src/Controller/AuthController.php line 44

Open in your IDE?
  1. <?php
  2. namespace App\Controller;
  4. use Imperium\Config\iConfig;
  6. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  7. use Symfony\Component\HttpFoundation\Request;
  8. use Symfony\Component\HttpFoundation\Response;
  9. use Symfony\Component\Routing\Annotation\Route;
  10. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  11. use Imperium\StaticUtils\Utils as Utils;
  12. use Ramsey\Uuid\Uuid;
  13. use Symfony\Component\HttpFoundation\JsonResponse;
  14. use Imperium\InterfaceData\imp_emails\Emails;
  16. use Imperium\InterfaceData\imperium\Ip_Comptes as httpIp_Comptes;
  19. use Imperium\AppsApi\Utils\Utils as ApiUtils;
  20. use Imperium\AppsApi\Auth\Lecture as ApiAuth;
  21. use App\Entity\User;
  24. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  25. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  26. use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
  27. use Symfony\Component\EventDispatcher\EventDispatcher;
  28. use Imperium\InterfaceToken\userToken;
  29. use Imperium\InterfaceToken\cookieToken;
  31. class AuthController extends AbstractController
  32. {
  34.     private $session;
  35.     protected $tokenStorage;
  37.     public function __construct(SessionInterface $session,TokenStorageInterface $tokenStorage)
  38.     {
  39.         iConfig::initConfig();
  40.         $this->tokenStorage $tokenStorage;
  41.         $this->session $session;
  42.     }
  44.     public function get_signin(Request $request)
  45.     {
  46.         
  47.         
  48.         $params = [];
  49.         // if(isset($_SESSION['users'])) unset($_SESSION['users']);
  51.         // unset the callback session if it is set
  52.         if(isset($_SESSION['callback'])) unset($_SESSION['callback']);
  53.         if(isset($_SESSION['callback_signin'])) unset($_SESSION['callback_signin']);
  54.         // if callback is set in the query it is registred for further use when the user is authenticated
  55.         if($request->query->has('callback')){
  56.             $callback $request->get('callback');
  57.             // Output the domain
  58.             $_SESSION['callback'] = $callback;
  59.             $_SESSION['callback_signin'] = $callback;
  60.         }
  63.         // if User sessions is allerady set TAB listACCounts is activated 
  64.         if(isset($_SESSION['users']) && count($_SESSION['users'])){
  65.             $params['TAB'] = "list_accounts"
  66.         }
  67.         // if the user is redirected to reset his password 
  68.         if($request->query->has('reset_password') && $request->query->has('token') && $request->query->get('token') != "" && $request->query->get('reset_password') == "true"){
  69.             $response ApiAuth::verifyToken(['token'=>$request->query->get('token')]);
  70.             if($response->status == 200){
  71.                 if(isset($_SESSION['reset_password'])) unset($_SESSION['reset_password']);
  72.                 $_SESSION['reset_password'] = [
  73.                     "IdCompte" => $response->payload->compteid,
  74.                     "Email" => $response->payload->email,
  75.                     "ExpireIn" => time() + 300 
  76.                 ];
  77.                 // $res = ApiAuth::revokeToken(['token'=>$request->query->get('token'),"revoked_by"=>$response->payload->compteid]);
  78.                 $params['TAB'] = "resetpass_password";
  79.             }else{
  80.                 return $this->render('error/409.html.twig');
  81.             }
  82.         }
  83.         return $this->render('auth/login.html.twig',$params);
  84.     }
  85.     public function signin_email(Request $request)
  86.     {
  87.         
  88.         $validators = [];
  89.         if( !$request->request->has('email') || empty($request->get('email'))){
  90.             $validators['email'] = "Email is requireds";
  91.         }
  92.         if(count($validators)>0){
  93.             throw (new JsonResponse(['code'=>'error','status'=>422,"title" => "Confirmation Erreur","message"=>"The data provided was invalid","data"=>$validators],422))->send();
  94.         }
  96.         $email $request->get('email');
  98.         $body["args"] = [
  99.             "email" => $email
  100.         ];
  101.         $compte ApiAuth::getCompteByEmail($body);
  102.         
