src/Controller/Website/Mybiz/Member/MemberApiController.php line 401

Open in your IDE?
  1. <?php
  3. namespace App\Controller\Website\Mybiz\Member;
  5. use App\Constants\AppConstant;
  6. use App\Dto\Api\Member\MemberInformationsDto;
  7. use App\Dto\Api\Member\MemberLoginDto;
  8. use App\Dto\Api\User\UserJwtTokenDto;
  9. use App\Dto\Authorization\AuthorizationHeaderDto;
  10. use App\Dto\Member\MemberChangePasswordDto;
  11. use App\Dto\Member\MemberCreatorDto;
  12. use App\Dto\Member\MemberPersonalInformationDto;
  13. use App\Entity\Member;
  14. use App\Entity\Space;
  15. use App\Entity\User;
  16. use App\EventListener\Api\TokenInterceptor\MybizTokenAuthenticatorInterface;
  17. use App\Exception\Country\CountryNotFoundException;
  18. use App\Exception\Member\MemberNotFoundException;
  19. use App\Exception\User\UserAlreadyExistsExcecption;
  20. use App\Repository\MemberRepository;
  21. use App\Repository\SpaceRepository;
  22. use App\Repository\UserRepository;
  23. use App\Service\Api\ApiRequestContentParser;
  24. use App\Service\Api\Mobile\Login\MemberLoginResponseDtoProvider;
  25. use App\Service\Authorization\MybizRequestAuthorizationChecker;
  26. use App\Service\Authorization\MybizRequestJwtChecker;
  27. use App\Service\Log\LogAdder;
  28. use App\Service\Log\WebhookLogAdder;
  29. use App\Service\Member\API\MemberResponseProvider;
  30. use App\Service\Member\Jwt\UserJwtManager;
  31. use App\Service\Member\MemberInformation\MemberInformationProvider;
  32. use App\Service\Member\MemberPasswordUpdater;
  33. use App\Service\Member\MemberUpdater;
  34. use App\Service\Member\Subscription\MemberSignupCreator;
  35. use App\Service\Notification\NotificationContentProvider;
  36. use App\Service\Notification\NotificationSaver;
  37. use App\Traits\JsonRequestTrait;
  38. use Doctrine\ORM\EntityManagerInterface;
  39. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  40. use Symfony\Component\HttpFoundation\JsonResponse;
  41. use Symfony\Component\HttpFoundation\Request;
  42. use Symfony\Component\HttpFoundation\Response;
  43. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  44. use Symfony\Component\Routing\Annotation\Route;
  45. use Symfony\Contracts\Translation\TranslatorInterface;
  47. class MemberApiController extends AbstractController implements MybizTokenAuthenticatorInterface
  48. {
  49.     use JsonRequestTrait;
  51.     /**
  52.      * Création d'un membre
  53.      *
  54.      * Création d'un member depuis l'API.
