]> Raphaël G. Git Repositories - userbundle/blobdiff - Controller/DefaultController.php
Add index function
[userbundle] / Controller / DefaultController.php
index 4bab49ba9dbdcaa48d6d240ca9345da42ed79635..6fc41114a618dea4642c000fa9729e05f0fc5ee4 100644 (file)
-<?php
+<?php declare(strict_types=1);
+
+/*
+ * This file is part of the Rapsys UserBundle package.
+ *
+ * (c) Raphaël Gertz <symfony@rapsys.eu>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
 
 namespace Rapsys\UserBundle\Controller;
 
-use Rapsys\UserBundle\Utils\Slugger;
+use Doctrine\DBAL\Exception\UniqueConstraintViolationException;
 use Symfony\Bridge\Twig\Mime\TemplatedEmail;
-use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
-use Symfony\Component\DependencyInjection\ContainerInterface;
 use Symfony\Component\Form\FormError;
 use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\Mailer\Exception\TransportExceptionInterface;
-use Symfony\Component\Mailer\MailerInterface;
 use Symfony\Component\Mime\Address;
 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
-use Symfony\Component\Routing\RouterInterface;
-use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
 use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
-use Symfony\Component\Translation\TranslatorInterface;
 
+use Rapsys\UserBundle\RapsysUserBundle;
+
+/**
+ * {@inheritdoc}
+ */
 class DefaultController extends AbstractController {
-       //Config array
-       protected $config;
-
-       //Translator instance
-       protected $translator;
-
-       public function __construct(ContainerInterface $container, TranslatorInterface $translator, RouterInterface $router) {
-               //Retrieve config
-               $this->config = $container->getParameter($this->getAlias());
-
-               //Set the translator
-               $this->translator = $translator;
-
-               //Get current action
-               //XXX: we don't use this as it would be too slow, maybe ???
-               #$action = str_replace(self::getAlias().'_', '', $container->get('request_stack')->getCurrentRequest()->get('_route'));
-
-               //Inject every requested route in view and mail context
-               foreach($this->config as $tag => $current) {
-                       //Look for entry with route subkey
-                       if (!empty($current['route'])) {
-                               //Generate url for both view and mail
-                               foreach(['view', 'mail'] as $view) {
-                                       //Check that context key is usable
-                                       if (isset($current[$view]['context']) && is_array($current[$view]['context'])) {
-                                               //Process every routes
-                                               foreach($current['route'] as $route => $key) {
-                                                       //Skip recover_mail route as it requires some parameters
-                                                       if ($route == 'recover_mail') {
-                                                               continue;
-                                                       }
-                                                       //Check that key is empty
-                                                       if (!isset($current[$view]['context'][$key])) {
-                                                               //Generate the route
-                                                               $this->config[$tag][$view]['context'][$key] = $router->generate(
-                                                                       $this->config['route'][$route]['name'],
-                                                                       $this->config['route'][$route]['context'],
-                                                                       //Generate absolute url for mails
-                                                                       $view=='mail'?UrlGeneratorInterface::ABSOLUTE_URL:UrlGeneratorInterface::ABSOLUTE_PATH
-                                                               );
-                                                       }
-                                               }
-                                       }
+       /**
+        * User index
+        *
+        * @param Request $request The request
+        * @return Response The response
+        */
+       public function index(Request $request): Response {
+               //Without admin
+               if (!$this->checker->isGranted($this->config['default']['admin'])) {
+                       //Throw 403
+                       throw $this->createAccessDeniedException($this->translator->trans('Unable to list users'));
+               }
+
+               //Get count
+               $this->context['count'] = $this->doctrine->getRepository($this->config['class']['user'])->findCountAsInt();
+
+               //With not enough users
+               if ($this->context['count'] - $this->page * $this->limit < 0) {
+                       //Throw 404
+                       throw $this->createNotFoundException($this->translator->trans('Unable to find users'));
+               }
+
+               //Get users
+               $this->context['users'] = $this->doctrine->getRepository($this->config['class']['user'])->findAllAsArray($this->page, $this->limit);
+
+               //Render view
+               return $this->render(
+                       //Template
+                       $this->config['index']['view']['name'],
+                       //Context
+                       $this->context+$this->config['index']['view']['context']
+               );
+       }
+
+       /**
+        * Confirm account from mail link
+        *
+        * @param Request $request The request
+        * @param string $hash The hashed password
+        * @param string $mail The shorted mail address
+        * @return Response The response
+        */
+       public function confirm(Request $request, string $hash, string $mail): Response {
+               //With invalid hash
+               if ($hash != $this->slugger->hash($mail)) {
+                       //Throw bad request
+                       throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
+               }
+
+               //Get mail
+               $mail = $this->slugger->unshort($smail = $mail);
+
+               //Without valid mail
+               if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) {
+                       //Throw bad request
+                       //XXX: prevent slugger reverse engineering by not displaying decoded mail
+                       throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $smail]));
+               }
+
+               //Without existing registrant
+               if (!($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) {
+                       //Add error message mail already exists
+                       //XXX: prevent slugger reverse engineering by not displaying decoded mail
+                       $this->addFlash('error', $this->translator->trans('Account %mail% do not exists', ['%mail%' => $smail]));
+
+                       //Redirect to register view
+                       return $this->redirectToRoute($this->config['route']['register']['name'], $this->config['route']['register']['context']);
+               }
+
+               //Set active
+               $user->setActive(true);
+
+               //Persist user
+               $this->manager->persist($user);
+
+               //Send to database
+               $this->manager->flush();
+
