src/Controller/UserController.php line 390

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  6. use Doctrine\Persistence\ManagerRegistry;
  7. use Symfony\Component\Mailer\MailerInterface;
  8. use Symfony\Bridge\Twig\Mime\TemplatedEmail;
  9. use Symfony\Component\Mime\Email;
  10. use Symfony\Component\HttpFoundation\{JsonResponseRequestResponse};
  11. use Symfony\Component\Routing\Annotation\Route;
  12. use App\Utils\Ticketing;
  13. use App\Entity\User;
  14. use App\Entity\Item;
  15. use App\Utils\Functions;
  17. /**
  18.  * @Route("/{_locale}", requirements={"_locale": "en|es"})
  19.  */
  20. class UserController extends AbstractController
  21. {
  22.     /**
  23.      * @var Ticketing
  24.      */
  25.     private $ticketing;
  26.     /**
  27.      * @var Functions
  28.      */
  29.     private $functions;
  30.     /**
  31.      * @var ManagerRegistry
  32.      */
  33.     private $doctrine;
  35.     /**
  36.      * @param Ticketing $ticketing
  37.      * @param Functions $functions
  38.      * @param ManagerRegistry $doctrine
  39.      */
  40.     public function __construct(Ticketing $ticketingFunctions $functionsManagerRegistry $doctrine)
  41.     {
  42.         date_default_timezone_set('UTC');
  43.         $this->ticketing $ticketing;
  44.         $this->functions $functions;
  45.         $this->doctrine  $doctrine;
  46.     }
  49.     /**
  50.      * @Route("/access", name="access")
  51.      */
  52.     public function access(Request $requestManagerRegistry $doctrineMailerInterface $mailer): Response
  53.     {
  55.         if($request->get("format")){
  56.             $format $request->get("format");
  57.         } else {
  58.             $format 1;
  59.         }
  61.         // General function to set discount ref/affId
  62.         $this->functions->setDiscount($request);
  64.         $entityManager $doctrine->getManager();
  66.         $redirect="";
  67.         $statusLogin "";
  69.         $statusPreregister "";
  70.         $emailPreregister $request->get('email-preregister');
  72.         $emailLogin $request->get('email-login');
  73.         $password $request->get('password');
  75.         if($request->get("redirect")){
  76.             $redirect=$request->get("redirect");
  77.         }
  79. //        if($request->isMethod('post')) {
  80. //            $checkCaptcha = $this->functions->checkCaptcha($request->get('g-recaptcha-response'));
  81. //            if(!$checkCaptcha) {
  82. //                return $this->render('user/access.html.twig', [
  83. //                    'statusLogin' => 'errorCaptcha',
  84. //                    'statusPreregister' => $statusPreregister,
  85. //                    'redirect' => $redirect,
  86. //                    'format' => $format
  87. //                ]);
  88. //            }
  89. //        }
  91.         if($emailLogin){
  92.             if($request->get('send-form-log')){
  93.                 $result $this->ticketing->curl("users/login""normal", array("userId"=>$emailLogin"password"=>$password), "POST");
  94.                 if($result["code"] != 200){
  95.                     $statusLogin "error";
  96.                 } else{
  97.                     $session $request->getSession();
  98.                     $session->set('userId'$result["userId"]);
  99.                     if (!empty($result['type']) && $result['type'] === 1) {
  100.                         $session->set('userType'1);
  101.                         $session->set('userEventId'$result['eventId']);
  102.                     }
  104.                     if($redirect!=""){
  105.                         return $this->redirect($redirect);
  106.                     }
  107.                     return $this->redirectToRoute('home');
  108.                 }
  109.             }
  110.         }
  112.         if($emailPreregister){
  113.             if($request->get('send-form-pre')){
  114.                 $result $this->ticketing->curl("users""normal", array("userId"=>$emailPreregister), "POST");
  115.     