  55.      *
  56.      * @Route("/v1/member/create", name="api_member_create", methods={"POST"})
  57.      */
  58.     public function createMember(
  59.         Request                          $request,
  60.         TranslatorInterface              $translator,
  61.         WebhookLogAdder                  $webhookLogAdder,
  62.         MybizRequestAuthorizationChecker $mybizRequestAuthorizationChecker,
  63.         ApiRequestContentParser          $apiRequestContentParser,
  64.         MemberSignupCreator              $memberSignupCreator,
  65.         LogAdder                         $logAdder,
  66.         NotificationContentProvider      $notificationContentProvider,
  67.         NotificationSaver                $notificationSaver,
  69.         SpaceRepository                  $spaceRepository
  70.     ): JsonResponse
  71.     {
  72.         try {
  73.             $preferredLanguage $request->headers->get("accept-language");
  74.             if (null === $preferredLanguage || false === in_array($preferredLanguageAppConstant::LOCALEStrue)) {
  75.                 $preferredLanguage AppConstant::DEFAULT_LOCALE;
  76.             }
  77.             /** @var MemberCreatorDto|null $memberCreatorDto */
  78.             $memberCreatorDto $apiRequestContentParser->parseRequestContentForMember(
  79.                 $this->getJsonFromContent($request),
  80.                 $preferredLanguage
  81.             );
  82.         } catch (\JsonException|MemberNotFoundException $e) {
  83.             return $mybizRequestAuthorizationChecker->getParseErrorMessage($e);
  84.         }
  86.         $webhookLogAdder->add(
  87.             Space::SPACE_LUUME,
  88.             null,
  89.             null,
  90.             "Inscription du membre {$memberCreatorDto->getEmail()} depuis le endpoint d'API",
  91.             $memberCreatorDto->toArray()
  92.         );
  94.         $firstSubscriptionSpace $spaceRepository->findOneBy(["name" => Space::SPACE_LUUME]);
  96.         if (null === $firstSubscriptionSpace) {
  97.             return $mybizRequestAuthorizationChecker->getDefaultErrorMessage(new \RuntimeException("firstSubscriptionSpace not found"));
  98.         }
  100.         try {
  101.             $member $memberSignupCreator->createMember(
  102.                 $request,
  103.                 $memberCreatorDto,
  104.                 $firstSubscriptionSpace
  105.             );
  107.             $memberSponsor $member->getSponsor();
  108.             $sponsorId null !== $memberSponsor $memberSponsor->getId() : null;
  109.             $sponsorName null !== $memberSponsor $memberSponsor->getFullname() : null;
  111.             if ($member->isOfferedSponsor()) {
  112.                 $notification $notificationContentProvider->provide(
  113.                     NotificationContentProvider::NOTIFICATION_OFFERED_SPONSOR,
  114.                     // On spécifie le membre et non le sponsor pour passer dans le mail des informations du membre
  115.                     // ensuite récupérer le sponsor en faisant $member->getSponsor().
  116.                     $member
  117.                 );
  118.                 // On envoie aussi un mail
  119.                 $notification->setHasToSentByMail(true);
  120.                 $notification->setIcon("lni lni-box-gift-1");
  121.                 $notificationSaver->save($notificationtrue);
  123.                 // Si on a offert le membre à un sponsor on ne renvoie pas l'information à Luume
  124.                 $sponsorId null;
  125.                 $sponsorName null;
  126.             }
  128.             /** @var User|null $user */
  129.             $user $member->getUser();
  131.             $logAdder->add(
  132.                 LogAdder::LOG_TYPE_MEMBER_CREATION,
  133.                 null,
  134.                 $member->getId(),
  135.                 $user->getId(),
  136.                 LogAdder::STATUS_OK,
  137.                 "Création du membre {$member->getId()} depuis {$request->headers->get("App-Provider")} - {$request->headers->get("App-Version")}",
  138.             );
  140.             return $this->json([
  141.                 "memberId" => $member->getId(),