+               //Add error message mail already exists
+               $this->addFlash('notice', $this->translator->trans('Your account has been activated'));
+
+               //Redirect to user view
+               return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']);
+       }
+
+       /**
+        * Edit account by shorted mail
+        *
+        * @param Request $request The request
+        * @param string $hash The hashed password
+        * @param string $mail The shorted mail address
+        * @return Response The response
+        */
+       public function edit(Request $request, string $hash, string $mail): Response {
+               //With invalid hash
+               if ($hash != $this->slugger->hash($mail)) {
+                       //Throw bad request
+                       throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
+               }
+
+               //Get mail
+               $mail = $this->slugger->unshort($smail = $mail);
+
+               //With existing subscriber
+               if (empty($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) {
+                       //Throw not found
+                       //XXX: prevent slugger reverse engineering by not displaying decoded mail
+                       throw $this->createNotFoundException($this->translator->trans('Unable to find account %mail%', ['%mail%' => $smail]));
+               }
+
+               //Prevent access when not admin, user is not guest and not currently logged user
+               if (!$this->checker->isGranted($this->config['default']['admin']) && $user != $this->security->getUser() || !$this->checker->isGranted('IS_AUTHENTICATED_FULLY')) {
+                       //Throw access denied
+                       //XXX: prevent slugger reverse engineering by not displaying decoded mail
+                       throw $this->createAccessDeniedException($this->translator->trans('Unable to access user: %mail%', ['%mail%' => $smail]));
+               }
+               
+               //Create the EditType form and give the proper parameters
+               $edit = $this->createForm($this->config['edit']['view']['edit'], $user, [
+                       //Set action to edit route name and context
+                       'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']),
+                       //Set civility class
+                       'civility_class' => $this->config['class']['civility'],
+                       //Set civility default
+                       'civility_default' => $this->doctrine->getRepository($this->config['class']['civility'])->findOneByTitle($this->config['default']['civility']),
+                       //Set method
+                       'method' => 'POST'
+               ]+($this->checker->isGranted($this->config['default']['admin'])?$this->config['edit']['admin']:$this->config['edit']['field']));
+
+               //With admin role
+               if ($this->checker->isGranted($this->config['default']['admin'])) {
+                       //Create the EditType form and give the proper parameters
+                       $reset = $this->createForm($this->config['edit']['view']['reset'], $user, [
+                               //Set action to edit route name and context
+                               'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']),
+                               //Set method
+                               'method' => 'POST'
+                       ]);
+
+                       //With post method
+                       if ($request->isMethod('POST')) {
+                               //Refill the fields in case the form is not valid.
+                               $reset->handleRequest($request);
+
+                               //With reset submitted and valid
+                               if ($reset->isSubmitted() && $reset->isValid()) {
+                                       //Set data
+                                       $data = $reset->getData();
+
+                                       //Set password
+                                       $data->setPassword($this->hasher->hashPassword($data, $data->getPassword()));
+
+                                       //Queue snippet save
+                                       $this->manager->persist($data);
+
+                                       //Flush to get the ids
+                                       $this->manager->flush();
+
+                                       //Add notice
+                                       $this->addFlash('notice', $this->translator->trans('Account %mail% password updated', ['%mail%' => $mail = $data->getMail()]));
+
+                                       //Redirect to cleanup the form
+                                       return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail = $this->slugger->short($mail), 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']);
+                               }
+                       }
+
+                       //Add reset view
+                       $this->config['edit']['view']['context']['reset'] = $reset->createView();
+               }
+
+               //With post method
+               if ($request->isMethod('POST')) {
+                       //Refill the fields in case the form is not valid.
+                       $edit->handleRequest($request);
+
+                       //With edit submitted and valid
+                       if ($edit->isSubmitted() && $edit->isValid()) {
+                               //Set data
+                               $data = $edit->getData();
+
+                               //Queue snippet save
+                               $this->manager->persist($data);
+
+                               //Try saving in database
+                               try {
+                                       //Flush to get the ids
+                                       $this->manager->flush();
+
+                                       //Add notice
+                                       $this->addFlash('notice', $this->translator->trans('Account %mail% updated', ['%mail%' => $mail = $data->getMail()]));
+
+                                       //Redirect to cleanup the form
+                                       return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail = $this->slugger->short($mail), 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']);
+                               //Catch double slug or mail
+                               } catch (UniqueConstraintViolationException $e) {
+                                       //Add error message mail already exists
+                                       $this->addFlash('error', $this->translator->trans('Account %mail% already exists', ['%mail%' => $data->getMail()]));
                                }
                        }
+               //Without admin role
+               //XXX: prefer a reset on login to force user unspam action
+               } elseif (!$this->checker->isGranted($this->config['default']['admin'])) {
+                       //Add notice
+                       $this->addFlash('notice', $this->translator->trans('To change your password login with your mail and any password then follow the procedure'));
                }
+
+               //Render view
+               return $this->render(
+                       //Template
+                       $this->config['edit']['view']['name'],
+                       //Context
+                       ['edit' => $edit->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['edit']['view']['context']
+               );
        }
 