  103.         // Verify email From Register Section 
  104.         if($request->request->has('register') && $compte->compte != null){
  105.             return new JsonResponse(["status" => 422 "code" => "error" "message" => "Compte existe deja"],422);
  106.         }else if( $request->request->has('register') && $compte->compte == null){
  107.             return new JsonResponse(["status" => 200 "code" => "success"]);
  108.         }
  109.         // Verify email For Login Section 
  110.         if($compte->compte != null && !$request->request->has('register')){
  111.             $authMethodes = [];
  112.             if($compte->compte->Ip_Comptes->AuthPwd != null){
  113.                 $authMethodes['password'] = true;
  114.             }
  115.             if($compte->compte->Ip_Comptes->AuthFactors != null){
  116.                 $authMethodes['twofa'] = $compte->compte->Ip_Comptes->AuthFactors->Code;
  117.             }
  119.             return new JsonResponse(["status" => 200 "code" => "success" "data" => [
  120.                 "X_NOM" => $compte->compte->Conso_Perso->X_NOM,
  121.                 "X_PRENOM" => $compte->compte->Conso_Perso->X_PRENOM,
  122.                 "authMethodes" => $authMethodes,
  123.             ]]);
  124.         }
  125.         
  126.         
  127.         return new JsonResponse(["status" => 404 "code" => "error" "message" => "Compte n'existe pas"],404);
  128.     }
  129.     public function signin_account(Request $request)
  130.     {
  131.         $validators = [];
  132.         if( (!$request->request->has('password') || empty($request->get('password')) ) && ( !$request->request->has('otp') || empty($request->get('otp'))) ){
  133.             $validators['password'] = "otp or password is requireds";
  134.         }
  135.         if( !$request->request->has('email') || empty($request->get('email'))){
  136.             $validators['fields'] = "some fields is requireds";
  137.         }
  139.         if(count($validators)>0){
  140.             // return new JsonResponse(['code'=>'error','status'=>422,"message"=>"The data provided was invalid","data"=>$validators],422);
  141.             throw (new JsonResponse(['code'=>'error','status'=>422,"title" => "Confirmation Erreur","message"=>"The data provided was invalid","data"=>$validators],422))->send();
  142.         }
  143.           
  144.         $email $request->get('email');
  146.         $body["args"] = [
  147.               "email" => $email
  148.         ];
  149.         $compte ApiAuth::getCompteByEmail($body);
  150.           // Verify email For Login Section 
  151.         if($compte->compte != null){
  152.             if($compte->compte->Ip_Comptes->Validite == 0){
  153.               
  154.                $params=[];
  155.                $IdCompte=Utils::CryptNum($compte->compte->Ip_Comptes->IdCompte);
  156.                $params["IdCompte"]=$IdCompte;
  157.                 $params['message'] = "Veuillez vérifier la boîte e-mail pour activer votre compte";
  158.                 throw (new JsonResponse(['code'=>'error','status'=>422,"message"=>"Compte Invalide","data"=>$params],200))->send();
  159.             }
  160.         }
  161.          
  162.         $params = [];
  163.         $params['username'] =   $request->get('email');
  164.         $params['password'] =   $request->get('password');
  165.         $params['otp']      =   $request->get('otp');
  166.         $params['expiresAfter'] = 864000;
  168.         $response ApiAuth::usersSignin($params);
  169.         if( isset($response->token) ){
  170.             $compte ApiAuth::usersVerify(['token'=>$response->token,"revoke"=>false]);
  171.             if( $compte->status == 401 ){
  172.                 return new JsonResponse(['status'=>401,"code"=>"unauthorized","title"=>"unauthorized","message"=>"unauthorized"],401);    
  173.             }
  174.             $data_session = [];
  175.             $data_session['user'] = $compte->user;
  176.             $data_session['uuid'] = Uuid::uuid4()->toString();
  177.             $data_session['session'] = (object) [
  178.                 'token'=>$response->token,
  179.                 'agent'=>$_SERVER['HTTP_USER_AGENT']
  180.             ];
  181.             if( !isset($_SESSION['users']) ){
  182.                 $_SESSION['users'] = [];
  183.                 array_push($_SESSION['users'],$data_session);
  184.             }else{
  185.                 $user array_column($_SESSION['users'],"user");   
  186.                 $ids array_column($user,"id");
  187.                 $search_in_array array_search($compte->user->id$ids);
  189.                 if( $search_in_array === false ){
  190.                     array_push($_SESSION['users'],$data_session);
  191.                 }else{
  192.                     // Token renewal
  193.                     $_SESSION['users'][$search_in_array]['session']->token $response->token;
  194.                 }
  195.             }
  196.             if( $this->session->get('user') == null ){
  197.                 self::loadSession($compte->user->id,$params['username'],$params['password'],$this,$request);
  198.             }
  199.             $session = [
  200.                 'X_NOM'=>$this->session->get('user')->X_NOM,
  201.                 'X_PRENOM'=>$this->session->get('user')->X_PRENOM,
  202.                 'IdCompte'=>Utils::DecryptJWT([
  203.                     'secret_key' => iConfig::getCryptSecretKey(),
  204.                     'secret_iv'  => iConfig::getCryptSecretIv(),
  205.                     'text'       => $this->session->get('user')->IdCompte
  206.                 ]),
  207.                 'pic_profile'=>$this->session->get('user')->pic_profile
  208.             ];
  209.             $data Utils::recursiveCryptingJWT("cryptJWT",['id'],$_SESSION['users']);
  210.             $data = [];
  211.             
