src/Controller/SecurityController.php line 130

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use Monolog\Logger;
  6. use Psr\Log\LoggerInterface;
  7. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  8. use Symfony\Component\HttpFoundation\RedirectResponse;
  9. use Symfony\Component\HttpFoundation\Response;
  10. use Symfony\Component\Routing\Annotation\Route;
  11. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  12. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  13. use Symfony\Component\HttpFoundation\Request;
  14. use App\Entity\User;
  15. use Intis\SDK\Exception\MessageSendingResultException;
  16. use App\Service\Sender;
  18. class SecurityController extends ParentController {
  19. protected $error = '';
  20. protected $logger = null;
  21. protected $ip = '';
  22. protected $user = null;
  24. /**
  25. * @Route("/login", name="app_login")
  26. */
  27. public function login(AuthenticationUtils $authenticationUtils, Request $request, TokenStorageInterface $tokenStorage, LoggerInterface $dbLogger): Response {
  28. $this->logger = $dbLogger;
  29. $token = $tokenStorage->getToken();
  30. $this->user = $this->getUser();
  31. $this->ip = $request->getClientIp();
  33. if ($token && in_array('ROLE_PREVIOUS_ADMIN', $token->getRoleNames()) && $this->user) {
  34. return $this->redirectToRoute('admin_dashboard');
  35. }
  36. if ($this->user) {
  37. $this->user->setLastLoginAt(date_create());
  38. $entityManager = $this->getDoctrine()->getManager();
  39. $entityManager->persist($this->user);
  40. $entityManager->flush();
  42. $authData = $this->valide2wayAuth($request);
  43. if ($authData === true) {
  44. $this->logger->info('valide2wayAuth', ['User' => $this->user->getEmail(), 'IP' => $this->ip, 'Success' => true]);
  45. return $this->redirectToRoute('admin_dashboard');
  46. }
  47. $this->logger->info('valide2wayAuth', ['User' => $this->user->getEmail(), 'IP' => $this->ip, 'Success' => false]);
  48. }
  49. // get the login error if there is one
  50. $error = $authenticationUtils->getLastAuthenticationError();
  51. // last username entered by the user
  52. $email = $authenticationUtils->getLastUsername();
  53. if (!empty($error)) {
  54. $this->logger->error('valide2wayAuth', ['Message' => $error->getMessage(), 'IP' => $this->ip]);
  55. }
  57. $data = [
  58. 'last_username' => $email,
  59. 'error' => (!empty($this->error) ? $this->error : $error),
  60. 'template' => 'login',
  61. 'auth' => ($authData ?? []),
  62. 'systemName' => $this->systemName,
  63. ];
  64. return $this->render('security/login.html.twig', $data);
  65. }
  67. protected function valide2wayAuth($request) {
