));
  309.         if ($page->getHash() === null || $page->isHashExpired()) {
  310.             $this->addFlash(self::DANGER$this->trans('account.passwordHashNotFound'));
  312.             return $this->redirectToRoute('frontend.account.recover.request');
  313.         }
  315.         if (Feature::isActive('v6.5.0.0')) {
  316.             return $this->renderStorefront('@Storefront/storefront/page/account/profile/reset-password.html.twig', [
  317.                 'page' => $page,
  318.                 'formViolations' => $request->get('formViolations'),
  319.             ]);
  320.         }
  322.         /** @deprecated tag:v6.5.0 - page will be instance of AccountRecoverPasswordPage and $hash will be moved to $page.getHash() */
  323.         return $this->renderStorefront('@Storefront/storefront/page/account/profile/reset-password.html.twig', [
  324.             'page' => $loginPage,
  325.             'hash' => $hash,
  326.             'formViolations' => $request->get('formViolations'),
  327.         ]);
  328.     }
  330.     /**
  331.      * @Since("6.1.0.0")
  332.      * @Route("/account/recover/password", name="frontend.account.recover.password.reset", methods={"POST"})
  333.      */
  334.     public function resetPassword(RequestDataBag $dataSalesChannelContext $context): Response
  335.     {
  336.         $hash $data->get('password')->get('hash');
  338.         try {
  339.             $pw $data->get('password');
  341.             $this->resetPasswordRoute->resetPassword($pw->toRequestDataBag(), $context);
  343.             $this->addFlash(self::SUCCESS$this->trans('account.passwordChangeSuccess'));
  344.         } catch (ConstraintViolationException $formViolations) {
  345.             $this->addFlash(self::DANGER$this->trans('account.passwordChangeNoSuccess'));
  347.             return $this->forwardToRoute(
  348.                 'frontend.account.recover.password.page',
  349.                 ['hash' => $hash'formViolations' => $formViolations'passwordFormViolation' => true]
  350.             );
  351.         } catch (CustomerNotFoundByHashException $e) {
  352.             $this->addFlash(self::DANGER$this->trans('account.passwordChangeNoSuccess'));
  354.             return $this->forwardToRoute('frontend.account.recover.request');
  355.         } catch (CustomerRecoveryHashExpiredException $e) {
  356.             $this->addFlash(self::DANGER$this->trans('account.passwordHashExpired'));
  358.             return $this->forwardToRoute('frontend.account.recover.request');
  359.         }
  361.         return $this->redirectToRoute('frontend.account.profile.page');
  362.     }
  363. }