src/Controller/InscriptionController.php line 39

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\Card;
  6. use App\Entity\PlanityRewardCode;
  7. use App\Entity\User;
  8. use App\Service\EmailService;
  9. use App\Service\QrcodeService;
  10. use Doctrine\ORM\EntityManagerInterface;
  11. use Psr\Log\LoggerInterface;
  12. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  13. use Symfony\Component\HttpFoundation\JsonResponse;
  14. use Symfony\Component\HttpFoundation\Request;
  15. use Symfony\Component\HttpFoundation\Response;
  16. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  17. use Symfony\Component\Mailer\Exception\TransportExceptionInterface;
  18. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  19. use Symfony\Component\Routing\Annotation\Route;
  20. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  21. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  22. use Symfony\Component\Validator\Context\ExecutionContextInterface;
  23. use Symfony\Component\Validator\Validator\ValidatorInterface;
  24. use Symfony\Component\Validator\Constraints as Assert;
  26. class InscriptionController extends AbstractController
  27. {
  28.     public function __construct(
  29.         private readonly EntityManagerInterface $entityManager,
  30.         private readonly QrcodeService $qrcodeService,
  31.         private readonly EmailService $emailService,
  32.         private readonly TokenStorageInterface $tokenStorage,
  33.         private readonly ValidatorInterface $validator,
  34.         private readonly LoggerInterface $logger
  35.     ) {
  36.     }
  38.     #[Route('/inscription'name'inscription')]
  39.     public function index(): Response
  40.     {
  41.         return $this->render('inscription/inscription.html.twig', [
  42.             'controller_name' => 'InscriptionController',
  43.         ]);
  44.     }
  46.     #[Route(path'/api/inscription'name'api_register'options: ["expose" => true], methods: ["POST"])]
  47.     public function apiInscription(Request $requestUserPasswordHasherInterface $passwordEncoder)
  48.     {
  49.         try {
  50.             $submittedToken $request->request->get('_csrf_token');
  51.             if (!$this->isCsrfTokenValid('register'$submittedToken)) {
  52.                 return new JsonResponse(['message' => 'Token CSRF invalide'], Response::HTTP_FORBIDDEN);
  53.             }
  55.             $data $request->request->all();
  57.             // Validation améliorée
  58.             $constraints = new Assert\Collection(
  59.                 [
  60.                     'fields' => [
  61.                         '_csrf_token' => new Assert\NotBlank(),
  62.                         'email' => [
  63.                             new Assert\NotBlank(['message' => 'L\'email est obligatoire']),
  64.                             new Assert\Email(['message' => 'L\'email n\'est pas valide']),
  65.                             new Assert\Length(['max' => 180])
  66.                         ],
  67.                         'password' => [
  68.                             new Assert\NotBlank(['message' => 'Le mot de passe est obligatoire']),
  69.                             new Assert\Length([
  70.                                 'min' => 8,
  71.                                 'minMessage' => 'Le mot de passe doit contenir au moins {{ limit }} caractères'
  72.                             ])
  73.                         ],
  74.                         'confirm_password' => [
  75.                             new Assert\NotBlank(),
  76.                             new Assert\EqualTo([
  77.                                 'propertyPath' => 'password',
  78.                                 'message' => 'Les mots de passe ne correspondent pas'
  79.                             ])
  80.                         ],
  81.                         'prenom' => [
  82.                             new Assert\NotBlank(['message' => 'Le prénom est obligatoire']),
  83.                             new Assert\Length(['min' => 2'max' => 50])
  84.                         ],
  85.                         'nom' => [
  86.                             new Assert\NotBlank(['message' => 'Le nom est obligatoire']),
  87.                             new Assert\Length(['min' => 2'max' => 50])
  88.                         ],
  89.                         'telephone' => [
  90.                             new Assert\NotBlank(['message' => 'Le téléphone est obligatoire']),
  91.                             new Assert\Regex([
  92.                                 'pattern' => '/^0[1-9][0-9]{8}$/',
  93.                                 'message' => 'Le numéro de téléphone doit commencer par 0 et contenir 10 chiffres'
  94.                             ])
  95.                         ],
  96.                         'birthdate' => [
  97.                             new Assert\NotBlank(['message' => 'La date de naissance est obligatoire']),
  98.                             new Assert\Date(['message' => 'Date de naissance invalide'])
  99.                         ],
  100.                         'promo_code' => new Assert\Optional([
  101.                             new Assert\Type(['type' => 'string'])
  102.                         ])
  103.                     ],
  104.                     'allowExtraFields' => true,
  105.                     'groups' => ['Default']
  106.                 ]
  107.             );
  109.             $violations $this->validator->validate($data$constraints);
  111.             if (count($violations) > 0) {
  112.                 $errors = [];
  113.                 foreach ($violations as $violation) {
  114.                     $errors[$violation->getPropertyPath()] = $violation->getMessage();
  115.                 }
  116.                 return new JsonResponse([