  68. $authService = $this->getConfigValue('2wayAuthType');
  69. $authMessage = $this->getConfigValue('2wayAuthMessage');
  71. if (empty($authService) || (!empty($this->user->getAllowedIps()) && strpos($this->user->getAllowedIps(), $this->ip) !== false)) {
  72. return true;
  73. }
  74. $authCodeReceived = $request->get('authCode');
  75. $session = $this->get('session');
  76. $authCode = $session->get($authService.'Code');
  77. $data = [
  78. 'message' => $authMessage,
  79. 'code' => true,
  80. 'type' => $authService,
  81. ];
  82. if (!empty($authCode) && !empty($authCodeReceived) && $authCode != $authCodeReceived) {
  83. $this->error = 'Code set is incorrect';
  84. return $data;
  85. } elseif (!empty($authCode) && $authCode == $authCodeReceived) {
  86. $session->remove($authService.'Code');
  87. return true;
  88. }
  90. if (empty($authCode)) {
  91. $authData = explode(':', $authService);
  92. $authType = $authData[0];
  93. $provider = $authData[1];
  94. switch ($authType) {
  95. case 'sms' :
  96. $authCode = mt_rand(10000, 99999);
  97. /** @var Sender $sender */
  98. $sender = $this->get('sender');
  99. $sendData = [
  100. 'login' => $this->getConfigValue('smsApiLogin'),
  101. 'apiKey' => $this->getConfigValue('smsApiKey'),
  102. 'apiHost' => $this->getConfigValue('smsApiHost'),
  103. 'phone' => trim($this->getUser()->getAdminPhone(), '+'),
  104. 'sender' => $this->getConfigValue('smsSender'),
  105. 'provider' => $provider,
  106. 'text' => 'Login confirm code: '.$authCode,
  107. ];
  108. $session->set($authService.'Code', $authCode);
  109. try {
  110. $sender->sendSms($sendData);
  111. } catch (MessageSendingResultException $e) {
  112. $this->error = $e->getMessage();
  113. $this->logger->error('sendSms', ['Message' => $this->error, 'IP' => $this->ip]);
  114. return true;
  115. }
  116. break;
  117. }
  118. }
  119. return $data;
  120. }
  122. /**
  123. * @Route("/logout", name="app_logout")
  124. */
  125. public function logout() {
  126. throw new \Exception('This method can be blank - it will be intercepted by the logout key on your firewall');
  128. }
  130. public function forgot(Request $request) {
  131. $this->initialize($request);
  132. $success = '';
  133. $error = '';
  135. $email = $request->get('restore_email');
  137. if (!empty($email)) {
  138. $entityManager = $this->getDoctrine()->getManager();
  139. $repo = $this->getDoctrine()->getRepository(User::class);
  140. $user = $repo->findOneBy(['email' => $email, 'enabled' => 1]);
  141. if (empty($user)) {
  142. $error = 'No such email on the platform';
  144. } else {
  145. $helper = $this->get('helper');
  146. $sender = $this->get('sender');