  142.                 "sponsorId" => $sponsorId,
  143.                 "sponsorName" => $sponsorName
  144.             ], Response::HTTP_OK);
  145.         } catch (UserAlreadyExistsExcecption $e) {
  146.             return $this->json([
  147.                 "error" => $translator->trans("validator.user.email_already_exists", ["%email%" => $memberCreatorDto->getEmail()], "validator"$request->headers->get("App-Language"))
  148.             ], Response::HTTP_CONFLICT);
  149.         } catch (\Throwable $e) {
  150.             return $mybizRequestAuthorizationChecker->getDefaultErrorMessage($e);
  151.         }
  152.     }
  154.     /**
  155.      * Tentative de connexion d'un membre par login mot de passe
  156.      *
  157.      * tentative de connexion d'un membre depuis l'API
  158.      *
  159.      * @Route("/v1/member/login", name="api_member_login", methods={"POST"})
  160.      */
  161.     public function login(
  162.         Request                          $request,
  163.         EntityManagerInterface           $em,
  164.         TranslatorInterface              $translator,
  166.         ApiRequestContentParser          $apiRequestContentParser,
  167.         UserJwtManager                   $userJwtManager,
  168.         MemberLoginResponseDtoProvider   $memberLoginResponseDtoProvider,
  169.         MemberResponseProvider           $memberResponseProvider,
  170.         MybizRequestAuthorizationChecker $mybizRequestAuthorizationChecker,
  171.         UserPasswordHasherInterface      $passwordHasher,
  172.         UserRepository                   $userRepository
  173.     ): JsonResponse
  174.     {
  175.         try {
  176.             $authorizationHeaderDto AuthorizationHeaderDto::generateFromRequest($request);
  177.         } catch (\Throwable $e) {
  178.             return $mybizRequestAuthorizationChecker->getDefaultErrorMessage($e);
  179.         }
  181.         try {
  182.             /** @var MemberLoginDto|null $memberLoginDto */
  183.             $memberLoginDto $apiRequestContentParser->parseRequestContent($requestApiRequestContentParser::MEMBER_LOGIN_PARSER);
  184.         } catch (\Throwable $e) {
  185.             return $mybizRequestAuthorizationChecker->getParseErrorMessage($e);
  186.         }
  188.         /** @var User|null $user */
  189.         $user $userRepository->findOneBy([
  190.             "email" => $memberLoginDto->getEmail()
  191.         ]);
  192.         if (null === $user) {
  193.             return $this->json([
  194.                 "error" => $translator->trans("validator.user.id_invalid", [], "validator"$authorizationHeaderDto->getLanguage())
  195.             ], Response::HTTP_FORBIDDEN);
  196.         }
  198.         if (false === $passwordHasher->isPasswordValid($user$memberLoginDto->getPassword())) {
  199.             return $this->json([
  200.                 "error" => $translator->trans("validator.user.id_invalid", [], "validator"$authorizationHeaderDto->getLanguage())
  201.             ], Response::HTTP_FORBIDDEN);
  202.         }
  204.         $member $user->getMember();
  205.         if (null === $member) {
  206.             return $this->json([
  207.                 "error" => $translator->trans("validator.user.id_invalid", [], "validator"$authorizationHeaderDto->getLanguage())
  208.             ], Response::HTTP_FORBIDDEN);
  209.         }
  211.         if (true === $member->isDeleted()) {
  212.             return $this->json([
  213.                 "error" => $translator->trans("validator.user.id_invalid", [], "validator"$authorizationHeaderDto->getLanguage())
  214.             ], Response::HTTP_FORBIDDEN);
  215.         }
  217.         // création du token JWT
  218.         $userJwtManager->create($user);
  220.         $user->setLastLoginAt(new \DateTime());
  221.         $em->flush();
  223.         return $memberResponseProvider->getMemberLoginResponse($user$member$authorizationHeaderDto$memberLoginResponseDtoProvider$translator);
  224.     }
  226.     /**
  227.      * Tentative de connexion d'un membre par login JWT TOKEN
  228.      *
  229.      * tentative de connexion d'un membre depuis l'API
  230.      *