  212.             $response ApiAuth::usersSignin(['token'=>$response->token,"expiresAfter"=>864000]);
  213.             $token $response->token;
  214.             if(isset($_SESSION['callback_signin'])){
  216.                 $callback_signin $_SESSION['callback_signin'];
  218.                 if( strpos($callback_signin"?") !== false ){
  219.                     $data["redirect"] = $callback_signin "&token=" $token;
  220.                 }else{
  221.                     $data["redirect"] = $callback_signin "?token=" $token;
  222.                 }
  223.                 
  224.                 unset($_SESSION['callback']);
  225.                 unset($_SESSION['callback_signin']);
  226.             }
  227.             $data["token"] = $token;
  228.             return new JsonResponse(["status" => 200 "code" => "success" "message" => "Connected Suscessfully" ,"data" => $data,"session"=>$session]);
  229.         }
  230.         if($params['password']!= ""$messageError "Password is incorrect";
  231.         if($params['otp']!= ""$messageError "otp is incorrect";
  232.         if($response->status == 401){
  233.             // $messageError = "Email is Blocked";
  234.             if($response->code == "credentials_invalid"){
  235.                 $messageError "Email or Password is incorrect";
  236.             }
  237.             if($response->code == "email_blocked"){
  238.                 $messageError "Email is blocked";
  239.             }
  240.             if($response->code == "email_disabled"){
  241.                 $messageError "Email is disabled";
  242.             }
  243.         }
  244.         return new JsonResponse(["status" => 404 "code" => "error" "message" => $messageError],404);
  245.     }
  247.     public function send_relance(Request $request)
  248.     {
  249.         $IdCompte $request->get('IdCompte');
  250.         $password $request->get('password');
  251.         $email $request->get('email');
  253.         $first_Emails = (new Emails())->first(["EMAIL"=>$email]);
  255.         if($first_Emails){
  256.             $body["args"] = [
  257.                 "IdEmail" =>$first_Emails->IDEMAIL,
  258.                 
  259.           ];
  260.           $body["operatedBy"] = Utils::DCryptNum($IdCompte);
  261.         
  262.           $response ApiAuth::sendRelance($body);
  263.   
  264.           if($response->status == 200){
  265.   
  266.               return new JsonResponse(["status" => 200 "code" => "success" "message" => " bien renvoyer "]);
  267.           }
  268.           if($response->status == 422){
  269.           
  270.               return new JsonResponse(["status" => 422 "code" => "error" "message" => $response->message],422);
  271.           }
  272.         }
  273.         
  274.         return new JsonResponse(["status" => 500 "code" => "error" "message" => "unknown error please try again"],500);
  275.     }
  276.     public function get_list_accounts(Request $request)
  277.     {
  278.         
  279.         if(isset($_SESSION['users']) && count($_SESSION['users'])){
  280.             return new JsonResponse(["status" => 200 "code" => "success" "message" => "List Accounts" "data" => $_SESSION['users']]);
  281.         }
  282.         return new JsonResponse(["status" => 404 "code" => "error" "message" => "List Accounts introuvable"]);
  283.     }
  284.     public function connect_with_registred_account(Request $request)
  285.     {
  286.         
  287.         $validators = [];
  288.         if( !$request->request->has('uuid') || empty($request->get('uuid'))){
  289.             $validators['uuid'] = "the uuid field is mandatory";
  290.         }
  291.         if(count($validators)>0){
  292.             throw (new JsonResponse(['code'=>'error','status'=>422,"message"=>"The data provided was invalid","data"=>$validators],422))->send();
  293.         }
  294.         