  116.                 if($result["code"] != 201){
  117.                     $statusPreregister "error";
  118.                 } else {
  119.                     $user = new User();
  120.                     $user->setUserId($result["userId"]);
  121.                     $user->setCreatedAt(new \DateTime());
  122.                     $entityManager->persist($user);
  123.                     $entityManager->flush();
  124.         
  125.                     $email = (new TemplatedEmail())
  126.                         ->from($this->getParameter('mailer_from'))
  127.                         ->to($result["userId"])
  128.                         ->subject('DOW - Registro')
  129.                         ->htmlTemplate('mail/register.html.twig')
  130.                         ->context([
  131.                             'userId' => $result["userId"],
  132.                             'registerCode' => $result["registerCode"],
  133.                         ]);
  134.         
  135.                     $mailer->send($email);
  136.         
  137.                     $statusPreregister "done";
  138.                 }
  139.             }
  140.         }
  142.         return $this->render('user/access.html.twig', [
  143.             'statusLogin' => $statusLogin,
  144.             'statusPreregister' => $statusPreregister,
  145.             'redirect' => $redirect,
  146.             'format' => $format
  147.         ]);
  148.     }
  150.     /**
  151.      * @Route("/register/{userId}/{registerCode}", name="register")
  152.      */
  153.     public function register(Request $requestManagerRegistry $doctrine$userId$registerCode): Response
  154.     {
  155.         $em $doctrine->getManager();
  156.         $status "";
  157.         $user $this->ticketing->curl("users/".$userId"normal", array(), "GET");
  159.         if($user["code"] == 200){
  160.             $status "error";
  161.         } else {
  162.             if($request->get('send-form')){
  163.                 $password $request->get('password');
  164.                 $name $request->get('name');
  165.                 $surname $request->get('surname');
  166.                 $alias $request->get('alias');
  167.                 $phone $request->get('phone');
  168.                 $city $request->get('city');
  169.                 $nif $request->get('nif');
  170.                 // Birth date
  171.                 $birth_date $request->get('birth_date');
  172.                 $datetime = new \DateTime();
  173.                 $newDate $datetime->createFromFormat('Y-m-d'$birth_date);
  175.                 $objUser $em->getRepository(User::class)->findOneBy(['user_id' => $userId]);
  176.                 if (empty($objUser)) {
  177.                     $objUser = new User();
  178.                     $objUser->setUserId($userId);
  179.                     $objUser->setCreatedAt(new \DateTime());
  180.                 }
  181.                 // Requiresd
  182.                 $objUser->setAlias($alias);
  183.                 $objUser->setPhone($phone);
  184.                 $objUser->setBirthDate($newDate);
  185.                 $objUser->setCity($city);
  186.                 $em->persist($objUser);
  187.                 $em->flush();
  189.                 $result $this->ticketing->curl("users""normal",
  190.                     [
  191.                         "userId" => $userId,
  192.                         "password" => 'dow-12345678'// Password temporal
  193.                         "name" => $name,
  194.                         "surname" => $surname,
  195.                         "registerCode" => $registerCode,
  196.                         "alias" => $alias,
  197.                         "phone" => $phone,
  198.                         "city" => $city,
  199.                         "birth_date" => $newDate,
  200.                         "nif" => $nif,
  201.                     ], "PATCH");
  203.                 if($result["code"] != 200){
  204.                     $status "error";
  205.                 } else {
  206.                     $status "done";
  207.                     // Email with tickets link
  208.                     $this->ticketing->curl("send-qr-email""normal", ["userId" => $userId], "POST");
  209.                 }
  210.             }
  211.         }
  213.         return $this->render('user/register.html.twig', [
  214.             'status' => $status,
  215.             'id' => $userId,
  216.             'code' => $registerCode
  217.         ]);
  218.     }
  220.     /**
  221.      * @Route("/logout", name="logout")
  222.      */
  223.     public function logout(Request $request): Response
  224.     {
  225.         $session $request->getSession();
  226.         $session->clear();
  228.         return $this->redirectToRoute('home');
  229.     }
  231.     /**
  232.      * @Route("/user-profile", name="userProfile")
  233.      */
  234.     public function userProfile(Request $request): Response
  235.     {
  236.         // General function to set discount ref/affId
  237.         $this->functions->setDiscount($request);
  238.         
