]> Raphaël G. Git Repositories - userbundle/blobdiff - Controller/DefaultController.php
Remove slug support
[userbundle] / Controller / DefaultController.php
index 7e163588679981e800c3c31446b37006d6a2f6df..02e0d163e97d05e0266127d3f3b7537e9f347fb8 100644 (file)
@@ -1,14 +1,25 @@
-<?php
+<?php declare(strict_types=1);
+
+/*
+ * This file is part of the Rapsys UserBundle package.
+ *
+ * (c) Raphaël Gertz <symfony@rapsys.eu>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
 
 namespace Rapsys\UserBundle\Controller;
 
+use Doctrine\Bundle\DoctrineBundle\Registry;
+use Doctrine\ORM\EntityManagerInterface;
+use Doctrine\DBAL\Exception\UniqueConstraintViolationException;
+use Psr\Log\LoggerInterface;
 use Symfony\Bridge\Twig\Mime\TemplatedEmail;
-use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
-use Symfony\Component\DependencyInjection\ContainerInterface;
-use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\Form\FormError;
-use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\Mailer\Exception\TransportExceptionInterface;
 use Symfony\Component\Mailer\MailerInterface;
 use Symfony\Component\Mime\Address;
@@ -16,226 +27,29 @@ use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
 use Symfony\Component\Routing\RouterInterface;
 use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
 use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
-use Symfony\Component\Translation\TranslatorInterface;
-use Psr\Log\LoggerInterface;
 
 use Rapsys\PackBundle\Util\SluggerUtil;
 