  295.         $uuid $request->get('uuid');
  296.         $ids = isset($_SESSION['users']) ? array_column($_SESSION['users'],"uuid") :[];
  297.         $search_in_array array_search($uuid$ids);
  298.         $http_user_agent $_SERVER['HTTP_USER_AGENT'];
  300.         if( $search_in_array !== false ){
  301.             $token $_SESSION['users'][$search_in_array]['session']->token;
  302.             $agent_session $_SESSION['users'][$search_in_array]['session']->agent;
  303.             
  304.             $compte ApiAuth::usersVerify(['token'=>$token,"revoke"=>false]);
  305.             
  306.             $user Utils::recursiveCryptingJWT("cryptJWT",['id'],$_SESSION['users'][$search_in_array]);
  307.             
  308.             if( $compte->status == 401 ){
  309.                 return new JsonResponse(['status'=>401,"code"=>"unauthorized","title"=>"unauthorized","message"=>"unauthorized","data"=>[
  310.                     "email" => $user["user"]->username
  311.                 ]],401);
  312.             }
  313.             $data Utils::recursiveCryptingJWT("cryptJWT",['id'],$_SESSION['users']);
  314.             if( $agent_session == $http_user_agent  ){
  316.                 // Todo create new token in order to login in app by token account
  317.                 
  318.                 $response ApiAuth::usersSignin(['token'=>$token,"expiresAfter"=>864000]);
  319.                 $token $response->token;
  320.                 if( empty($token) || $token == "" ){
  321.                     throw (new JsonResponse(['code'=>'error','status'=>422,"message"=>"unknown error please try again","data"=>$validators],422))->send();
  323.                 }
  324.                 $json_response = ['status'=>200,"code"=>"success","message"=>"success","data"=>$data,'token'=>$token];
  325.                 if( isset( $_SESSION['callback_signin'] )  ) {
  326.                     $host_params "token=$token";
  327.     
  329.                     if( strpos($_SESSION['callback_signin'], "?") !== false ){
  330.                         $json_response['redirect'] = $_SESSION['callback_signin']."&$host_params";
  331.                     }else{
  332.                         $json_response['redirect'] = $_SESSION['callback_signin']."?$host_params";
  333.                     }
  334.                     
  335.                     
  336.                     unset($_SESSION['callback']);
  337.                     unset($_SESSION['callback_signin']);
  338.                 }
  339.                 return new JsonResponse($json_response);
  342.             }else{
  343.                 return new JsonResponse(['status'=>1003,"code"=>"http_user_agent","title"=>"agent","message"=>"agent","data"=>[
  344.                     "email" => $user["user"]->username
  345.                 ]]);
  346.             }
  347.             
  348.         }else{
  349.             return new JsonResponse(['status'=>401,"code"=>"unauthorized",
  350.             "title"=>"Session Expired",
  351.             "message"=>"Session Expired"],401);   
  352.         }
  353.     }
  354.     
  355.     public function register_account(Request $request)
  356.     {
  357.         
  359.        
  360.         $validators = [];
  361.         $birthday null;
  362.         
  363.         if( $request->request->has('day') && !empty($request->get('day')) 
  364.             && $request->request->has('month') || !empty($request->get('month')) 
  365.             && $request->request->has('year') || !empty($request->get('year')) ){
  367.            $birthday $request->get('year')."-".$request->get('month')."-".$request->get('day');
  368.         }
  369.         $phone null;
  370.         $telMode null;
  371.         $ville null;
  372.         $langue null;
  374.         if( $request->request->has('ville') && !empty($request->get('ville'))){
  375.             $ville Utils::DCryptNum($request->get('ville'));
  376.         }
  378.         if($request->request->has('langue') && !empty($request->get('langue'))){
  379.             $langue Utils::DCryptNum($request->get('langue'));
  380.         }
  382.         if( $request->request->has('phone') && !empty($request->get('phone')) && $request->request->has('tel_mode') || !empty($request->get('tel_mode')) ){
  383.             $phone $request->get('phone');
  384.             $telMode =  Utils::DCryptNum($request->get('tel_mode'));
  385.            