  239.         $em $this->doctrine->getManager();
  240.         $userId=$this->functions->getUserLogged();
  242.         if(!$userId){
  243.             $this->addFlash(
  244.                 'notice',
  245.                 'Debe iniciar sesión como usuario'
  246.             );
  247.             return $this->redirectToRoute('access',["redirect" => $this->generateUrl('userProfile')]);
  248.         }
  250.         $tickets $this->ticketing->curl("tickets?onSaleByUser=false&user=" $userId "&orderBy=event&limit=1000""normal", [], "GET");
  251.         $result $this->ticketing->curl("users/" $userId"normal", [], "GET");
  252.         $items_pending $em->getRepository(Item::class)->search("count", ["web_pending" => TRUE]);
  253.         $sents $this->ticketing->curl("tickets/activity?origin=" $userId "&limit=1000&enabled=true&type=transfer""normal", [], "GET");
  254.         $sells $this->ticketing->curl("tickets?onSaleByUser=true&user=" $userId "&limit=1000""normal", [], "GET");
  255.         $sales_history $this->ticketing->curl("tickets/activity?origin=" $userId "&limit=1000&type=sale""normal", [], "GET");
  257.         $wallet_operations $this->ticketing->curl("wallet-operations?user=".$userId"normal", [], "GET");
  259.         // Separate collections and tickets
  260.         $spsCollections = [];
  261.         $nftTickets     = [];
  262.         date_default_timezone_set("Europe/Madrid");
  263.         $dateForCollection date("Y-m-d H:i:s"strtotime('-24 hours'));
  264.         foreach($tickets['tickets'] as $ticket) {
  265.             if ($dateForCollection $ticket['event']['dateEvent']) {
  266.                 $spsCollections[] = $ticket;
  267.             } else {
  268.                 // Automatic activation for tickets
  269.                 if (!$ticket["active"] && (date("Y-m-d H:i:s") >= $ticket['event']['dateActivation'])) {
  270.                     // Unblock ticket
  271.                     if ($ticket['isBlocked'])
  272.                         $this->ticketing->curl("tickets/" $ticket['id'], "normal", ["blocked" => "false"], "PATCH");
  274.                     // Remove tickets on sale in secondary market
  275.                     if ($ticket['onSaleUser'])
  276.                         $this->ticketing->curl("sales/" $ticket['id'], "normal", [], "DELETE");
  278.                     // get event
  279.                     $event $this->ticketing->curl("events/".$ticket["event"]["id"], "normal", [], "GET");
  280.                     $activation $this->ticketing->curl("tickets/".$ticket['id']."/activate""normal", ["latitude" => $event["latitude"], "longitude" => $event["longitude"]], "PATCH");
  281.                     if ($activation["code"] == "200") {
  282.                         $ticket['active'] = true;
  283.                         $ticket['accessCode'] = $activation['accessCode'];
  284.                     }
  285.                 }
  286.                 $nftTickets[] = $ticket;
  287.             }
  288.         }
  290.         $user $em->getRepository(User::class)->findOneBy(['user_id' => $userId]);
  291.         if ($user !== null) {
  292.             $userAlias $user->getAlias();
  293.         } else {
  294.             $userAlias '-';
  295.         }
  297.         // Blacklist from env
  298.         $blacklist explode(',',$_ENV['BLACKLIST']);
  300.         return $this->render('user/profile.html.twig', [
  301.             'user'              => $result,
  302.             'tickets'           => $nftTickets,
  303.             'collections'       => $spsCollections,
  304.             'items_pending'     => $items_pending,
  305.             'alias'             => $userAlias,
  306.             'sents'             => $sents["activity"],
  307.             'sells'             => $sells["tickets"],
  308.             'wallet_operations' => $wallet_operations,
  309.             'sales_history'     => $sales_history["activity"],
  310.             'blacklist'         => $blacklist
  311.         ]);
  312.     }
  314.     /**
  315.      * @Route("/extra-content/{ticketId}/{source}", name="extraContent")
  316.      */
  317.     public function extraContent(Request $request$ticketId$source): Response
  318.     {
  319.         // General function to set discount ref/affId
  320.         $this->functions->setDiscount($request);
  321.         