  231.      * @Route("/v1/member/jwt-auth", name="api_member_jwt_token", methods={"POST"})
  232.      */
  233.     public function jwtTokenAuthentication(
  234.         Request                          $request,
  235.         TranslatorInterface              $translator,
  237.         MybizRequestAuthorizationChecker $mybizRequestAuthorizationChecker,
  238.         ApiRequestContentParser          $apiRequestContentParser,
  239.         UserJwtManager                   $userJwtManager,
  240.         MemberLoginResponseDtoProvider   $memberLoginResponseDtoProvider,
  241.         MemberResponseProvider           $memberResponseProvider,
  242.         MemberRepository                 $memberRepository
  243.     ): JsonResponse
  244.     {
  245.         try {
  246.             $authorizationHeaderDto AuthorizationHeaderDto::generateFromRequest($request);
  247.         } catch (\Throwable $e) {
  248.             return $mybizRequestAuthorizationChecker->getDefaultErrorMessage($e);
  249.         }
  251.         try {
  252.             /** @var UserJwtTokenDto|null $userJwtTokenDto */
  253.             $userJwtTokenDto $apiRequestContentParser->parseRequestContent($requestApiRequestContentParser::MEMBER_JWT_AUTHENTICATION_PARSER);
  254.         } catch (\Throwable $e) {
  255.             return $mybizRequestAuthorizationChecker->getParseErrorMessage($e);
  256.         }
  258.         /** @var Member|null $member */
  259.         $user $userJwtManager->getUserByJwtToken($userJwtTokenDto->getJwtToken());
  261.         if (null === $user) {
  262.             return $this->json([
  263.                 "error" => $translator->trans("validator.user.id_invalid", [], "validator"$authorizationHeaderDto->getLanguage())
  264.             ], Response::HTTP_FORBIDDEN);
  265.         }
  267.         if (false === $userJwtManager->isValidate($user)) {
  268.             return $this->json([
  269.                 "error" => $translator->trans("validator.user.id_invalid", [], "validator"$authorizationHeaderDto->getLanguage())
  270.             ], Response::HTTP_FORBIDDEN);
  271.         }
  273.         $member $user->getMember();
  275.         if (null === $member || true === $member->isDeleted()) {
  276.             return $this->json([
  277.                 "error" => $translator->trans("validator.user.id_invalid", [], "validator"$authorizationHeaderDto->getLanguage())
  278.             ], Response::HTTP_FORBIDDEN);
  279.         }
  281.         return $memberResponseProvider->getMemberLoginResponse($user$member$authorizationHeaderDto$memberLoginResponseDtoProvider$translator);
  282.     }
  284.     /**
  285.      * Mise à jour d'un membre
  286.      *
  287.      * Mise à jour des informations d'un membre depuis l'API, pour modifier le mot de passe d'un membre, c'est le même endpoint qui est utilisé avec le mot de passe renseigné.
  288.      *
  289.      * @Route("/v1/member/update", name="api_member_update", methods={"POST"})
  290.      */
  291.     public function updateMember(
  292.         Request                          $request,
  293.         TranslatorInterface              $translator,
  294.         MybizRequestAuthorizationChecker $mybizRequestAuthorizationChecker,
  295.         WebhookLogAdder                  $webhookLogAdder,
  296.         ApiRequestContentParser          $apiRequestContentParser,
  297.         MemberUpdater                    $memberUpdater,
  298.         MemberPasswordUpdater            $memberPasswordUpdater,
  299.         MemberRepository                 $memberRepository
  300.     ): JsonResponse
  301.     {
  302.         $appLanguage $request->headers->get("App-Language");
  303.         try {
  304.             $requestContent $this->getJsonFromContent($request);
  305.             /** @var MemberPersonalInformationDto|null $memberPersonalInformationDto */
  306.             $memberPersonalInformationDto $apiRequestContentParser->parseRequestContent($requestApiRequestContentParser::MEMBER_UPDATER_PARSER);
  307.         } catch (\Throwable $e) {
  308.             return $mybizRequestAuthorizationChecker->getParseErrorMessage($e);
  309.         }