-       public function login(Request $request, AuthenticationUtils $authenticationUtils) {
+       /**
+        * Login
+        *
+        * @param Request $request The request
+        * @param AuthenticationUtils $authenticationUtils The authentication utils
+        * @param ?string $hash The hashed password
+        * @param ?string $mail The shorted mail address
+        * @return Response The response
+        */
+       public function login(Request $request, AuthenticationUtils $authenticationUtils, ?string $hash, ?string $mail): Response {
                //Create the LoginType form and give the proper parameters
                $login = $this->createForm($this->config['login']['view']['form'], null, [
                        //Set action to login route name and context
                        'action' => $this->generateUrl($this->config['route']['login']['name'], $this->config['route']['login']['context']),
+                       //Set method
                        'method' => 'POST'
                ]);
 
                //Init context
                $context = [];
 
+               //With mail
+               if (!empty($mail) && !empty($hash)) {
+                       //With invalid hash
+                       if ($hash != $this->slugger->hash($mail)) {
+                               //Throw bad request
+                               throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
+                       }
+
+                       //Get mail
+                       $mail = $this->slugger->unshort($smail = $mail);
+
+                       //Without valid mail
+                       if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) {
+                               //Throw bad request
+                               throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $smail]));
+                       }
+
+                       //Prefilled mail
+                       $login->get('mail')->setData($mail);
                //Last username entered by the user
-               if ($lastUsername = $authenticationUtils->getLastUsername()) {
+               } elseif ($lastUsername = $authenticationUtils->getLastUsername()) {
                        $login->get('mail')->setData($lastUsername);
                }
 
@@ -94,19 +300,24 @@ class DefaultController extends AbstractController {
                        $recover = $this->createForm($this->config['recover']['view']['form'], null, [
                                //Set action to recover route name and context
                                'action' => $this->generateUrl($this->config['route']['recover']['name'], $this->config['route']['recover']['context']),
+                               //Without password
+                               'password' => false,
+                               //Set method
                                'method' => 'POST'
                        ]);
 
-                       //Set mail from login form
-                       $recover->get('mail')->setData($login->get('mail')->getData());
-
-                       //Add recover error
-                       $recover->addError(new FormError(
-                               $this->translator->trans('Use this form to recover your account')
-                       ));
+                       //Get recover mail entity
+                       $recover->get('mail')
+                               //Set mail from login form
+                               ->setData($login->get('mail')->getData())
+                               //Add recover error
+                               ->addError(new FormError($this->translator->trans('Use this form to recover your account')));
 
                        //Add recover form to context
                        $context['recover'] = $recover->createView();
+               } else {
+                       //Add notice
+                       $this->addFlash('notice', $this->translator->trans('To change your password login with your mail and any password then follow the procedure'));
                }
 
                //Render view
@@ -114,374 +325,407 @@ class DefaultController extends AbstractController {
                        //Template
                        $this->config['login']['view']['name'],
                        //Context
-                       ['login' => $login->createView()]+$context+$this->config['login']['view']['context']
+                       ['login' => $login->createView(), 'disabled' => $request->query->get('disabled', 0), 'sent' => $request->query->get('sent', 0)]+$context+$this->config['login']['view']['context']
                );
        }
 
-       public function recover(Request $request, Slugger $slugger, MailerInterface $mailer) {
-               //Create the RecoverType form and give the proper parameters
-               $form = $this->createForm($this->config['recover']['view']['form'], null, array(
-                       //Set action to recover route name and context
-                       'action' => $this->generateUrl($this->config['route']['recover']['name'], $this->config['route']['recover']['context']),
-                       'method' => 'POST'
-               ));
-
-               if ($request->isMethod('POST')) {
-                       //Refill the fields in case the form is not valid.
-                       $form->handleRequest($request);
-
-                       if ($form->isValid()) {
-                               //Get doctrine
-                               $doctrine = $this->getDoctrine();
-
-                               //Set data
-                               $data = $form->getData();
-
-                               //Try to find user
-                               if ($user = $doctrine->getRepository($this->config['class']['user'])->findOneByMail($data['mail'])) {
-                                       //Set mail shortcut
-                                       $mail =& $this->config['recover']['mail'];
-
-                                       //Generate each route route
-                                       foreach($this->config['recover']['route'] as $route => $tag) {
-                                               //Only process defined routes
-                                               if (empty($mail['context'][$tag]) && !empty($this->config['route'][$route])) {
-                                                       //Process for recover mail url
-                                                       if ($route == 'recover_mail') {
-                                                               //Prepend recover context with tag
-                                                               $this->config['route'][$route]['context'] = [
-                                                                       'recipient' => $slugger->short($user->getMail()),
-                                                                       'hash' => $slugger->hash($user->getPassword())
-                                                               ]+$this->config['route'][$route]['context'];
-                                                       }
-                                                       //Set the url in context
-                                                       $mail['context'][$tag] = $this->get('router')->generate(
-                                                               $this->config['route'][$route]['name'],
-                                                               $this->config['route'][$route]['context'],
-                                                               UrlGeneratorInterface::ABSOLUTE_URL
-                                                       );
-
-                                               }
-                                       }
-
-                                       //Set recipient_name
-                                       $mail['context']['recipient_mail'] = $data['mail'];
-
-                                       //Set recipient_name
-                                       $mail['context']['recipient_name'] = trim($user->getForename().' '.$user->getSurname().($user->getPseudonym()?' ('.$user->getPseudonym().')':''));
-
-                                       //Init subject context
-                                       $subjectContext = [];
-
-                                       //Process each context pair
-                                       foreach($mail['context']+$this->config['recover']['view']['context'] as $k => $v) {
-                                               //Reinsert each context pair with the key surrounded by %
-                                               $subjectContext['%'.$k.'%'] = $v;
-                                       }
+       /**
+        * Recover account
+        *
+        * @param Request $request The request
+        * @param ?string $hash The hashed password
+        * @param ?string $pass The shorted password
+        * @param ?string $mail The shorted mail address
+        * @return Response The response
+        */
+       public function recover(Request $request, ?string $hash, ?string $pass, ?string $mail): Response {
+               //Set user
+               $user = null;
 
