public function register(Request $request) { $employeeRepository = $this->getEmployeeRepository(); $employee = new Employee(); //check for all request parameters if (!isset($request->request['email']) || !isset($request->request['password']) || !isset($request->request['passwordRep']) || !isset($request->request['firstname']) || !isset($request->request['lastname'])) { return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_REQUEST_PARAMETER); } if (strcmp($request->request['password'], $request->request['passwordRep']) != 0) { return JsonErrorResponse::fromKey(JsonErrorResponse::UNEQUAL_PASSWORD_ERROR); } if (!Helper::checkPasswordConstraints($request->request['password'])) { return JsonErrorResponse::fromKey(JsonErrorResponse::PASSWORD_REQUIREMENTS_ERROR); } $salt = Helper::randomString(5); $password = $request->request['password']; $hash = Helper::hashPassword($password, $salt); //---- validation --- $email = $request->request['email']; if (filter_var($email, FILTER_VALIDATE_EMAIL)) { if (!is_null($employeeRepository->getEmployeeByEmail($email)) || !is_null($this->getCustomerRepository()->getCustomerByEmail($email))) { return new JsonResponse(array('success' => true)); } $employee->email = $email; } else { return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_REQUEST_EMAIL); } $employee->firstname = filter_var($request->request['firstname'], FILTER_SANITIZE_STRING); $employee->lastname = filter_var($request->request['lastname'], FILTER_SANITIZE_STRING); if ($employeeRepository->createEmployeeAccount($employee, $salt, $hash)) { return new JsonResponse(array('success' => true)); } else { return JsonErrorResponse::fromKey(JsonErrorResponse::UNEXPECTED_ERROR); } }
public function register(Request $request) { $customerRepository = $this->getCustomerRepository(); $customer = new Customer(); //check for all request parameters if (!isset($request->request['email']) || !isset($request->request['password']) || !isset($request->request['passwordRep']) || !isset($request->request['firstname']) || !isset($request->request['lastname']) || !isset($request->request['gender']) || !isset($request->request['tan'])) { return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_REQUEST_PARAMETER); } if (strcmp($request->request['password'], $request->request['passwordRep']) != 0) { return JsonErrorResponse::fromKey(JsonErrorResponse::UNEQUAL_PASSWORD_ERROR); } if (!Helper::checkPasswordConstraints($request->request['password'])) { return JsonErrorResponse::fromKey(JsonErrorResponse::PASSWORD_REQUIREMENTS_ERROR); } $scs_pin = @$request->request['tan'] == 'scs' ? substr(mt_rand(1000000, 1999999), 1) : NULL; $salt = Helper::randomString(5); $password = $request->request['password']; $hash = Helper::hashPassword($password, $salt); //---- validation --- $email = $request->request['email']; if (filter_var($email, FILTER_VALIDATE_EMAIL)) { if (!is_null($customerRepository->getCustomerByEmail($email)) || !is_null($this->getEmployeeRepository()->getEmployeeByEmail($email))) { return new JsonResponse(array('success' => true)); } $customer->email = $email; } else { return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_REQUEST_EMAIL); } $customer->title = filter_var($request->request['title'], FILTER_SANITIZE_STRING); $customer->firstname = filter_var($request->request['firstname'], FILTER_SANITIZE_STRING); $customer->lastname = filter_var($request->request['lastname'], FILTER_SANITIZE_STRING); $customer->gender = filter_var($request->request['gender'], FILTER_SANITIZE_STRING); if ($customer->id = $customerRepository->createCustomerAccount($customer, $salt, $hash, $scs_pin)) { if (is_null($scs_pin)) { $message = "Dear {$customer->firstname} {$customer->lastname}," . PHP_EOL . "your Account was successfully created! Please be patient until your account is approved." . PHP_EOL . "You can find a PDF with your TANs attached. You can open the file using your account password." . PHP_EOL . PHP_EOL . "Best Regards," . PHP_EOL . "SitzBank"; $mail = Helper::getPhpMailer(); $mail->addAddress($customer->email, $customer->firstname . ' ' . $customer->lastname); $mail->Subject = "Welcome to Sitzbank!"; $mail->Body = $message; $mail->addAttachment($this->generateTanPdf($customer, $password), "tan-list.pdf"); if (!$mail->send()) { return JsonErrorResponse::fromKey(JsonErrorResponse::MAIL_ERROR); } } return new JsonResponse(array('success' => true)); } else { return JsonErrorResponse::fromKey(JsonErrorResponse::UNEXPECTED_ERROR); } }
public function resetPassword(Request $request) { if (!isset($request->request['token']) || !isset($request->request['password']) || !isset($request->request['passwordRep'])) { return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_REQUEST_PARAMETER); } //Validate token $token = filter_var($request->request['token'], FILTER_SANITIZE_STRING); $customer = $this->getCustomerRepository()->getCustomerByPasswordResetToken($token); if (is_null($customer)) { return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_PW_RESET_TOKEN); } //Validate password if (strcmp($request->request['password'], $request->request['passwordRep']) != 0) { return JsonErrorResponse::fromKey(JsonErrorResponse::UNEQUAL_PASSWORD_ERROR); } if (!Helper::checkPasswordConstraints($request->request['password'])) { return JsonErrorResponse::fromKey(JsonErrorResponse::PASSWORD_REQUIREMENTS_ERROR); } $password = $request->request['password']; $salt = Helper::randomString(5); $hash = Helper::hashPassword($password, $salt); if ($this->getCustomerRepository()->updateCustomerCredentials($customer, $salt, $hash)) { $this->getCustomerRepository()->removePassworReset($customer->id); return new JsonResponse(array('message' => 'Your password has been reseted. You can now login in with your new password.')); } return JsonErrorResponse::fromKey(JsonErrorResponse::UNEXPECTED_ERROR); }