  310.         $member $memberRepository->findMemberByEmail($memberPersonalInformationDto->getEmail());
  311.         if (null === $member) {
  312.             return $this->json([
  313.                 "error" => $translator->trans("validator.user.email_invalid", ["%email%" => $memberPersonalInformationDto->getEmail()], "validator"$appLanguage)
  314.             ], Response::HTTP_CONFLICT);
  315.         }
  317.         $webhookLogAdder->add(
  318.             Space::SPACE_LUUME,
  319.             $member,
  320.             null,
  321.             "Mise à jour du membre {$memberPersonalInformationDto->getEmail()} depuis le endpoint d'API",
  322.             $memberPersonalInformationDto->toArray()
  323.         );
  324.         try {
  325.             $memberUpdater->updateMemberFromPersonalInformationDto($member$memberPersonalInformationDto);
  326.         } catch (CountryNotFoundException $e) {
  327.             return $this->json([
  328.                 "error" => $e->getMessage()
  329.             ], Response::HTTP_NOT_FOUND);
  330.         }
  331.         $requestPassword $requestContent["password"];
  332.         if (!empty($requestPassword)) {
  333.             try {
  334.                 $memberPasswordUpdater->updatePassword($member$requestPassword);
  335.             } catch (\Throwable $e) {
  336.                 return $mybizRequestAuthorizationChecker->getDefaultErrorMessage($e);
  337.             }
  338.         }
  340.         return $this->json([], Response::HTTP_OK);
  341.     }
  343.     /**
  344.      * Mise à jour du mot de passe d'un membre
  345.      *
  346.      * @Route("/v1/member/update-password", name="api_member_update_password", methods={"POST"})
  347.      */
  348.     public function updatePassword(
  349.         Request                     $request,
  351.         TranslatorInterface         $translator,
  352.         UserPasswordHasherInterface $userPasswordHasher,
  354.         ApiRequestContentParser     $apiRequestContentParser,
  355.         MemberPasswordUpdater       $memberPasswordUpdater,
  356.         MybizRequestJwtChecker      $mybizRequestJwtChecker
  357.     ): JsonResponse
  358.     {
  359.         try {
  360.             $member $mybizRequestJwtChecker->checkJwt($request);
  361.         } catch (\Throwable $e) {
  362.             return $mybizRequestJwtChecker->getUnknownJWTErrorMessage();
  363.         }
  365.         try {
  366.             /** @var MemberChangePasswordDto|null $memberChangePasswordDto */
  367.             $memberChangePasswordDto $apiRequestContentParser->parseRequestContent($requestApiRequestContentParser::MEMBER_UPDATE_PASSWORD_PARSER);
  368.         } catch (\Throwable $e) {
  369.             return $mybizRequestJwtChecker->getDefaultErrorMessage($e);
  370.         }
  372.         $user $member->getUser();
  374.         if (false === $userPasswordHasher->isPasswordValid($user$memberChangePasswordDto->old)) {
  375.             return $this->json([
  376.                 "error" => $translator->trans("validator.password.old_mismatch", [], "validator")
  377.             ], Response::HTTP_FORBIDDEN);
  378.         }
  380.         try {
  381.             $memberPasswordUpdater->updatePassword($member$memberChangePasswordDto->new);
  383.             return $this->json([], Response::HTTP_OK);
  384.         } catch (\Throwable $e) {
  385.             $this->addFlash("danger"$translator->trans("validator.server_error", [], "validator"));
  387.             return $this->json([
  388.                 "error" => $translator->trans("validator.password.update_error", [], "validator")
  389.             ], Response::HTTP_OK);
  390.         }
  392.     }
  394.     /**
  395.      * Récupération des informations d'un membre
  396.      *
  397.      * Permet de récupérer certaines informations sur un membre
  398.      *
  399.      * @Route("/v1/member/informations", name="api_member_informations", methods={"POST"})
  400.      */
  401.     public function getInformations(
  402.         Request                          $request,
  403.         TranslatorInterface              $translator,
  405.         ApiRequestContentParser          $apiRequestContentParser,