-                                       //Translate subject
-                                       $mail['subject'] = ucfirst($this->translator->trans($mail['subject'], $subjectContext));
+               //Set context
+               $context = [];
 
-                                       //Create message
-                                       $message = (new TemplatedEmail())
-                                               //Set sender
-                                               ->from(new Address($this->config['contact']['mail'], $this->config['contact']['name']))
-                                               //Set recipient
-                                               //XXX: remove the debug set in vendor/symfony/mime/Address.php +46
-                                               ->to(new Address($mail['context']['recipient_mail'], $mail['context']['recipient_name']))
-                                               //Set subject
-                                               ->subject($mail['subject'])
+               //With mail, pass and hash
+               if (!empty($mail) && !empty($pass) && !empty($hash)) {
+                       //With invalid hash
+                       if ($hash != $this->slugger->hash($mail.$pass)) {
+                               //Throw bad request
+                               throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
+                       }
 
-                                               //Set path to twig templates
-                                               ->htmlTemplate($mail['html'])
-                                               ->textTemplate($mail['text'])
+                       //Get mail
+                       $mail = $this->slugger->unshort($smail = $mail);
 
-                                               //Set context
-                                               ->context(['subject' => $mail['subject']]+$mail['context']+$this->config['recover']['view']['context']);
+                       //Without valid mail
+                       if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) {
+                               //Throw bad request
+                               //XXX: prevent slugger reverse engineering by not displaying decoded mail
+                               throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $smail]));
+                       }
 
-                                       //Try sending message
-                                       //XXX: mail delivery may silently fail
-                                       try {
-                                               //Send message
-                                               $mailer->send($message);
+                       //With existing subscriber
+                       if (empty($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) {
+                               //Throw not found
+                               //XXX: prevent slugger reverse engineering by not displaying decoded mail
+                               throw $this->createNotFoundException($this->translator->trans('Unable to find account %mail%', ['%mail%' => $smail]));
+                       }
 
-                                               //Redirect on the same route with sent=1 to cleanup form
-                                               #return $this->redirectToRoute('rapsys_user_register', array('sent' => 1));
-                                               return $this->redirectToRoute($request->get('_route'), ['sent' => 1]+$request->get('_route_params'));
-                                       //Catch obvious transport exception
-                                       } catch(TransportExceptionInterface $e) {
-                                               //Add error message mail unreachable
-                                               $form->get('mail')->addError(new FormError($this->translator->trans('Account found but unable to contact: %mail%', array('%mail%' => $data['mail']))));
-                                       }
-                               //Accout not found
-                               } else {
-                                       //Add error message to mail field
-                                       $form->get('mail')->addError(new FormError($this->translator->trans('Unable to find account: %mail%', ['%mail%' => $data['mail']])));
-                               }
+                       //With unmatched pass
+                       if ($pass != $this->slugger->hash($user->getPassword())) {
+                               //Throw not found
+                               //XXX: prevent use of outdated recover link
+                               throw $this->createNotFoundException($this->translator->trans('Outdated recover link'));
                        }
-               }
 
-               //Render view
-               return $this->render(
-                       //Template
-                       $this->config['recover']['view']['name'],
-                       //Context
-                       ['form' => $form->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['recover']['view']['context']
-               );
-       }
+                       //Set context
+                       $context = ['mail' => $smail, 'pass' => $pass, 'hash' => $hash];
+               }
 