  147. $user->setPasswRestoreKey($helper->getRandomString(50));
  148. $user->setPasswRestoreKeyValidTil(date_create('+ 3 days'));
  149. $entityManager->persist($user);
  150. $entityManager->flush();
  152. $data = [
  153. 'from' => $this->mailSender,
  154. 'to' => $user->getEmail(),
  155. 'toName' => $user->getEmail(),
  156. 'subject' => 'corpHedge platform password restore',
  157. 'content' => '
  158. Hello,<br>
  159. <br>
  160. CorpHedge Platform has received a request to restore your password from IP: '.$request->getClientIp().'. <br>
  161. <a href="'.$request->getSchemeAndHttpHost().'/restore?key='.$user->getPasswRestoreKey().'"> Click here to set your new password</a><br>
  162. <br>
  163. If you did not initiate this request, please disregard this email and notify CorpHedge administration.<br>
  164. <br>
  165. Best regards,<br>
  166. <br>
  167. CorpHedge platform team<br>
  168. <img src="'.$request->getSchemeAndHttpHost().'/assets/img/logo_email.png">
  169. ',
  170. ];
  171. if ($sender->sendEmail($data)) {
  172. $success = 'We have sent an email to '.$email.'. Please check your inbox and follow the instructions';
  173. } else {
  174. $error = 'Some error ';
  175. }
  176. }
  177. }
  178. $data = [
  179. 'last_username' => $email,
  180. 'success' => $success,
  181. 'error' => $error,
  182. 'template' => 'forgot',
  183. ];
  184. return $this->render('security/login.html.twig', $data);
  186. }
  189. public function restore(Request $request) {
  190. $this->initialize($request);
  191. $success = '';
  192. $error = '';
  194. $key = $request->get('key');
  195. $passw1 = $request->get('password1');
  196. $passw2 = $request->get('password2');
  197. $email = '';
  199. if (!empty($key)) {
  200. /** @var User $user */
  201. $user = $this->getDoctrine()->getRepository(User::class)->findOneBy(['passwRestoreKey' => $key]);
  202. if (empty($user)) {
  203. $error = 'This restore key is invalid or expired';
  204. } else {
  205. $email = $user->getEmail();
  206. }
  207. if (!empty($passw1)) {
  208. if (empty($user)) {
  209. $error = 'User not found';
  210. } elseif ($user->getPasswRestoreKeyValidTil() < date_create()) {
  211. $error = 'Password restore period is expired. Make a new request';
  212. } elseif (!empty($passw1) && $passw1 !== $passw2) {
  213. $error = 'The repeated password is not the same';
  214. } elseif (!$this->passwordSecure($passw1, $user)) {
  215. $error = 'Password is not secure. Please ensure that it:
  216. <li> Contains at least 8 characters </li>
  217. <li>Requires uppercase and lowercase letters</li>
  218. <li>Contains at least one number</li>
  219. <li>Cannot match previous passwords.</li> ';
