public static function generate($customerId) { $tan = new Tan(); $tan->customerId = $customerId; $tan->value = Helper::randomString(15); return $tan; }
public function register(Request $request) { $employeeRepository = $this->getEmployeeRepository(); $employee = new Employee(); //check for all request parameters if (!isset($request->request['email']) || !isset($request->request['password']) || !isset($request->request['passwordRep']) || !isset($request->request['firstname']) || !isset($request->request['lastname'])) { return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_REQUEST_PARAMETER); } if (strcmp($request->request['password'], $request->request['passwordRep']) != 0) { return JsonErrorResponse::fromKey(JsonErrorResponse::UNEQUAL_PASSWORD_ERROR); } if (!Helper::checkPasswordConstraints($request->request['password'])) { return JsonErrorResponse::fromKey(JsonErrorResponse::PASSWORD_REQUIREMENTS_ERROR); } $salt = Helper::randomString(5); $password = $request->request['password']; $hash = Helper::hashPassword($password, $salt); //---- validation --- $email = $request->request['email']; if (filter_var($email, FILTER_VALIDATE_EMAIL)) { if (!is_null($employeeRepository->getEmployeeByEmail($email)) || !is_null($this->getCustomerRepository()->getCustomerByEmail($email))) { return new JsonResponse(array('success' => true)); } $employee->email = $email; } else { return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_REQUEST_EMAIL); } $employee->firstname = filter_var($request->request['firstname'], FILTER_SANITIZE_STRING); $employee->lastname = filter_var($request->request['lastname'], FILTER_SANITIZE_STRING); if ($employeeRepository->createEmployeeAccount($employee, $salt, $hash)) { return new JsonResponse(array('success' => true)); } else { return JsonErrorResponse::fromKey(JsonErrorResponse::UNEXPECTED_ERROR); } }
public function approveRegistration(Request $request, $customerId) { if (!isset($request->request['amount'])) { return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_REQUEST_PARAMETER); } $amount = $request->request['amount']; if (!filter_var($amount, FILTER_VALIDATE_REGEXP, array("options" => array("regexp" => "/^\\d*(\$|\\.\\d\\d\$)/")))) { return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_AMOUNT); } $amount = floatval($amount); $customerRepository = $this->getCustomerRepository(); $customer = $customerRepository->getCustomerById($customerId); if (is_null($customer)) { return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_CUSTOMER_ID); } if ($customer->status == 'pending') { $credentials = $customerRepository->getCustomerCredentials($customer); if (is_null($credentials['scs_pin'])) { $password = Helper::randomString(5); $message = "Dear {$customer->firstname} {$customer->lastname}," . PHP_EOL . "your Account was successfully approved!" . "You can now login and make transactions with your tan list" . $password . PHP_EOL . PHP_EOL . "Best Regards," . PHP_EOL . "SitzBank"; $mail = Helper::getPhpMailer(); $mail->addAddress($customer->email, $customer->firstname . ' ' . $customer->lastname); $mail->Subject = "Account approved!"; $mail->Body = $message; if (!$mail->send()) { return JsonErrorResponse::fromKey(JsonErrorResponse::MAIL_ERROR); } } else { // using the scs generator $message = "Dear {$customer->firstname} {$customer->lastname}," . PHP_EOL . "your Account was successfully approved! You chose to use the scs tan generator." . PHP_EOL . "You can download the generator in the logged in area (make a transfer section)." . PHP_EOL . "Your scs pin is " . $credentials['scs_pin'] . PHP_EOL . "Best Regards," . PHP_EOL . "SitzBank"; $mail = Helper::getPhpMailer(); $mail->addAddress($customer->email, $customer->firstname . ' ' . $customer->lastname); $mail->Subject = "Welcome to Sitzbank!"; $mail->Body = $message; if (!$mail->send()) { return JsonErrorResponse::fromKey(JsonErrorResponse::MAIL_ERROR); } } } if ($customerRepository->approveRegistration($customerId)) { if ($amount > 0) { $transaction = Transaction::withData(1, $customer->id, $amount, "Initial Account Balance", 'approved'); $this->getTransactionRepository()->createTransaction($transaction); } return new JsonResponse(array('success' => true)); } return JsonErrorResponse::fromKey(JsonErrorResponse::UNEXPECTED_ERROR); }
public function resetPassword(Request $request) { if (!isset($request->request['token']) || !isset($request->request['password']) || !isset($request->request['passwordRep'])) { return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_REQUEST_PARAMETER); } //Validate token $token = filter_var($request->request['token'], FILTER_SANITIZE_STRING); $customer = $this->getCustomerRepository()->getCustomerByPasswordResetToken($token); if (is_null($customer)) { return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_PW_RESET_TOKEN); } //Validate password if (strcmp($request->request['password'], $request->request['passwordRep']) != 0) { return JsonErrorResponse::fromKey(JsonErrorResponse::UNEQUAL_PASSWORD_ERROR); } if (!Helper::checkPasswordConstraints($request->request['password'])) { return JsonErrorResponse::fromKey(JsonErrorResponse::PASSWORD_REQUIREMENTS_ERROR); } $password = $request->request['password']; $salt = Helper::randomString(5); $hash = Helper::hashPassword($password, $salt); if ($this->getCustomerRepository()->updateCustomerCredentials($customer, $salt, $hash)) { $this->getCustomerRepository()->removePassworReset($customer->id); return new JsonResponse(array('message' => 'Your password has been reseted. You can now login in with your new password.')); } return JsonErrorResponse::fromKey(JsonErrorResponse::UNEXPECTED_ERROR); }