-       public function recoverMail(Request $request, UserPasswordEncoderInterface $encoder, Slugger $slugger, MailerInterface $mailer, $recipient, $hash) {
-               //Create the RecoverType form and give the proper parameters
-               $form = $this->createForm($this->config['recover_mail']['view']['form'], null, array(
+               //Create the LoginType form and give the proper parameters
+               $form = $this->createForm($this->config['recover']['view']['form'], $user, [
                        //Set action to recover route name and context
-                       'action' => $this->generateUrl($this->config['route']['recover_mail']['name'], ['recipient' => $recipient, 'hash' => $hash]+$this->config['route']['recover_mail']['context']),
+                       'action' => $this->generateUrl($this->config['route']['recover']['name'], $context+$this->config['route']['recover']['context']),
+                       //With user disable mail
+                       'mail' => ($user === null),
+                       //With user enable password
+                       'password' => ($user !== null),
+                       //Set method
                        'method' => 'POST'
-               ));
+               ]);
 
-               //Get doctrine
-               $doctrine = $this->getDoctrine();
+               //With post method
+               if ($request->isMethod('POST')) {
+                       //Refill the fields in case the form is not valid.
+                       $form->handleRequest($request);
 
-               //Init found
-               $found = false;
+                       //With form submitted and valid
+                       if ($form->isSubmitted() && $form->isValid()) {
+                               //Set data
+                               $data = $form->getData();
 
-               //Retrieve user
-               if (($user = $doctrine->getRepository($this->config['class']['user'])->findOneByMail($slugger->unshort($recipient))) && $found = ($hash == $slugger->hash($user->getPassword()))) {
-                       if ($request->isMethod('POST')) {
-                               //Refill the fields in case the form is not valid.
-                               $form->handleRequest($request);
+                               //With user
+                               if ($user !== null) {
+                                       //Set hashed password
+                                       $hashed = $this->hasher->hashPassword($user, $user->getPassword());
 
-                               if ($form->isValid()) {
-                                       //Set data
-                                       $data = $form->getData();
-
-                                       //set encoded password
-                                       $encoded = $encoder->encodePassword($user, $data['password']);
+                                       //Update pass
+                                       $pass = $this->slugger->hash($hashed);
 
                                        //Set user password
-                                       $user->setPassword($encoded);
-
-                                       //Get manager
-                                       $manager = $doctrine->getManager();
+                                       $user->setPassword($hashed);
 
                                        //Persist user
-                                       $manager->persist($user);
+                                       $this->manager->persist($user);
 
                                        //Send to database
-                                       $manager->flush();
+                                       $this->manager->flush();
 
-                                       //Set mail shortcut
-                                       $mail =& $this->config['recover_mail']['mail'];
+                                       //Add notice
+                                       $this->addFlash('notice', $this->translator->trans('Account password updated'));
 
-                                       //Regen hash
-                                       $hash = $slugger->hash($encoded);
+                                       //Redirect to user login
+                                       return $this->redirectToRoute($this->config['route']['login']['name'], ['mail' => $smail, 'hash' => $this->slugger->hash($smail)]+$this->config['route']['login']['context']);
+                               //Find user by data mail
+                               } elseif ($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($data['mail'])) {
+                                       //Set context
+                                       $context = [
+                                               'recipient_mail' => $user->getMail(),
+                                               'recipient_name' => $user->getRecipientName()
+                                       ] + array_replace_recursive(
+                                               $this->config['context'],
+                                               $this->config['recover']['view']['context'],
+                                               $this->config['recover']['mail']['context']
+                                       );
 
                                        //Generate each route route
-                                       foreach($this->config['recover_mail']['route'] as $route => $tag) {
+                                       foreach($this->config['recover']['route'] as $route => $tag) {
                                                //Only process defined routes
-                                               if (empty($mail['context'][$tag]) && !empty($this->config['route'][$route])) {
+                                               if (!empty($this->config['route'][$route])) {
                                                        //Process for recover mail url
-                                                       if ($route == 'recover_mail') {
-                                                               //Prepend recover context with tag
-                                                               $this->config['route'][$route]['context'] = [
-                                                                       'recipient' => $recipient,
-                                                                       'hash' => $hash
-                                                               ]+$this->config['route'][$route]['context'];
+                                                       if ($route == 'recover') {
+                                                               //Set the url in context
+                                                               $context[$tag] = $this->router->generate(
+                                                                       $this->config['route'][$route]['name'],
+                                                                       //Prepend recover context with tag
+                                                                       [
+                                                                               'mail' => $smail = $this->slugger->short($context['recipient_mail']),
+                                                                               'pass' => $spass = $this->slugger->hash($pass = $user->getPassword()),
+                                                                               'hash' => $this->slugger->hash($smail.$spass)
+                                                                       ]+$this->config['route'][$route]['context'],
+                                                                       UrlGeneratorInterface::ABSOLUTE_URL
+                                                               );
                                                        }
-                                                       //Set the url in context
-                                                       $mail['context'][$tag] = $this->get('router')->generate(
-                                                               $this->config['route'][$route]['name'],
-                                                               $this->config['route'][$route]['context'],
-                                                               UrlGeneratorInterface::ABSOLUTE_URL
-                                                       );
                                                }
                                        }
 
-                                       //Set recipient_name
-                                       $mail['context']['recipient_mail'] = $user->getMail();
+                                       //Iterate on keys to translate
+                                       foreach($this->config['translate'] as $translate) {
+                                               //Extract keys
+                                               $keys = explode('.', $translate);
 