  322.         $em $this->doctrine->getManager();
  323.         $userId=$this->functions->getUserLogged();
  325.         if(!$userId){
  326.             $this->addFlash(
  327.                 'notice',
  328.                 'Debe iniciar sesión como usuario'
  329.             );
  330.             return $this->redirectToRoute('access');
  331.         }
  333.         $ticket $this->ticketing->curl("tickets/".$ticketId"normal", [], "GET");
  334.         $topMomentActive = !str_contains(strtolower($ticket['name']), 'space top moment') && !$ticket["active"];
  335.         if (empty($ticket) || $ticket["code"] != "200" || $ticket["user"]["userId"] != $userId || $topMomentActive){
  336.             $this->addFlash(
  337.                 'notice',
  338.                 'No se puede acceder al contenido extra'
  339.             );
  340.             return $this->redirectToRoute('home');
  341.         }
  343.         if(!array_key_exists("extraContent"$ticket) || !array_key_exists($source$ticket["extraContent"])){
  344.             $this->addFlash(
  345.                 'notice',
  346.                 'No se puede acceder al contenido extra'
  347.             );
  348.             return $this->redirectToRoute('home');
  349.         }
  351.         $source $ticket["extraContent"][$source];
  353.         // Path to your private key.  Be very careful that this file is not accessible
  354.         // from the web!
  356.         $private_key_filename = \dirname(__DIR__).'/../var/private_key.pem';
  357.         $key_pair_id 'K3HFP4XM97GS7X';
  359.         $expires time() + 86400// 1 hour
  360.         $canned_policy_stream_name $this->functions->get_canned_policy_stream_name($source$private_key_filename$key_pair_id$expires);
  362.         $client_ip $_SERVER['REMOTE_ADDR'];
  363.         $policy =
  364.         '{'.
  365.             '"Statement":['.
  366.                 '{'.
  367.                     '"Resource":"'$source '",'.
  368.                     '"Condition":{'.
  369.                         '"IpAddress":{"AWS:SourceIp":"' $client_ip '/32"},'.
  370.                         '"DateLessThan":{"AWS:EpochTime":' $expires '}'.
  371.                     '}'.
  372.                 '}'.
  373.             ']' .
  374.             '}';
  375.         $custom_policy_stream_name $this->functions->get_custom_policy_stream_name($source$private_key_filename$key_pair_id$policy);
  376.         //echo urldecode($canned_policy_stream_name);die();
  378.         return $this->redirect(urldecode($custom_policy_stream_name));
  379.         
