public function register(Request $request)
{
$employeeRepository = $this->getEmployeeRepository();
$employee = new Employee();
//check for all request parameters
if (!isset($request->request['email']) || !isset($request->request['password']) || !isset($request->request['passwordRep']) || !isset($request->request['firstname']) || !isset($request->request['lastname'])) {
return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_REQUEST_PARAMETER);
}
if (strcmp($request->request['password'], $request->request['passwordRep']) != 0) {
return JsonErrorResponse::fromKey(JsonErrorResponse::UNEQUAL_PASSWORD_ERROR);
}
if (!Helper::checkPasswordConstraints($request->request['password'])) {
return JsonErrorResponse::fromKey(JsonErrorResponse::PASSWORD_REQUIREMENTS_ERROR);
}
$salt = Helper::randomString(5);
$password = $request->request['password'];
$hash = Helper::hashPassword($password, $salt);
//---- validation ---
$email = $request->request['email'];
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
if (!is_null($employeeRepository->getEmployeeByEmail($email)) || !is_null($this->getCustomerRepository()->getCustomerByEmail($email))) {
return new JsonResponse(array('success' => true));
}
$employee->email = $email;
} else {
return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_REQUEST_EMAIL);
}
$employee->firstname = filter_var($request->request['firstname'], FILTER_SANITIZE_STRING);
$employee->lastname = filter_var($request->request['lastname'], FILTER_SANITIZE_STRING);
if ($employeeRepository->createEmployeeAccount($employee, $salt, $hash)) {
return new JsonResponse(array('success' => true));
} else {
return JsonErrorResponse::fromKey(JsonErrorResponse::UNEXPECTED_ERROR);
}
}
public function register(Request $request)
{
$customerRepository = $this->getCustomerRepository();
$customer = new Customer();
//check for all request parameters
if (!isset($request->request['email']) || !isset($request->request['password']) || !isset($request->request['passwordRep']) || !isset($request->request['firstname']) || !isset($request->request['lastname']) || !isset($request->request['gender']) || !isset($request->request['tan'])) {
return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_REQUEST_PARAMETER);
}
if (strcmp($request->request['password'], $request->request['passwordRep']) != 0) {
return JsonErrorResponse::fromKey(JsonErrorResponse::UNEQUAL_PASSWORD_ERROR);
}
if (!Helper::checkPasswordConstraints($request->request['password'])) {
return JsonErrorResponse::fromKey(JsonErrorResponse::PASSWORD_REQUIREMENTS_ERROR);
}
$scs_pin = @$request->request['tan'] == 'scs' ? substr(mt_rand(1000000, 1999999), 1) : NULL;
$salt = Helper::randomString(5);
$password = $request->request['password'];
$hash = Helper::hashPassword($password, $salt);
//---- validation ---
$email = $request->request['email'];
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
if (!is_null($customerRepository->getCustomerByEmail($email)) || !is_null($this->getEmployeeRepository()->getEmployeeByEmail($email))) {
return new JsonResponse(array('success' => true));
}
$customer->email = $email;
} else {
return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_REQUEST_EMAIL);
}
$customer->title = filter_var($request->request['title'], FILTER_SANITIZE_STRING);
$customer->firstname = filter_var($request->request['firstname'], FILTER_SANITIZE_STRING);
$customer->lastname = filter_var($request->request['lastname'], FILTER_SANITIZE_STRING);
$customer->gender = filter_var($request->request['gender'], FILTER_SANITIZE_STRING);
if ($customer->id = $customerRepository->createCustomerAccount($customer, $salt, $hash, $scs_pin)) {
if (is_null($scs_pin)) {
$message = "Dear {$customer->firstname} {$customer->lastname}," . PHP_EOL . "your Account was successfully created! Please be patient until your account is approved." . PHP_EOL . "You can find a PDF with your TANs attached. You can open the file using your account password." . PHP_EOL . PHP_EOL . "Best Regards," . PHP_EOL . "SitzBank";
$mail = Helper::getPhpMailer();
$mail->addAddress($customer->email, $customer->firstname . ' ' . $customer->lastname);
$mail->Subject = "Welcome to Sitzbank!";
$mail->Body = $message;
$mail->addAttachment($this->generateTanPdf($customer, $password), "tan-list.pdf");
if (!$mail->send()) {
return JsonErrorResponse::fromKey(JsonErrorResponse::MAIL_ERROR);
}
}
return new JsonResponse(array('success' => true));
} else {
return JsonErrorResponse::fromKey(JsonErrorResponse::UNEXPECTED_ERROR);
}
}
public function resetPassword(Request $request)
{
if (!isset($request->request['token']) || !isset($request->request['password']) || !isset($request->request['passwordRep'])) {
return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_REQUEST_PARAMETER);
}
//Validate token
$token = filter_var($request->request['token'], FILTER_SANITIZE_STRING);
$customer = $this->getCustomerRepository()->getCustomerByPasswordResetToken($token);
if (is_null($customer)) {
return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_PW_RESET_TOKEN);
}
//Validate password
if (strcmp($request->request['password'], $request->request['passwordRep']) != 0) {
return JsonErrorResponse::fromKey(JsonErrorResponse::UNEQUAL_PASSWORD_ERROR);
}
if (!Helper::checkPasswordConstraints($request->request['password'])) {
return JsonErrorResponse::fromKey(JsonErrorResponse::PASSWORD_REQUIREMENTS_ERROR);
}
$password = $request->request['password'];
$salt = Helper::randomString(5);
$hash = Helper::hashPassword($password, $salt);
if ($this->getCustomerRepository()->updateCustomerCredentials($customer, $salt, $hash)) {
$this->getCustomerRepository()->removePassworReset($customer->id);
return new JsonResponse(array('message' => 'Your password has been reseted. You can now login in with your new password.'));
}
return JsonErrorResponse::fromKey(JsonErrorResponse::UNEXPECTED_ERROR);
}