-                                       //Set recipient_name
-                                       $mail['context']['recipient_name'] = trim($user->getForename().' '.$user->getSurname().($user->getPseudonym()?' ('.$user->getPseudonym().')':''));
+                                               //Set current
+                                               $current =& $context;
 
-                                       //Init subject context
-                                       $subjectContext = [];
+                                               //Iterate on each subkey
+                                               do {
+                                                       //Skip unset translation keys
+                                                       if (!isset($current[current($keys)])) {
+                                                               continue(2);
+                                                       }
 
-                                       //Process each context pair
-                                       foreach($mail['context']+$this->config['recover_mail']['view']['context'] as $k => $v) {
-                                               //Reinsert each context pair with the key surrounded by %
-                                               $subjectContext['%'.$k.'%'] = $v;
+                                                       //Set current to subkey
+                                                       $current =& $current[current($keys)];
+                                               } while(next($keys));
+
+                                               //Set translation
+                                               $current = $this->translator->trans($current);
+
+                                               //Remove reference
+                                               unset($current);
                                        }
 
                                        //Translate subject
-                                       $mail['subject'] = ucfirst($this->translator->trans($mail['subject'], $subjectContext));
+                                       $context['subject'] = $subject = ucfirst(
+                                               $this->translator->trans(
+                                                       $this->config['recover']['mail']['subject'],
+                                                       $this->slugger->flatten($context, null, '.', '%', '%')
+                                               )
+                                       );
 
                                        //Create message
                                        $message = (new TemplatedEmail())
                                                //Set sender
-                                               ->from(new Address($this->config['contact']['mail'], $this->config['contact']['name']))
+                                               ->from(new Address($this->config['contact']['address'], $this->config['contact']['name']))
                                                //Set recipient
                                                //XXX: remove the debug set in vendor/symfony/mime/Address.php +46
-                                               ->to(new Address($mail['context']['recipient_mail'], $mail['context']['recipient_name']))
+                                               ->to(new Address($context['recipient_mail'], $context['recipient_name']))
                                                //Set subject
-                                               ->subject($mail['subject'])
+                                               ->subject($context['subject'])
 
                                                //Set path to twig templates
-                                               ->htmlTemplate($mail['html'])
-                                               ->textTemplate($mail['text'])
+                                               ->htmlTemplate($this->config['recover']['mail']['html'])
+                                               ->textTemplate($this->config['recover']['mail']['text'])
 
                                                //Set context
-                                               ->context(['subject' => $mail['subject']]+$mail['context']+$this->config['recover_mail']['view']['context']);
+                                               ->context($context);
 
                                        //Try sending message
                                        //XXX: mail delivery may silently fail
                                        try {
                                                //Send message
-                                               $mailer->send($message);
+                                               $this->mailer->send($message);
+
+                                               //Add notice
+                                               $this->addFlash('notice', $this->translator->trans('Your recovery mail has been sent, to retrieve your account you must follow the recuperate link inside'));
+
+                                               //Add junk warning
+                                               $this->addFlash('warning', $this->translator->trans('If you did not receive a recovery mail, check your Spam or Junk mail folders'));
 
                                                //Redirect on the same route with sent=1 to cleanup form
-                                               return $this->redirectToRoute($request->get('_route'), ['recipient' => $recipient, 'hash' => $hash, 'sent' => 1]+$request->get('_route_params'));
+                                               return $this->redirectToRoute($request->get('_route'), ['sent' => 1]+$request->get('_route_params'), 302);
                                        //Catch obvious transport exception
                                        } catch(TransportExceptionInterface $e) {
                                                //Add error message mail unreachable
-                                               $form->get('password')->get('first')->addError(new FormError($this->translator->trans('Account password updated but unable to contact: %mail%', array('%mail%' => $mail['context']['recipient_mail']))));
+                                               $form->get('mail')->addError(new FormError($this->translator->trans('Unable to reach account')));
                                        }
                                }
                        }
-               //Accout not found
-               } else {
-                       //Add error message to mail field
-                       $form->addError(new FormError($this->translator->trans('Unable to find account: %mail%', ['%mail%' => $slugger->unshort($recipient)])));
                }
 
                //Render view
                return $this->render(
                        //Template
-                       $this->config['recover_mail']['view']['name'],
+                       $this->config['recover']['view']['name'],
                        //Context
-                       ['form' => $form->createView(), 'sent' => $request->query->get('sent', 0), 'found' => $found]+$this->config['recover_mail']['view']['context']
+                       ['recover' => $form->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['recover']['view']['context']
                );
        }
 