  406.         MybizRequestAuthorizationChecker $mybizRequestAuthorizationChecker,
  407.         MemberInformationProvider        $memberInformationProvider,
  409.         UserRepository                   $userRepository
  410.     ): JsonResponse
  411.     {
  412.         try {
  413.             $authorizationHeaderDto AuthorizationHeaderDto::generateFromRequest($request);
  414.         } catch (\Throwable $e) {
  415.             return $mybizRequestAuthorizationChecker->getDefaultErrorMessage($e);
  416.         }
  418.         try {
  419.             /** @var MemberInformationsDto|null $memberInformationsDto */
  420.             $memberInformationsDto $apiRequestContentParser->parseRequestContent($requestApiRequestContentParser::MEMBER_INFORMATIONS_PARSER);
  421.         } catch (\Throwable $e) {
  422.             return $mybizRequestAuthorizationChecker->getParseErrorMessage($e);
  423.         }
  425.         /** @var User|null $user */
  426.         $user $userRepository->findOneBy([
  427.             "email" => $memberInformationsDto->getEmail()
  428.         ]);
  429.         if (null === $user) {
  430.             return $this->json([
  431.                 "error" => $translator->trans("validator.user.id_invalid", [], "validator"$authorizationHeaderDto->getLanguage())
  432.             ], Response::HTTP_FORBIDDEN);
  433.         }
  434.         $member $user->getMember();
  435.         if (null === $member) {
  436.             return $this->json([
  437.                 "error" => $translator->trans("validator.user.id_invalid", [], "validator"$authorizationHeaderDto->getLanguage())
  438.             ], Response::HTTP_FORBIDDEN);
  439.         }
  441.         return $this->json(
  442.             $memberInformationProvider->getMemberInformationResponseDto($member)->toArray(),
  443.             Response::HTTP_OK
  444.         );
  445.     }
  448.     /**
  449.      * Création d'un membre
  450.      *
  451.      * Création d'un member depuis l'API.
  452.      *
  453.      * @Route("/v1/member/check/{email}", name="api_member_check_email", methods={"GET"})
  454.      */
  455.     public function checkUserEmail(
  456.         UserRepository $userRespository,
  457.         string         $email
  458.     ): JsonResponse
  459.     {
  460.         /** @var User|null $user */
  461.         $user $userRespository->findOneBy([
  462.             "email" => $email
  463.         ]);
  464.         if (null === $user) {
  465.             return $this->json([], Response::HTTP_NOT_FOUND);
  466.         }
  468.         return $this->json([], Response::HTTP_OK);
  469.     }
  471.     /**
  472.      * Route pour tester sir le JWT est encore valable ou non
  473.      *
  474.      * @Route("/v1/mobile/jwt/valid", name="api_mobile_jwt_valid", methods={"GET"})
  475.      */
  476.     public function jwtValid(
  477.         Request                          $request,
  479.         MybizRequestAuthorizationChecker $mybizRequestAuthorizationChecker,
  480.         MybizRequestJwtChecker           $mybizRequestJwtChecker,
  481.         MemberLoginResponseDtoProvider   $memberLoginResponseDtoProvider,
  482.         MemberResponseProvider           $memberResponseProvider,
  483.         TranslatorInterface              $translator,
  484.         UserRepository                   $userRepository
  485.     ): JsonResponse
  486.     {
  487.         try {
  488.             $authorizationHeaderDto AuthorizationHeaderDto::generateFromRequest($request);
  489.         } catch (\Throwable $e) {
  490.             return $mybizRequestAuthorizationChecker->getDefaultErrorMessage($e);
  491.         }
  493.         try {
  494.             $member $mybizRequestJwtChecker->checkJwt($request);
  495.         } catch (\Throwable $e) {
  496.             return $mybizRequestJwtChecker->getUnknownJWTErrorMessage();
  497.         }
  499.         /** @var User|null $user */
  500.         $user $userRepository->findOneBy([
  501.             "email" => $member->getEmail()
  502.         ]);
  504.         return $memberResponseProvider->getMemberLoginResponse($user$member$authorizationHeaderDto$memberLoginResponseDtoProvider$translator);
  505.     }
  506. }