  386.         }
  387.         $fields = ['email','prenom','nom','password','pays'];
  388.         foreach ($fields as $key => $field) {
  389.             if( !$request->request->has($field) || empty($request->get($field)) ){
  390.                 $validators[$field] = "The $field is required";
  391.             }
  392.         }
  393.         if(count($validators)>0){
  394.             throw (new JsonResponse(['code'=>'error','status'=>422,"message"=>"The data provided was invalid","data"=>$validators],422))->send();
  395.         }
  397.         $compte = [];
  398.         $compte['email'] = $request->get('email');
  399.         $compte['firstName'] = $request->get('prenom');
  400.         $compte['lastName'] = $request->get('nom');
  401.         $compte['password'] = $request->get('password');
  402.         $compte['country'] = Utils::DCryptNum($request->get('pays'));
  403.         $compte['city'] =  $ville;
  404.         $compte['language'] = $langue;
  405.         $compte['birthday'] = $birthday;
  406.         $compte['verificationMode'] = "email";
  407.         $tel_code $telMode;
  408.         if($tel_code != null){
  409.             $pays ApiUtils::GetPays(["query"=>["NumPays"=>$tel_code]]);
  410.             $pays reset($pays);
  411.             $compte['phone'] = $pays->TELCode.$request->get('phone');
  412.         }
  414.         $response ApiAuth::createCompte($compte);
  415.         
  416.         if($response->status == 200){
  417.             return new JsonResponse(['code'=>'success','status'=>200,"message"=>"Registred successfully"],200);
  418.         }
  419.         return new JsonResponse(['code'=>'error','status'=>500,"message"=>"Some thing went wrong"],500);
  420.     }
  421.     public function verify_account(Request $request)
  422.     {
  423.         $validators = [];
  424.         if( !$request->request->has('type') ){
  425.             $validators['type'] = "The type verification is required";
  426.         }
  427.         if(count($validators)>0){
  428.             throw (new JsonResponse(['code'=>'error','status'=>422,"message"=>"The data provided was invalid","data"=>$validators],422))->send();
  429.         }
  432.         $type $request->get("type");
  433.         if(in_array($type,["email","email_otp"]) && $request->request->has("email")){
  434.             $args = [];
  435.             $args['args']['email'] = $request->get('email');
  436.             // $args['args']['email'] = "laatarsisalaheddine1@gmail.com"; // TODO : remove this line
  437.             $args['args']['IdCompte'] = crc32($args['args']['email']);
  438.             $response ApiAuth::generateEmailOtp($args);
  440.             if($response->status == 200){
  441.                 if(isset($_SESSION['otp'])) unset($_SESSION['otp']);
  442.                 $_SESSION['otp'] = $response->data->otp;
  444.                 return new JsonResponse(['code'=>'success','status'=>200,"message"=>"OTP sent successfully","data"=>["type"=>$type]],200);
  445.             }
  446.         }
  447.         return new JsonResponse(['code'=>'error','status'=>404,"message"=>"Invalid request"],404);
  449.     }
  450.     public function validate_account(Request $request)
  451.     {
  452.         $validators = [];
  453.         if( !isset($_SESSION['otp']) || !$request->request->has('otp') ){
  454.             $validators['otp'] = "The otp is required";
  455.         }
  456.         
  457.         if( isset($_SESSION['otp']) && $request->get('otp') != $_SESSION['otp'] ){
  458.             $validators['otp'] = "The OTP Provided is not valid";
  459.         }
  460.         if(count($validators)>0){
  461.             throw (new JsonResponse(['code'=>'error','status'=>422,"message"=>"The data provided was invalid","data"=>$validators],422))->send();
  462.         }
  464.         return new JsonResponse(['code'=>'success','status'=>200,"message"=>"Validated successfully"],200);
  466.     }
  467.     public function send_password_reset(Request $request)
  468.     {
  469.         $validators = [];
  470.         if( !$request->request->has('email') || empty($request->get('email'))){
  471.             $validators['email'] = "Email is requireds";
  472.         }
  473.         if(count($validators)>0){
  474.             throw (new JsonResponse(['code'=>'error','status'=>422,"title" => "Confirmation Erreur","message"=>"The data provided was invalid","data"=>$validators],422))->send();
  475.         }
  476.         $email $request->get('email');
  477.         $body["args"] = [
  478.             "email" => $email
  479.         ];
  480.         $compte ApiAuth::getCompteByEmail($body);
  481.         if( $compte->compte != null ){
  482.             $body["args"] = [
  483.                 "Email" => $email
  484.             ];
  485.             $body["channels"] = ["mail"];
  486.             $response ApiAuth::reqResetPassword($body);
  487.             if($response->status == 200){
  488.                 return new JsonResponse(['code'=>'success','status'=>200,"message"=>"Email sent successfully"],200);
  489.             }
  490.             return new JsonResponse(["status" => 500 "code" => "error" "message" => "Some thing went wrong"],500);
  491.         }
  492.         return new JsonResponse(["status" => 404 "code" => "error" "message" => "Compte n'existe pas"],404);
  494.     }
  495.     public function submit_password_reset(Request $request)
  496.     {
  497.         