-       public function register(Request $request, UserPasswordEncoderInterface $encoder, MailerInterface $mailer) {
+       /**
+        * Register an account
+        *
+        * @param Request $request The request
+        * @return Response The response
+        */
+       public function register(Request $request): Response {
+               //With mail
+               if (!empty($_POST['register']['mail'])) {
+                       //Log new user infos
+                       $this->logger->emergency(
+                               $this->translator->trans(
+                                       'register: mail=%mail% locale=%locale% confirm=%confirm%',
+                                       [
+                                               '%mail%' => $postMail = $_POST['register']['mail'],
+                                               '%locale%' => $request->getLocale(),
+                                               '%confirm%' => $this->router->generate(
+                                                       $this->config['route']['confirm']['name'],
+                                                       //Prepend subscribe context with tag
+                                                       [
+                                                               'mail' => $postSmail = $this->slugger->short($postMail),
+                                                               'hash' => $this->slugger->hash($postSmail)
+                                                       ]+$this->config['route']['confirm']['context'],
+                                                       UrlGeneratorInterface::ABSOLUTE_URL
+                                               )
+                                       ]
+                               )
+                       );
+               }
+
+               //Init reflection
+               $reflection = new \ReflectionClass($this->config['class']['user']);
+
+               //Create new user
+               $user = $reflection->newInstance('', '');
+
                //Create the RegisterType form and give the proper parameters
-               $form = $this->createForm($this->config['register']['view']['form'], null, array(
-                       'class_title' => $this->config['class']['title'],
+               $form = $this->createForm($this->config['register']['view']['form'], $user, [
                        //Set action to register route name and context
                        'action' => $this->generateUrl($this->config['route']['register']['name'], $this->config['route']['register']['context']),
+                       //Set civility class
+                       'civility_class' => $this->config['class']['civility'],
+                       //Set civility default
+                       'civility_default' => $this->doctrine->getRepository($this->config['class']['civility'])->findOneByTitle($this->config['default']['civility']),
+                       //Set method
                        'method' => 'POST'
-               ));
+               ]+($this->checker->isGranted($this->config['default']['admin'])?$this->config['register']['admin']:$this->config['register']['field']));
 
+               //With post method
                if ($request->isMethod('POST')) {
                        //Refill the fields in case the form is not valid.
                        $form->handleRequest($request);
 
-                       if ($form->isValid()) {
+                       //With form submitted and valid
+                       if ($form->isSubmitted() && $form->isValid()) {
                                //Set data
                                $data = $form->getData();
 
-                               //Set mail shortcut
-                               $mail =& $this->config['register']['mail'];
+                               //Set password
+                               $user->setPassword($this->hasher->hashPassword($user, $user->getPassword()));
+
+                               //Persist user
+                               $this->manager->persist($user);
+
+                               //Iterate on default group
+                               foreach($this->config['default']['group'] as $i => $groupTitle) {
+                                       //Fetch group
+                                       if (($group = $this->doctrine->getRepository($this->config['class']['group'])->findOneByTitle($groupTitle))) {
+                                               //Set default group
+                                               //XXX: see vendor/symfony/security-core/Role/Role.php
+                                               $user->addGroup($group);
+                                       //Group not found
+                                       } else {
+                                               //Throw exception
+                                               //XXX: consider missing group as fatal
+                                               throw new \Exception(sprintf('Group %s listed in %s.default.group[%d] not found by title', $groupTitle, RapsysUserBundle::getAlias(), $i));
+                                       }
+                               }
+
+                               //Set context
+                               $context = [
+                                       'recipient_mail' => $user->getMail(),
+                                       'recipient_name' => $user->getRecipientName()
+                               ] + array_replace_recursive(
+                                       $this->config['context'],
+                                       $this->config['register']['view']['context'],
+                                       $this->config['register']['mail']['context']
+                               );
 
                                //Generate each route route
                                foreach($this->config['register']['route'] as $route => $tag) {
-                                       if (empty($mail['context'][$tag]) && !empty($this->config['route'][$route])) {
-                                               $mail['context'][$tag] = $this->get('router')->generate(
-                                                       $this->config['route'][$route]['name'],
-                                                       $this->config['route'][$route]['context'],
-                                                       UrlGeneratorInterface::ABSOLUTE_URL
-                                               );
+                                       //Only process defined routes
+                                       if (!empty($this->config['route'][$route])) {
+                                               //Process for confirm mail url
+                                               if ($route == 'confirm') {
+                                                       //Set the url in context
+                                                       $context[$tag] = $this->router->generate(
+                                                               $this->config['route'][$route]['name'],
+                                                               //Prepend register context with tag
+                                                               [
+                                                                       'mail' => $smail = $this->slugger->short($context['recipient_mail']),
+                                                                       'hash' => $this->slugger->hash($smail)
+                                                               ]+$this->config['route'][$route]['context'],
+                                                               UrlGeneratorInterface::ABSOLUTE_URL
+                                                       );
+                                               }
                                        }
                                }
 
-                               //Set recipient_name
-                               $mail['context']['recipient_mail'] = $data['mail'];
+                               //Iterate on keys to translate
+                               foreach($this->config['translate'] as $translate) {
+                                       //Extract keys
+                                       $keys = explode('.', $translate);
 
-                               //Set recipient_name
-                               $mail['context']['recipient_name'] = trim($data['forename'].' '.$data['surname'].($data['pseudonym']?' ('.$data['pseudonym'].')':''));
+                                       //Set current
+                                       $current =& $context;
+
+                                       //Iterate on each subkey
+                                       do {
+                                               //Skip unset translation keys
+                                               if (!isset($current[current($keys)])) {
+                                                       continue(2);
+                                               }
 
-                               //Init subject context
-                               $subjectContext = [];
+                                               //Set current to subkey
+                                               $current =& $current[current($keys)];
+                                       } while(next($keys));
 