  380.         return $this->render('user/extra-content.html.twig', [
  381.             'source' => $source,
  382.             'canned_policy_stream_name' => urldecode($canned_policy_stream_name),
  383.             'custom_policy_stream_name' => urldecode($custom_policy_stream_name)
  384.         ]);
  385.     }
  387.     /**
  388.      * @Route("/recover-password", name="recoverPassword")
  389.      */
  390.     public function recoverPassword(Request $requestMailerInterface $mailer): Response
  391.     {
  393.         $status "";
  395.         $email $request->get('email');
  396.         $result $this->ticketing->curl("users/".$email."/recover/password""normal", [], "GET");
  397.         if($email && $result){
  398.             if($result["code"] != 200 || (!array_key_exists('recoverCode'$result) && !array_key_exists('registerCode'$result))){
  399.                 $status "error";
  400.             } else {
  402.                 $checkCaptcha $this->functions->checkCaptcha($request->get('g-recaptcha-response'));
  403.                 if(!$checkCaptcha) {
  404.                     return $this->render('user/recover-password.html.twig', [
  405.                         'status' => 'errorCaptcha'
  406.                     ]);
  407.                 }
  409.                 if(array_key_exists('registerCode'$result) && !empty($result['registerCode'])){
  410.                     $mail = (new TemplatedEmail())
  411.                     ->from($this->getParameter('mailer_from'))
  412.                     ->to($email)
  413.                     ->subject('DOW - Registro')
  414.                     ->htmlTemplate('mail/register.html.twig')
  415.                     ->context([
  416.                         'userId' => $email,
  417.                         'registerCode' => $result["registerCode"],
  418.                     ]);
  419.                 } else {
  420.                     $mail = (new TemplatedEmail())
  421.                     ->from($this->getParameter('mailer_from'))
  422.                     ->to($email)
  423.                     ->subject('DOW - Recuperar contraseña')
  424.                     ->htmlTemplate('mail/recover-password.html.twig')
  425.                     ->context([
  426.                         'userId' => $email,
  427.                         'recoverCode' => $result["recoverCode"],
  428.                     ]);
  429.                 }
  430.                 $mailer->send($mail);
  431.                 $status "done";
  432.             }
  433.         }
  435.         return $this->render('user/recover-password.html.twig', [
  436.             'status'=>$status
  437.         ]);
  438.     }
  440.     /**
  441.      * @Route("/change-password/{userId}/{recoverCode}", name="changePassword")
  442.      */
  443.     public function changePassword(Request $request$userId$recoverCode): Response
  444.     {
  446.         $status "";
  447.         $password $request->get('password');
  449.         $check $this->ticketing->curl("users/".$userId"normal", array(), "GET");
  451.         if($check["code"] != 200 || !array_key_exists('recoverCode'$check) || $check["recoverCode"]!=$recoverCode){
  452.             $status "error2";
  453.         }
  454.         else{
  455.             if($request->get('send-form')){
  456.                 $result $this->ticketing->curl("users/change-password""normal", array("userId"=>$userId"password"=>$password"recoverCode"=>$recoverCode), "PATCH");
  457.                 if($result["code"] != 200){
  458.                     $status "error";
  459.                 } else {
  460.                     $status "done";
  461.                 }
  462.             }
  463.         }
  465.         return $this->render('user/change-password.html.twig', [
  466.             'status' => $status,
  467.             'id' => $userId,
  468.             'code' => $recoverCode
  469.         ]);
  470.     }
  472.     /**
  473.      * @Route("/withdrawal", name="withdrawal-request")
  474.      */
  475.     public function requestWithdrawal(Request $requestMailerInterface $mailer) {
  477.         $wh_token bin2hex(random_bytes(45));
  478.         $data $request->request->all();
  479.         $data['token'] = $wh_token;
  481.         $withdraw $this->ticketing->curl("wallet-operations""normal"$data"POST");
  482.         if($withdraw["code"] != 201) {            
  484.             return new JsonResponse([
  485.                 'status'    => false,
  486.                 'message'   => $withdraw['message'],
  487.                 'data'      => []                
  488.             ], 403);
  489.         }
  491.         $data['operation_id'] = $withdraw['id'];
  492.         $email = (new TemplatedEmail())
  493.             ->from($this->getParameter('mailer_from'))
  494.             ->to($_ENV['CLIENT_EMAIL'])
  495.             ->subject('DOW - request withdrawal')
  496.             ->htmlTemplate('mail/withdrawal-request.html.twig')
  497.             ->context($data);
  498.         $mailer->send($email);
  500.         return new JsonResponse([
  501.             'status' => true,
  502.             'message' => 'La retirada se ha solicitado con éxito.'
  503.         ]);
  504.     }
  506.     /**
  507.      * @Route("/withdrawal-remove", name="withdrawal-remove")
  508.      */
  509.     public function removeWithdrawal(Request $requestMailerInterface $mailer) {
  511.         $wh_token bin2hex(random_bytes(45));
  512.         $data $request->request->all();
  513.         $data['token'] = $wh_token;
  515.         $withdraw $this->ticketing->curl("wallet-operations-update/".$data['operation_id'], "normal"$data"POST");
  516.         if($withdraw["code"] != 201) {
  518.             return new JsonResponse([
  519.                 'status'    => false,
  520.                 'message'   => $withdraw['message'],
  521.                 'data'      => []
  522.             ], 403);
  523.         }
  524.         