  498.         
  499.         if(!isset($_SESSION['reset_password']) && $_SESSION['reset_password']["ExpireIn"] < time()){
  500.             return new JsonResponse(["status" => 401 "code" => "error" "message" => "Operation Expired"],401);
  501.         }
  503.         $password $request->get('password');
  505.         $IdCompte $_SESSION['reset_password']['IdCompte'];
  506.         $body["args"] = [
  507.             "IdCompte" => $IdCompte,
  508.             "newPassword" => $password
  509.         ];
  510.         $body["channels"] = ["mail"];
  511.         $response ApiAuth::resetPassword($body);
  512.         if($response->status == 200){
  513.             // dd($request->get('token'));
  514.             
  515.             $res ApiAuth::revokeToken(['token'=>$request->get('token'),"revoked_by"=>$IdCompte]);
  516.             return new JsonResponse(["status" => 200 "code" => "success" "message" => "Password changed successfuly"],200);
  517.         }
  518.         
  519.         return new JsonResponse(["status" => 500 "code" => "error" "message" => "some thing went wrong"],500);
  520.     }
  523.     public function get_compte_connect(Request $request)
  524.     {
  525.         $session = [];
  526.         if( $this->session->get('user') != null ){
  527.             $session = [
  528.                 'X_NOM'=>$this->session->get('user')->X_NOM,
  529.                 'X_PRENOM'=>$this->session->get('user')->X_PRENOM,
  530.                 'IdCompte'=>Utils::DecryptJWT([
  531.                     'secret_key' => iConfig::getCryptSecretKey(),
  532.                     'secret_iv'  => iConfig::getCryptSecretIv(),
  533.                     'text'       => $this->session->get('user')->IdCompte
  534.                 ]),
  535.                 'pic_profile'=>$this->session->get('user')->pic_profile
  536.             ];
  537.         }
  538.         return new JsonResponse(["status" => 200 "code" => "success" "message" => "Compte Connected","session"=>$session]);
  539.         
  540.     }
  541.     public function switch_compte(Request $request)
  542.     {
  543.         $validators = [];
  544.         $validators = [];
  545.         if( !$request->request->has('password') || empty($request->get('password')) ){
  546.             $validators['password'] = "otp or password is requireds";
  547.         }
  548.         if( !$request->request->has('email') || empty($request->get('email'))){
  549.             $validators['fields'] = "some fields is requireds";
  550.         }
  552.         if(count($validators)>0){
  553.             // return new JsonResponse(['code'=>'error','status'=>422,"message"=>"The data provided was invalid","data"=>$validators],422);
  554.             throw (new JsonResponse(['code'=>'error','status'=>422,"title" => "Confirmation Erreur","message"=>"The data provided was invalid","data"=>$validators],422))->send();
  555.         }
  556.         
  557.         $params = [];
  558.         $params['username'] =   $request->get('email');
  559.         $params['password'] =   $request->get('password');
  560.         $params['expiresAfter'] = 864000;
  561.         
  562.         $response ApiAuth::usersSignin($params);
  563.         if( isset($response->token) ){
  564.             $compte ApiAuth::usersVerify(['token'=>$response->token,"revoke"=>false]);
  565.             self::loadSession($compte->user->id,$params['username'],$params['password'],$this,$request);
  566.             $session = [
  567.                 'X_NOM'=>$this->session->get('user')->X_NOM,
  568.                 'X_PRENOM'=>$this->session->get('user')->X_PRENOM,
  569.                 'IdCompte'=>$this->session->get('user')->IdCompte,
  570.                 'pic_profile'=>$this->session->get('user')->pic_profile
  571.             ];
  572.             $json_response = ['status'=>200,"code"=>"success","message"=>"compte switched","session"=>$session];
  573.             return new JsonResponse($json_response);
  574.         }
  575.         return new JsonResponse(["status" => 404 "code" => "error" "message" => "username or password incorrect"],404);
  578.     }
  579.     public function disconnect_compte(Request $request)
  580.     {
  581.         $connectedUser $this->session->get('user');
  582.         // matcherd user from users
  583.         $user array_filter($_SESSION['users'] , function($object) use ($connectedUser){
  584.             if( $connectedUser->IdCompte == $object["user"]->id){
  585.                 return $object;
  586.             }
  587.         });
  588.         $index array_keys($user);
  589.         // remove user from users session 
  590.         unset($_SESSION['users'][$index[0]]);
  591.         $_SESSION['users'] = array_values($_SESSION['users']);
  592.         $user reset($user);
  593.         $data["user_uuid"] =  $user["uuid"];
  594.         $this->session->remove('user');
  595.         $this->tokenStorage->setToken(null);
  596.         return new JsonResponse(["status" => 200 "code" => "success" "message" => "Compte Disconnected" "data" => $data],200);
  597.     }
  599.     protected static function loadSession($IdCompte,$identifiant,$password,$current,$request)
  600.     {
  601.         $current->tokenStorage->setToken(null);
  602.         // $request->getSession()->invalidate();
  604.         $compte ApiAuth::compteDetail($IdCompte);
  605.         $current->session->set('user'$compte->data->compte );
  606.         $current->session->set('compteid'$compte->data->compte->IdCompte );
  607.         $current->session->set('user_image'$compte->data->compte->pic_profile);
  609.         $user = new User();
  610.         $user->setId($compte->data->compte->IdCompte);
  611.         $user->setUserName($compte->data->compte->X_NOM.' '.$compte->data->compte->X_PRENOM);
  612.         $user->setEmail($identifiant);
  613.         $user->setFirstName($compte->data->compte->X_PRENOM);
  614.         $user->setLastName($compte->data->compte->X_NOM);
  615.         $user->setUserImage($compte->data->compte->pic_profile);
  616.         $user->setRoles(['ROLE_ADMIN']);
  617.         //Create session for symfony
  618.         $token = new UsernamePasswordToken($usernull'main', ['ROLE_ADMIN']);
  620.         $current->tokenStorage->setToken($token);
  621.         $request->getSession()->set('_security_main'serialize($token));
  623.         $dispatcher = new EventDispatcher();
  624.         $event = new InteractiveLoginEvent($request$token);
  625.         $dispatcher->dispatch($event);
  626.         try {
  627.             //generate user token
  628.             $uToken = new userToken(null,$current->session);
  629.             $userToken $uToken->authenticate($identifiant$password);
  630.             
  631.         } catch ( \Exception $th) {
  632.             error_log$th->getMessage() , 0);
  633.         }
  635.         // try {
  636.         //     // must check $userToken->status == 200 before continue
  637.         //     //push cookie 
  638.         //     $cToken = new cookieToken(null,$current->session);
  639.         //     $cToken->user_token = $userToken->token;
  640.         //     $cToken->set('lastName',$compte->data->compte->X_NOM);
  641.         //     $cToken->set('firstName',$compte->data->compte->X_PRENOM);
  642.         //     $cToken->push();
  643.             
  644.         // } catch ( \Exception $th) {
  645.         //     error_log( $th->getMessage() , 0);
  646.         // }
  648.         //test if request is xhr
  649.         if ($request->isXmlHttpRequest()){
  650.             return new JsonResponse(['message' => 'authenticated' 'code' => 'authenticated' 'status' => 200], 200);
  651.         }
  652.     }
  654.     public function get_apps(Request $request)
  655.     {   
  656.         try {
  657.             $body=[];
  658.             $results ApiUtils::GetApps($body);
  659.             $results Utils::recursiveCryptingJWT('cryptJWT',
  660.             ["ClientId""IdApps""IdAppsCat""IdAppsParent""IdEse""IdServerSmtpIn""IdServerSmtpOut"],$results);
  661.             return new JsonResponse($results); 
  662.             } catch (Exception $e) {
  663.                 return new JsonResponse(['error' => $e->getMessage()], 400);
  664.             }   
  665.     }
  667.     
  668. }