  117.                     'message' => 'Erreurs de validation',
  118.                     'errors' => $errors
  119.                 ], Response::HTTP_BAD_REQUEST);
  120.             }
  122.             // Vérification email unique
  123.             $existingUser $this->entityManager->getRepository(User::class)->findOneBy(['email' => $data['email']]);
  124.             if ($existingUser) {
  125.                 return new JsonResponse(['message' => "Cette adresse email est déjà utilisée"], Response::HTTP_CONFLICT);
  126.             }
  128.             // Création de l'utilisateur
  129.             $user = new User();
  130.             $user->setEmail(strtolower(trim($data['email'])));
  131.             $user->setPhone($data['telephone']);
  132.             $user->setFirstname(ucfirst(strtolower(trim($data['prenom']))));
  133.             $user->setLastname(ucfirst(strtolower(trim($data['nom']))));
  134.             $user->setBirthdate(new \DateTime($data['birthdate']));
  135.             $user->setSlug(uniqid());
  136.             $user->setRoles(['ROLE_USER']);
  138.             // Points de base
  139.             $points 20;
  141.             // Vérification du code promo s'il existe
  142.             if (!empty($data['promo_code'])) {
  143.                 $rewardCode $this->entityManager->getRepository(PlanityRewardCode::class)
  144.                     ->findOneBy([
  145.                         'code' => $data['promo_code'],
  146.                         'planityEmail' => $user->getEmail(),
  147.                         'isUsed' => false
  148.                     ]);
  150.                 if ($rewardCode && $rewardCode->isValid()) {
  151.                     $points += $rewardCode->getValue();
  152.                     $rewardCode->setIsUsed(true);
  153.                     $this->entityManager->persist($rewardCode);
  154.                 }
  155.             }
  157.             // Hashage du mot de passe
  158.             $encodedPassword $passwordEncoder->hashPassword($user$data['password']);
  159.             $user->setPassword($encodedPassword);
  161.             $this->entityManager->persist($user);
  162.             $this->entityManager->flush();
  164.             // Création de la carte de fidélité
  165.             $QrCode $this->qrcodeService->generateQrCode($user);
  166.             $card = new Card();
  167.             $card->setUser($user);
  168.             $card->setQrCodeImage($QrCode);
  169.             $card->setPoints($points);
  171.             $this->entityManager->persist($card);
  172.             $this->entityManager->flush();
  174.             // Email et connexion
  175.             $this->emailService->sendBienvenueEmail($user->getFirstname() . ', Bienvenue chez IMMY BEAUTY !'$user);
  177.             $token = new UsernamePasswordToken($user'main'$user->getRoles());
  178.             $this->tokenStorage->setToken($token);
  179.             $request->getSession()->set('_security_main'serialize($token));
  181.             return new JsonResponse([
  182.                 'success' => true,
  183.                 'message' => 'Inscription réussie ! Vous êtes maintenant connecté.',
  184.                 'redirect' => $this->generateUrl('app_fidelite')
  185.             ], Response::HTTP_CREATED);
  187.         } catch (\Exception $e) {
  188.             $this->logger->error('Erreur inscription : ' $e->getMessage());
  189.             return new JsonResponse([
  190.                 'success' => false,
  191.                 'message' => 'Une erreur est survenue lors de l\'inscription. Veuillez réessayer.',
  192.                 'debug' => $e->getMessage() // À retirer en production
  193.             ], Response::HTTP_INTERNAL_SERVER_ERROR);
  194.         }
  195.     }
  197.     #[Route('/verify-promo-code'name'verify_promo_code'methods: ['POST'])]
  198.     public function verifyCode(Request $request): JsonResponse
  199.     {
  200.         // Validation CSRF
  201.         if (!$this->isCsrfTokenValid('promo_verify'$request->request->get('_token'))) {
  202.             return $this->json([
  203.                 'valid' => false,
  204.                 'message' => 'Une erreur est survenue'
  205.             ], 403);
  206.         }
  208.         $code trim($request->request->get('code'));
  209.         $email trim(strtolower($request->request->get('email')));
  211.         // Validation basique
  212.         if (!$code || !$email || !filter_var($emailFILTER_VALIDATE_EMAIL)) {
  213.             return $this->json([
  214.                 'valid' => false,
  215.                 'message' => 'Veuillez entrer un email valide et un code'
  216.             ], 400);
  217.         }
  219.         // Vérification du code
  220.         $rewardCode $this->entityManager->getRepository(PlanityRewardCode::class)
  221.             ->findOneBy([
  222.                 'code' => $code,
  223.                 'planityEmail' => $email,
  224.                 'isUsed' => false
  225.             ]);
  227.         if (!$rewardCode) {
  228.             return $this->json([
  229.                 'valid' => false,
  230.                 'message' => 'Code invalide ou expiré'
  231.             ], 400);
  232.         }
  234.         if (!$rewardCode->isValid()) {
  235.             return $this->json([
  236.                 'valid' => false,
  237.                 'message' => 'Code invalide ou expiré'
  238.             ], 400);
  239.         }
  241.         return $this->json([
  242.             'valid' => true,
  243.             'points' => $rewardCode->getValue(),
  244.             'message' => sprintf('Code valide ! %d points seront crédités à la création de votre compte'$rewardCode->getValue())
  245.         ]);
  246.     }
  248. }