  525.         
  526.         $email = (new TemplatedEmail())
  527.             ->from($this->getParameter('mailer_from'))
  528.             ->to($_ENV['CLIENT_EMAIL'])
  529.             ->subject('DOW - remove withdrawal')
  530.             ->htmlTemplate('mail/withdrawal-remove.html.twig')
  531.             ->context([
  532.                 'operation_id' => $withdraw['id'],
  533.                 'account_name' => $withdraw['accountName'],
  534.                 'account' => $withdraw['account'],
  535.                 'amount' => $withdraw['amount']
  536.             ]);
  537.         $mailer->send($email);
  538.         
  540.         return new JsonResponse([
  541.             'status' => true,
  542.             'message' => 'La retirada se ha anulado con éxito.'
  543.         ]);
  544.     }
  546.     /**
  547.      * @Route("/anonymous-user-profile/{token}", name="anonymousUserProfile")
  548.      */
  549.     public function anonymousUserProfile(Request $request$token): Response
  550.     {
  551.         $userId $this->functions->getUserLogged();
  552.         if ($userId)
  553.             return $this->redirectToRoute('userProfile');
  555.         // General function to set discount ref/affId
  556.         $this->functions->setDiscount($request);
  558.         $em $this->doctrine->getManager();
  560.         $userId $this->functions->decrypt($token);
  561.         $anyUser '/false';
  563.         $result $this->ticketing->curl("users/".$userId.$anyUser"normal", [], "GET");
  564.         if($result['enabled']){
  565.             $this->addFlash(
  566.                 'notice',
  567.                 'Debe iniciar sesión como usuario'
  568.             );
  569.             return $this->redirectToRoute('access',["redirect" => $this->generateUrl('userProfile')]);
  570.         }
  572.         $tickets        $this->ticketing->curl("tickets?onSaleByUser=false&user=".$userId."&orderBy=event&limit=1000""normal", [], "GET");
  573.         $items_pending  $em->getRepository(Item::class)->search("count",["web_pending" => TRUE]);
  575.         // Separate collections and tickets
  576.         $spsCollections = [];
  577.         $nftTickets     = [];
  578.         date_default_timezone_set("Europe/Madrid");
  579.         foreach($tickets['tickets'] as $ticket) {
  580.             if (date("Y-m-d") > $ticket['event']['dateEvent']) {
  581.                 $spsCollections[] = $ticket;
  582.             } else {
  583.                 // Automatic activation for tickets
  584.                 if (!$ticket["active"] && (date("Y-m-d H:i:s") >= $ticket['event']['dateActivation'])
  585.                     && (date("Y-m-d") == date("Y-m-d"strtotime($ticket['event']['dateEvent']))) ) {
  587.                     // get event
  588.                     $event $this->ticketing->curl("events/".$ticket["event"]["id"], "normal", [], "GET");
  589.                     $activation $this->ticketing->curl("tickets/".$ticket['id']."/activate""normal", ["latitude" => $event["latitude"], "longitude" => $event["longitude"]], "PATCH");
  590.                     if ($activation["code"] == "200") {
  591.                         $ticket['active'] = true;
  592.                         $ticket['accessCode'] = $activation['accessCode'];
  593.                     }
  594.                 }
  595.                 $nftTickets[] = $ticket;
  596.             }
  597.         }
  599.         return $this->render('user/anonymous-profile.html.twig', [
  600.             'user'              => $result,
  601.             'tickets'           => $nftTickets,
  602.             'collections'       => $spsCollections,
  603.             'items_pending'     => $items_pending,
  604.             'anonymous'         => TRUE
  605.         ]);
  606.     }
  608. }