  221. } elseif (!empty($user->getPasswChanged()) && date_create($user->getPasswChanged()->format('Y-m-d H:i:s').' +1 hour') > date_create()) {
  222. if ((int)$user->getPasswChangeCount() > (int)$this->getConfigValue('maxPasswordChangesInHour')) {
  223. $error = 'Too much changes in one hour. Try it later';
  224. }
  225. }
  227. if (empty($error)) {
  228. $entityManager = $this->getDoctrine()->getManager();
  229. $userController = new UserController();
  230. $userController->encodePassword($user, $passw1);
  231. $user->setPassword($userController->encodePassword($user, $passw1));
  232. $user->setPasswRestoreKey(null);
  233. $user->setPasswRestoreKeyValidTil(null);
  234. if (!empty($user->getPasswChanged()) && date_create($user->getPasswChanged()->getTimestamp().' +1 hour') > date_create()) {
  235. $user->setPasswChangeCount($user->getPasswChangeCount() + 1);
  236. }
  237. $user->setPasswChanged(date_create());
  238. $user->setLastLoginAt(date_create());
  239. $entityManager->persist($user);
  240. $entityManager->flush();
  242. $sender = $this->get('sender');
  243. $data = [
  244. 'from' => $this->mailSender,
  245. 'to' => $user->getEmail(),
  246. 'toName' => $user->getUsername(),
  247. 'subject' => 'corpHedge platform password restore',
  248. 'content' => '
  249. <a href="https://www.corphedge.com/" target="_blank"> <img
  250. moz-do-not-send="false"
  251. src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAARAAAABQCAYAAADRJSrNAAAACXBIWXMAAA7EAAAOxAGVKw4bAAAfT0lEQVR42u2de5RdVZ3nP9+TmzKplc4kmaxMhpXJMDSdYTGBPOqcewtEHiIJj/AQBUUegUYeJtAMg4CINAsVBVtHRkhpA75QQF6iUBBCgqBjY917ToVUjEgzdJrFyrBcrHRIp9OZpKic3/xxzr333Fv3VVA2BvbXFetWce4+5+zHd/9+3/3bvy0zw8HBweHtwHNV4ODg4AjEwcHBEYiDg4MjkLeFYLE/qeD73a5ZHBwcgYwJ+Z6gy/N0P+ihgh9Mck3j4OAIpCMU/GCSxENCpwmdCDgScXDYB6B3exk3JYqHEMtq/oPxGGZnFAejYddMDg6OQBqRRzfwkKQTE84A1ZCI/SzGPlGKHIk4ODgXZjR5PAqciFXNjip3GEinSbo36PG7XFM5ODgCAeCwfGEK8HNgSYU4zJClxFGxigyhj0/wvB/5ixblXHM5OLzPXRh/0eKpuVzu58DRdHrrxK+5z8yWF6NwxDWbg8P7kEDyPf5Uz/MeN7Mja8SOivihGjem8nv1Tz8GXVCMSo5EHBzeTwRS6PGnIT0h6fCsWNrJ5yzM7AdgFxWjyJGIg8O7jH8TDaTQE0xDWg0cXvVIrGpjmGFmlb8bVmegWHK1GULng+7KB4ELw3dweK9bIAU/mAGsAfyxWB0GKOPR2GgH526MzxQHnSbi4PCetEDK5CHkCyUUIKH0J2Q+J78/ifRa5Zr66wBJyT/0acSq/MKFzhJxcHivEUjBD2YCzyB8k2ECU+KM1Pwsfzb7iWEfNTjGzF6p/D17nVTzN9DFyk1cFSzqcSTi4PBeIZCCH8wC1kpaqIz1ULYkGvzvHoNzS1E4XAxLm4GjMDaNvq6uBIGkS73chP817y/mORJxcNjXCaTgB7MlPSNpIVQFUqwqjJqVrY5Ey9izZ88FpUx8RzEKXweOAaL0C6NCRioBZ0m5l82YNu0brjkdHPZhAin4wX6SnjGz+ZnBXV1RMaOy+pIsq/SZ2SUvbByK68sqRuFWMzvOzH6NhFIiskwZpJ/MLAZ+75rTweHfFuO2ClPwgzmS1hocBKNDwio3LP/d7LYRi68aHByMW5Wb94MpHnrIxPENl2zMRoCLilH4A9ecDg77IIEU/GCu0FqwedmxXfksaqNNzW6Jza4vDUZxR+UHwSSM+yWdVrvhjhHggmIU/