-                               //Process each context pair
-                               foreach($mail['context']+$this->config['register']['view']['context'] as $k => $v) {
-                                       //Reinsert each context pair with the key surrounded by %
-                                       $subjectContext['%'.$k.'%'] = $v;
+                                       //Set translation
+                                       $current = $this->translator->trans($current);
+
+                                       //Remove reference
+                                       unset($current);
                                }
 
                                //Translate subject
-                               $mail['subject'] = ucfirst($this->translator->trans($mail['subject'], $subjectContext));
+                               $context['subject'] = $subject = ucfirst(
+                                       $this->translator->trans(
+                                               $this->config['register']['mail']['subject'],
+                                               $this->slugger->flatten($context, null, '.', '%', '%')
+                                       )
+                               );
 
                                //Create message
                                $message = (new TemplatedEmail())
                                        //Set sender
-                                       ->from(new Address($this->config['contact']['mail'], $this->config['contact']['name']))
+                                       ->from(new Address($this->config['contact']['address'], $this->config['contact']['name']))
                                        //Set recipient
                                        //XXX: remove the debug set in vendor/symfony/mime/Address.php +46
-                                       ->to(new Address($mail['context']['recipient_mail'], $mail['context']['recipient_name']))
+                                       ->to(new Address($context['recipient_mail'], $context['recipient_name']))
                                        //Set subject
-                                       ->subject($mail['subject'])
+                                       ->subject($context['subject'])
 
                                        //Set path to twig templates
-                                       ->htmlTemplate($mail['html'])
-                                       ->textTemplate($mail['text'])
+                                       ->htmlTemplate($this->config['register']['mail']['html'])
+                                       ->textTemplate($this->config['register']['mail']['text'])
 
                                        //Set context
-                                       ->context(['subject' => $mail['subject']]+$mail['context']+$this->config['register']['view']['context']);
-
-                               //Get doctrine
-                               $doctrine = $this->getDoctrine();
-
-                               //Get manager
-                               $manager = $doctrine->getManager();
-
-                               //Init reflection
-                               $reflection = new \ReflectionClass($this->config['class']['user']);
-
-                               //Create new user
-                               $user = $reflection->newInstance();
-
-                               $user->setMail($data['mail']);
-                               $user->setPseudonym($data['pseudonym']);
-                               $user->setForename($data['forename']);
-                               $user->setSurname($data['surname']);
-                               $user->setPhone($data['phone']);
-                               $user->setPassword($encoder->encodePassword($user, $data['password']));
-                               $user->setActive(true);
-                               $user->setTitle($data['title']);
-
-                               //XXX: For now there is no point in setting a role at subscription
-                               //TODO: see if we can't modify group constructor to set role directly from args
-                               //XXX: see vendor/symfony/symfony/src/Symfony/Component/Security/Core/Role/Role.php
-                               #$user->addGroup($doctrine->getRepository($this->config['class']['group'])->findOneByRole('ROLE_USER'));
-
-                               $user->setCreated(new \DateTime('now'));
-                               $user->setUpdated(new \DateTime('now'));
-
-                               //Persist user
-                               $manager->persist($user);
+                                       ->context($context);
 
                                //Try saving in database
                                try {
                                        //Send to database
-                                       $manager->flush();
+                                       $this->manager->flush();
+
+                                       //Add error message mail already exists
+                                       $this->addFlash('notice', $this->translator->trans('Your account has been created'));
 
                                        //Try sending message
                                        //XXX: mail delivery may silently fail
                                        try {
                                                //Send message
-                                               $mailer->send($message);
+                                               $this->mailer->send($message);
 
                                                //Redirect on the same route with sent=1 to cleanup form
-                                               #return $this->redirectToRoute('rapsys_user_register', array('sent' => 1));
                                                return $this->redirectToRoute($request->get('_route'), ['sent' => 1]+$request->get('_route_params'));
                                        //Catch obvious transport exception
                                        } catch(TransportExceptionInterface $e) {
                                                //Add error message mail unreachable
-                                               $form->get('mail')->addError(new FormError($this->translator->trans('Account created but unable to contact: %mail%', array('%mail%' => $data['mail']))));
+                                               $form->get('mail')->addError(new FormError($this->translator->trans('Unable to reach account')));
                                        }
                                //Catch double subscription
-                               } catch (\Doctrine\DBAL\Exception\UniqueConstraintViolationException $e) {
+                               } catch (UniqueConstraintViolationException $e) {
                                        //Add error message mail already exists
-                                       $form->get('mail')->addError(new FormError($this->translator->trans('Account already exists: %mail%', ['%mail%' => $data['mail']])));
+                                       $this->addFlash('error', $this->translator->trans('Account already exists'));
                                }
                        }
                }
@@ -491,14 +735,7 @@ class DefaultController extends AbstractController {
                        //Template
                        $this->config['register']['view']['name'],
                        //Context
-                       ['form' => $form->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['register']['view']['context']
+                       ['register' => $form->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['register']['view']['context']
                );
        }
-
-       /**
-        * {@inheritdoc}
-        */
-       public function getAlias() {
-               return 'rapsys_user';
-       }
 }