tg1pYPDPkggBT+YCzwj6cD66NFs7Eby0xD64kBYurFRWW+etGJGHO/e/u9Xfy9ucJ8u0HclzknZY9gS8rjPNaODwz6ogRT8YH/gWUkHZmmjupm2GgWWiJ5c15Q8lq2YK1H0cpO/8fIx53oNNJHhXbt2LQe+g9mIwbmtyGPBmlXnLVzb9zeuiR0c/gQtkIIfHAA8I9i/xtJoLH7EBtcWo/DrTchj/7SsA5IC+Lqka//dY3eMskR6e3zPpEOLUbihBXl8Gvg2kAO+Blw3tHRl7JrbwWF8kXub5HEg8AxoriljbJQ/q8aVic3symIUfqsJeRyQukD7Z/782TiOh4Hr668fSHSTpuSx8OlvrwBuF0qsGHGNmQ0DN7jmdnB4l12Y3iA/D3gWmCsMWfov/UzmJzBiZp9pQR4HAs8i9k8iPcrb5gzE599ctuKmsTzbgjV9/x3sdsArR6+m+MKCNatucs3t4PAuujCFIH+QYK3BnKynkl1xqUohNiJ04UBUuqdRWf908sp5E2AtMLfZ/dJnu2F6f9+X25PHqmskvkrZ8hhdGAY3DC1d+eU/ZoX2LFrsTfC8KZJmCjyD7SN7924bfGH923ahCn4wFZgDTAF2Aq8Vo3Cn677vL+R7eqZIE2YJcobteGtkZOv6DS+M7BMEUvCDgyWtNbP9EJXw9PI2/MSDURIhZgwbLC9G4U+aWB4HpTEjc1S+v6qb/FW7EBybcdT0/r5ftyCPvwbdBIaklHiUlKPqcyKB2dlDS1eO+8pNsNif43n6DHA6cKCkHKlNhfEHYAB4aO/evT+NXli/uz1ZB5MwzgcuABYKujLvMgysB77/1shb96zfsGF3+86X9yRbDZqaRPGlwXlJPY+AbQdeS7Wo/oEo7CiRda+f/65hByf1DihNTQnDwBvAi8DqHf+ys/T7v/993KaPXSPpo+mvlwyEpY1t6mi20KNJF7JfF6Pw6hZlP4CYm3QJpbFIaZfIfs50RzNuLEalpxuU9XFJV43+no0A29P3/h3wHGYbih2GKzRuN3+epIuAE4F5QK76/LY9deefiGO7L1wfvd68nSopNSrtROX5VU2XUVc3YGcMhOGWd6SBFPxgPmItZrPLN83m7KgOdwPTsGFnF6Pw4SbkcTBlIspaMZlwdau1Z65rQx5fBT5X+VYmn2q5UjIx9Ovk6bHxJI5CkPcwu3TCBO9WzKZkLZ6ydWYwW3CawWm5XG5LwQ8uL0bhz1rU92LgfiUdplob1cjeLqAXqbdrYteVBT84q5WonHFXfWEzKj0kJeva5XatMOylgh8sL0Zhqd37GzZfkK9MJFZrlaaj8a+n/tmUXxX84MJiFL7Sorj/gllv+p0pHVT/JMx6lehub7S5diGW1me5bVT2lhuZ0CCY2aSs2ZXnpK6M+mKkTQU/+BLwcDEK4zEQR7ekmz3PW4FZV701nT76NMHRBkdPmODdXPCDB4HPNLJOTXQp88wZ/qirj2wuHoEx6R2JqAU/WAiswTTLVMfatewBsNvMzmo2ON5ctmI+aK1gdrJVf1SDVce7iM3squn9fbc1KuvQp1d5Mm6V9NmaVlPTjv4U8LENx63YNa4mHNxq5WdIrJ9NwAPApmRmZzZwjMEpSFMscUWWAj9rUt95YC3S1JQQtwA/AH4DbLOkUx8GnI+xH3CQ4NneIFg6ELYb8CozxU7gyQzNdhnsD8w3kRM6yMzWFvzgqHbEVJmxIMb4qSBOy+wGDkSaB3iSjgT+ruAHHypG4cstCmyaja5hu2ZNiM7efcRgHRCbZTtw7c/0v73e8r5JA0WGNqf3z5G0zzxJs9NL5xs8IHiw4AcXFKOwbf87LF+Y4nneEwZHpveKMXsaeAJ4Nb1sP+AwgxORZhl0STqHZLFgZ4MBkERhJYNsq6FSdaJNo7SsZiSC4QG73jaBpDPhmoSJa3KTVhhM1bSlu4CPFaPwqSbkcSjSWrBZVvdio00ZxWZ2+fT+vr6G5LH6Dk+evinpryp2S1aUqZhllVmxHzhjaOnK3eNJHgU/OF/SZ1N9ZRjp6j3Dw30bNg7V+6V3F/xgJmbXS7rMWmkd0gPCpiYbDvlJbHZROBjVd4j+gu/fKukusDOBaaCHCkFwSDEMd7SyF9L/f6MYhZ9ocP8DZPZD4AiJqWbcDnyojQVS9ohipOUDYWnXKOsV/hZxODBL6PvAB1uVqA7ooNrVLWtU0L5c7TTj1NJg6R2dNaR0pjO4qxiV7qx7Z8/MFgKXJ4PacpjORJpymB+c+psWicEXzD/Emzxp0g8RR6YZcLaQTMqNrPA7834wSWbnATeYEm2yOTdXKml9MSqdNB5jwGsxOHxgjaSZlYQ/Usq86U+JZP2FncDJLchjIbBWSQdKt+LX/Uw/YxoxuKgZeSxYsyonT6sk/RXUb+/PlFNWQYzHwJqSR28QfHjuf5o75tWoQk8wU9I3LJ2FgUuKYelbDcgDSDYHFqPwSjM7NfWTG83mVwv2J3mHdcC5DcgjLS/agTgbtC5l3bkyrm07C9ekVxj1jJtjs48h7UyegSMKfrBf6xKrSZ+swbAvRuEm4CSD11Mr4PC0b7V8xo4YxMqWhTowWTQGu6YTBlFd4s2ad46LUbi+GIUXmNlxGFvTS0806XOtip08efLpSKenz7rVzI5pQh4AlKJwdzEK7wQWYDzW7B0TRXCc66AZgaRm9JqKD2jZ6NIqm6dLtjuAE4pR+Ism5LEYWAuaVTZiyqajYTVTh5mNgF0w/fFV32tU1qJf3p0D7pJ0aaPt/Va37d/MfmpmZwwtvWx3k/f8PGjtf5w9+9bCGHOsSroYmKEkGdJjnW7mK0bhk3EcX9/gWbrN7NK0PkbM7PJ2R1gMlEojcRxfnoqgIF3cs3BRd3sLpPnoLA1Gb5jZQLKbGoAD2o5js6qI3vidt2NkNbF8B/Xbkf/YofnRqBreGaxshatdez8HfAwYSZ/zut6gJSnfkJE6rmijGWXvs83go2b2WmOXK0N3+iMSSMEPDk/JY0ZZYKkYvuX4jnJoOtpu0gnNGPLNk1fkU8tjZjbGQ2V/q0IohhnDwNnT+/sabow75Kk7uuLde34o6fxyLhCr2eJfrfXkP9vDwFkbj79suLHlkf8ScLOZeZh9FuPmMfUf2bkZv3FMuUjC9Q13IH+4TNhm9otiFL7USVmlweglM/tF+s4zc7nc0W1GeyfF7spcFbdzYSqfWhf9j1Tbakar57NqGm06Ja9ORnx9Koh3yiCd3rkYhb8C0n5t3ZasrjUSThcDh6bP+NLuPbsfHMsTlRLLJ27sclHJn4P9kQikN8gfAayWNK1sGpZdlvrPkraZ2XHFsPR8o4K3n7yyF2ON0IxsXlNVv5/9txvsrOn9fQ0rbMFTd3R50v2SPlWenWrcllG/8xNhZw8tXTmKPIIe3yv4wa3AF7I5V4HPpWp5W/QsXDRHaF76vT+YeH4c2uIoq9Qxq8f43dXVd+Go1kJicxcmM/vPzVgAm1trAdUy2xgN062S+7axC1cV1do/Y62l0uGUWum/4+PCoM4LMrO/VdXtObXJuyyx1Koxs4eHfvvbcYvxsFT4tfF6/3oRtRAERwo9DkytTfqTapvZUHXjDWBpM4V+27IVh0t6AjGtstyrhpnVwbTbsDNm9Pf1N9E8JiHdL3GaZZdk1cicFYL74r22fOMJl42q/MD3PU/6G0n/o+KG1bLxFwp+8FYxCr/YstJyuYPMzEv7T1QKxyUz/EHlIy5oEarfpHNu8Lxy/EuSj6W1C6NWwvB8SfNT2yIqRuEf2lhiad9Q04nt8CDvAR9RGosTm61vK3YalxT8oJ3QN60mbT/t1BrDYJLElwp+0K7NhopR+GB7S06dNtJ6gx0SUw0OXbRgQdcLQ0P1E9yCzBrUb8ZVrFCN4HxgwQ86sbgfL0bhQFsCKfjBQUJPmJhSmXnUuPspWdpamopjjTSPIzzpiYSIRCO3K5PacCfYR2f0961rQh7dwEOSTqxMIK1nhXuG2XXhiydcNdJgYHgeul1iRSXMTA2PlLip4AdxMQpbRazOqc7Qtnmcmnh2eUbdu3fvljHqMVvK37VyrE5r2bMZecwR3Jv0C8VgN3YyLFHrobTX7GJJh6e/vrxt+5sDrUpMJ+HzGkU7N5NC2rsTaauLScA1beURs/uAB1tZIBqD/FIcjIYLfvAaaL7EpK6JXbOA+naek+nkr40vf9Q00gGCz9f1+0YT0/8lCYBsY4EYL5vsQYy/tEpHpBrJWRHJ2GJwXDP//M1lK45EpFZMbetXDo5K1+0N2wmcPL2/77lGZc1/YtWU3EQ9avAR0pmrHE1ayS1iyixZJyfWvbhkNHn0+vkc8G3Bp6l7L2qYqTKb/tdFhy70Xti4IW7SyaaUZ1ParJOPAZPKpXueN6Yy9+7duyuXy5UHUdsALMOmFvzgsrTuvGQm578hHW9mUzFisOuKUfhkpzpEsoKG1xvkvV27d3uTP/CBacDBwLmgv0ytxxjjylf+4R/ittpooonFafRChSJUH6csJqmjwJFqrIPQ7qotplH0lfbU4Q5efKyK5I4MTTVqpynlIM3qtaNIfi7o4Bb093wxGr2Unx07mMWg4ewAbfImbQPfcgk7hnHBDy5KNZHzy6JkXZTaq2YcW4zCzU3I42iJx82YMmo2qIt6k7Qd46Tp/X0NtYND19wxdcJEPW6WBtJkyciyHyu/fE9w0YYlo7fs+4t7crkJE76PcY7VZEazcgesdIR0Z/E9YBc2I4+0K45kami88sqOZGazMe2S9jzPy9T5SNsFCDETuL1+ek8Xv1807OpOyYOqe5pD9s8gJn/gAyB5dY02TLKq8GQnoqzQMQNRqaW2VPCD/TH+sWMRNZXnYuM/vNM4EGvoj7eXDDJu+EjDPpBux4jjuKuJJbHMZKuyjVnRGpKZOqCcjLyRQJ1MeusGotLScRVRU/X2Ikn3SZkDnZIbbsY4pgV5fETocUxTauI7auIyKp+3j1h8QjPyWLBm1TSh1UJHVsJPykc4pOayVGOI3wlcsqFBvo9Cj981YYJ3L3BO/bPUCKiqWDI/QFxYbK9pbM2IkTPGiUB2qCIKMm2Mgt4MVdf4t7WZ20ksDN4gCf9+AyNOYmZsxJL8sk+O7dErwpSH4SF5srTdjBGMp4APFqPwO52Z2hUy70hE7UxwzRxWNg6rEBqL/lHFrOR5ic2sUej9tswBarPavouqR51UR4Sa15M0zlEgdTNdMQpHFsw/ZPnkyZNzgjNTk+8l4LiBqPGGmjeXrVgCPGqy7nbdy5LOesLM/m+vb0IeyTGYwrdMRKLq2jyTuKjPiC/fuPTy0YmH/GAS0r2C02tiTap6a02hBneDXVIMO9r49GrmfN+Dx6ktXkV2ZPpMBwIbx9CZD8xsany12fyr6mu/WgzDP6/UVZC/BrgVyEk8VPCDQjEKO9JhEoE9cU8MrhUMY8KwXRhbzGx9aTB6o/NqsM4Hp+rN27a21/itwlDZNNgRFi9cNLNr4sQ56Zh6rTQY7WjYB6olHgyNVvfsYVkShl6e/8zsKolPtrO/xps8GprKQ5t+O+IvXnxuzsvlLNnMtTQ9p6UReZyYipzdDRmjxjy2Pxgsnd7f13BgLHjy9llM8FZLWlwjemV91Yyza2Z3YHbFxuMvb5Q/dRLwgKRT6p9HjSZks+8YtrIUdbZr0sxeBHZJ6pZscd73Z5SiaNs7bIsQ03mpMvch4Kdj+O4HK2Km2WA76VSjXaCvx3HcI3QmsJ+kR3oWLDpqcOiF3R2N4cRqigV9A1HpHWpCepvX2ziX29b06ZC4EkzM5U40s1xiYdq6pn0AXZwWfCxwd/0FA1GYWI21/X1ru/cT9RvYxgcN/fdo/fphs/gs4KgW5HEK8IhEd83+2drI0vK/LQbHNiOPQ9es2k+5Cc9IWlwOLMtWSCW1auUsKbttz8jIFUPHX9ZA81g8RdLPkU6pNTGqu3XrolXviC3umDwASoPRLiAVfzXJk84bh7ZYZ4nICHB6sLinq5MvHTr/kC5JZ6Ymf2zJpqt2aww1eL44EBt2IbAxraf8xK6JdxWCXq9DQh3nbjl2a2BM/GDjdteOkPeDLuDqjDD5/SaXPgVW7oenFPz8fuP1VJV+P87R7E07SHEwGi5GYcNZ9Z+WrTiNZMfppMygJhuqbhXxVa+Bjpne3/diE7dljsQzZsy3SpScMmRR/T3RZvj6yN74qpdOumLUgM/3+FNyE3KPm9mSsuKerbj63CdmfMuwK8I2Z9M0wV3VwaPrDgvyszr5UsEPcgU/6B1V31H4EmbPmwxJcydMmHBxJ+V1T558MTAnjYx8vjQYvdzJYB91/zDcCXwMaVsar3mOiD/b6eAdLxN5LFGo5RWLMUeijsODdppHJ9/je4JvJrE1YGZPF6Owof5XjMItiKfSkruFfXUsz9PJhkIbZ5Yf8wrCtmWf+fgE6QGhSaqPKIXsmbUAm2PpmOn9q15pQh77A88KHZT5TkXTlGo/G9wytGTF1b87saHbMk3SaoOjswJwNV4jIwwnVfk/Y+Irx2J5ZDE8PPwYUEoDqGYZPNIb5Ke1mYlmA48Dy5sIXTeB4rSNby34wZFtyOiIVLtAKBa6sa2Q2CKYZiAqvQKcK7OR9Kqv9gb5E9u6BtZ55GjnYmfnV3caEVoR0MdDRFX7ctKTGh+QtCINj9iGWNnmfW7AGE47/3m9fnBNx2KyWouonW06fIcaSCu8uWzFmZ68HxnW1fBBarfUvwIcO+OxOxoGxCx4etUBwDNQzodaZ4SptjihL//rv4zc2KShZpDkSuhV2QyqWbJNy6ior3xt+/Z/vu7v/8/LbztT1Asbh+JeP3+BxN+BTQOOMKNY8IPrYoufDAcHd5dnIGB/Scs96TJLEvo0XI0YCEvreoP8ncClZtYNrC74wZfM7DulwWh7dVYLpkpcnBCOdaeq8ncGwtIvOjFvW/X7gbD0ZK+fvxG4GcwD3dsb5D84EJZebCrOqVb+fGf0YRmVvDMRVUYHqzaV3pSTp8W9fr5t9LDB5mJU2tZkyi+HEs0sBPkD030+XZJmpiL4scBpgu405cEOS9JdtAw8/E1YWl/w8zfKUutDurU3yBfM7Ka3Rt7atH5DNbyg4PseaBawf03irFYialK9U3v9vN+h3bapGIW7x4VASPZZdLWcIRIh78VUMN3S4skuqmZib6GQJzbXjRuWrGgYXt4b5GeS7N/xm+lmtbsQ7SsDYXj9eLDvQFR6sTfIn2TGo5JmScwDHvHwthf84BVgRNJ+kuaUrb00oHq4RfVdYTBN0idJkvJ8VeiGgh9sIlminSExvypcC8N+bGZXdio4thtr27Zvu2XG9Bk9oNNJlpQfzff4h5UGRwvF478wOIZZ0jLmake2uRA2BTUIE28w6Qg7G7ivlYgqcTNwM2ph3SVh7BcUo7CjlbViVLql4AeThb6Q9pvTBadPzE18teAHm0mC3KaB9iOJis54Eha3bPlkLaIXEda8d/P6+AvglfFyYS43s+9ZjSBpNYIpsDEVTLe0acsbSDJtVbWOjHaSKe+GoaUrv9jE8pidWDHyK95zJuqs1k81zOyL40UemRn7eTNbZGb3JA1rIKYBvlCvxFwzPEsadr2ZLY/Nrm4xAw3vGR4+28wuMXg9XSftBuUlHS8pj+hO32+LmV1k0vJSuxym6swCAXj5lVfiOI4vwNiU1KnN8zzv3kIQ5JrNbuO7zmEdc01FdFMnZWbS6Vmze2ZTV6htcQ0mu7KYvcPMnjKzT+zZs6fQKXlk9JAbDTvWzAaAOI072h/pwxLHS/RKmivkmbHDzO4xs8Owxvuosuk4TNn6oGV9tKvWMVkg0/v74jeXrbgkTRh8XlbISv2s9cNmJ8zq72u77j+0ZOXIQXf/9UWT5s7Ogc6pacJqQ1w/tHTlV5r5l8BaMzu4poJUThVQFffSgm9st0nu7aI0GL0OLC/4wbXAEmARYnaSKoBtYL/FWDcQlV7uyD0a2hADdxZ6/HtMWoLxIbADzOgmCZ3fbNgvDVtXiqLdHY7JGOksS9p8dwfvtKPg508AHZoJI58GbK0T764CpqbGwDvN+LbKjMfTafKlDt7pDZOdhAkaB2Zl2eYSM+sevRnTGi5NJG60NdvU2G+wuaaMpI+NkOTHeQPYUuwwMXULEnkOOCzN6vYR4BCMmZbkxN0B9jLwS5Lw9XbL59vNOBlZTDm5UP3m1Jpds0oMDOn1lrX6dk6mG/rIebn/PPnPfgh8KtORSsAJ0/v7xhQPseCpO3J43o8En6yNCbJrh5au/FoT8phLkjd0XnPTNjPhmF1fjMKv4ODgMK54W/s4Fqy7Z+StPW9dAPZw6ho8T6J5bGsmchb84FMNyej4y0aIR5ab2cNpwqEY7OoW5HEA8KzEPKVJjso/q1nLq4ddmdl1jjwcHP44eNtn4wJsPenSrpy8z5lx2/Qn+prtHkzD0+WTDOZbGl136Jo7uoR3P9j/Hlq68rYmZR0o6RlaHEaVQWxmTc/jdXBweJcJpB0KfjAzIQ8WVxNC65Z//X+7rv/t7zaNUovn93/T27TsyrhJWQcJrUXMqZHu6jKwp75bbGZXFaPwNtfEDg77IIEUgmAWxhpgYc0Nk7wefWCXFzsM4kpEJK2FNFlOo23UFc1DsWFXFMPwDte8Dg5/ghpIO+R7/NlCayUtzB4JUV1g1wrQdw8r9HZysNVi4BmUHEalbJqBbI7W1PIALnfk4eCwj1og+Z5glufxLHDwqCCV9PfyvhYzexjj3OJg2OzYhTywWuWcG/UHiJHZ7m+MkBzrd7drVgeHfdQCkcd2M16pzXhem8An3dKMpI9LPNLrB90NyONwSWukNKu7GiUBUjn9YkySCMeRh4PDvq6B5HuCLomHJJ1imdxv5dwRZnUHc0vPmdmp5VyOBT84UlImt2qSiq3GmKnuRRghCRP+sWtOB4f3AIGkJDAJeAixrMIUjdyQqjtSAk4iEV0fBabUpg5T7dHv5cg/WF6MwvtcUzo4vIcIJEMij5Aey1AZ+ykfjD4jxl5ON551W82mpkxi5erfhs1seTEKf+Ka0cHhPUggGRJ5VHB85mCqck7T2hT9MMroGGW9JB9GzOzslgf/ODg47PsEkpJIt6RHzWyJOj0OsPmRG8MpeTzsms/B4X1AIADBop7uCbkJjwMfHsUT5YOjMgf9VA4rSq8yExLDZvaJYhT+zDWdg8P7iEAgyVmarq4cPUoAqT/HcPTBPbuBM4pR2O+azcHhfUggqTszBXgC6chG3JE1TVQ9dmFXSh5PuiZzcHgfE0hCIv5U0BMSR1T8mEaWR7Jyuwv4aDEKn3bN5eDgCKRsiUwlyWV6eMMLqgdwn1qMwl+4pnJw+NOD927dOI06PcnMBkYfTGQAO4GTHXk4ODgLpJUlUjkPt8wdknaY2cnFKPyVayIHB0cgHZKI/OT8DDupGIW/ds3j4OBcmE7cmW3ACYLnDDvBkYeDg7NAxoyZM2d6W7dujV2zODg4AnFwcHAujIODg4MjEAcHB0cgDg4OjkAcHBwcgTg4OLx/8f8BPK4QD/lq3VoAAAAASUVORK5CYII="
  252. alt="" width="200"></a><br><br>
  253. Dear User,<br>
  254. <br>
  255. We would like to inform you that the password for the account '.$user->getEmail().' has been successfully changed.
  256. <br>
  257. Please log in to the platform using your new password.
  258. <br>
  259. <br>
  260. Best regards,<br>
  261. <br>
  262. CorpHedge support team
  263. ',
  264. ];
  265. $sender->sendEmail($data);
  266. $success = 'Password was changed successfully.';
  267. }
  268. }
  269. }
  270. $data = [
  271. 'last_username' => $email,
  272. 'success' => $success,
  273. 'error' => $error,
  274. 'passw1' => $passw1,
  275. 'passw2' => $passw2,
  276. 'template' => 'restore',
  277. ];
  278. return $this->render('security/login.html.twig', $data);
  279. }
  281. protected function passwordSecure($password, $user) {
  282. $userController = new UserController();
  283. $passwordEncoded = $userController->encodePassword($user, $password);
  285. if (!empty(trim($password, 'a..z'))
  286. && !empty(trim($password, 'A..Z'))
  287. && strlen($password) >= 8
  288. && !empty(trim($password, '1..9'))
  289. && $passwordEncoded !== $user->getPassword()) {
  290. return true;
  291. }
  292. return false;
  293. }
  294. }