+/**
+ * {@inheritdoc}
+ */
 class DefaultController extends AbstractController {
-       //Config array
-       protected $config;
-
-       //Translator instance
-       protected $translator;
-
-       /**
-        * Constructor
-        *
-        * @TODO: move all canonical and other view related stuff in an user AbstractController like in RapsysAir render feature !!!!
-        *
-        * @param ContainerInterface $container The containter instance
-        * @param RouterInterface $router The router instance
-        * @param TranslatorInterface $translator The translator instance
-        */
-       public function __construct(ContainerInterface $container, RouterInterface $router, TranslatorInterface $translator) {
-               //Retrieve config
-               $this->config = $container->getParameter($this->getAlias());
-
-               //Set the translator
-               $this->translator = $translator;
-
-               //Get request stack
-               $stack = $container->get('request_stack');
-
-               //Get current request
-               $request = $stack->getCurrentRequest();
-
-               //Get current locale
-               $currentLocale = $request->getLocale();
-
-               //Set locale
-               $this->config['context']['locale'] = str_replace('_', '-', $currentLocale);
-
-               //Set translate array
-               $translates = [];
-
-               //Look for keys to translate
-               if (!empty($this->config['translate'])) {
-                       //Iterate on keys to translate
-                       foreach($this->config['translate'] as $translate) {
-                               //Set tmp
-                               $tmp = null;
-                               //Iterate on keys
-                               foreach(array_reverse(explode('.', $translate)) as $curkey) {
-                                       $tmp = array_combine([$curkey], [$tmp]);
-                               }
-                               //Append tree
-                               $translates = array_replace_recursive($translates, $tmp);
-                       }
-               }
-
-               //Inject every requested route in view and mail context
-               foreach($this->config as $tag => $current) {
-                       //Look for entry with title subkey
-                       if (!empty($current['title'])) {
-                               //Translate title value
-                               $this->config[$tag]['title'] = $translator->trans($current['title']);
-                       }
-
-                       //Look for entry with route subkey
-                       if (!empty($current['route'])) {
-                               //Generate url for both view and mail
-                               foreach(['view', 'mail'] as $view) {
-                                       //Check that context key is usable
-                                       if (isset($current[$view]['context']) && is_array($current[$view]['context'])) {
-                                               //Merge with global context
-                                               $this->config[$tag][$view]['context'] = array_replace_recursive($this->config['context'], $this->config[$tag][$view]['context']);
-
-                                               //Process every routes
-                                               foreach($current['route'] as $route => $key) {
-                                                       //With confirm route
-                                                       if ($route == 'confirm') {
-                                                               //Skip route as it requires some parameters
-                                                               continue;
-                                                       }
-
-                                                       //Set value
-                                                       $value = $router->generate(
-                                                               $this->config['route'][$route]['name'],
-                                                               $this->config['route'][$route]['context'],
-                                                               //Generate absolute url for mails
-                                                               $view=='mail'?UrlGeneratorInterface::ABSOLUTE_URL:UrlGeneratorInterface::ABSOLUTE_PATH
-                                                       );
-
-                                                       //Multi level key
-                                                       if (strpos($key, '.') !== false) {
-                                                               //Set tmp
-                                                               $tmp = $value;
-
-                                                               //Iterate on key
-                                                               foreach(array_reverse(explode('.', $key)) as $curkey) {
-                                                                       $tmp = array_combine([$curkey], [$tmp]);
-                                                               }
-
-                                                               //Set value
-                                                               $this->config[$tag][$view]['context'] = array_replace_recursive($this->config[$tag][$view]['context'], $tmp);
-                                                       //Single level key
-                                                       } else {
-                                                               //Set value
-                                                               $this->config[$tag][$view]['context'][$key] = $value;
-                                                       }
-                                               }
-
-                                               //Look for successful intersections
-                                               if (!empty(array_intersect_key($translates, $this->config[$tag][$view]['context']))) {
-                                                       //Iterate on keys to translate
-                                                       foreach($this->config['translate'] as $translate) {
-                                                               //Set keys
-                                                               $keys = explode('.', $translate);
-
-                                                               //Set tmp
-                                                               $tmp = $this->config[$tag][$view]['context'];
-
-                                                               //Iterate on keys
-                                                               foreach($keys as $curkey) {
-                                                                       //Without child key
-                                                                       if (!isset($tmp[$curkey])) {
-                                                                               //Skip to next key
-                                                                               continue(2);
-                                                                       }
-
-                                                                       //Get child key
-                                                                       $tmp = $tmp[$curkey];
-                                                               }
-
-                                                               //Translate tmp value
-                                                               $tmp = $translator->trans($tmp);
-
-                                                               //Iterate on keys
-                                                               foreach(array_reverse($keys) as $curkey) {
-                                                                       //Set parent key
-                                                                       $tmp = array_combine([$curkey], [$tmp]);
-                                                               }
-
-                                                               //Set value
-                                                               $this->config[$tag][$view]['context'] = array_replace_recursive($this->config[$tag][$view]['context'], $tmp);
-                                                       }
-                                               }
-
-                                               //With view context
-                                               if ($view == 'view') {
-                                                       //Get context path
-                                                       $pathInfo = $router->getContext()->getPathInfo();
-
-                                                       //Iterate on locales excluding current one
-                                                       foreach($this->config['locales'] as $locale) {
-                                                               //Set titles
-                                                               $titles = [];
-
-                                                               //Iterate on other locales
-                                                               foreach(array_diff($this->config['locales'], [$locale]) as $other) {
-                                                                       $titles[$other] = $translator->trans($this->config['languages'][$locale], [], null, $other);
-                                                               }
-
-                                                               //Retrieve route matching path
-                                                               $route = $router->match($pathInfo);
-
-                                                               //Get route name
-                                                               $name = $route['_route'];
-
-                                                               //Unset route name
-                                                               unset($route['_route']);
-
-                                                               //With current locale
-                                                               if ($locale == $currentLocale) {
-                                                                       //Set locale locales context
-                                                                       $this->config[$tag][$view]['context']['canonical'] = $router->generate($name, ['_locale' => $locale]+$route, UrlGeneratorInterface::ABSOLUTE_URL);
-                                                               } else {
-                                                                       //Set locale locales context
-                                                                       $this->config[$tag][$view]['context']['alternates'][$locale] = [
-                                                                               'absolute' => $router->generate($name, ['_locale' => $locale]+$route, UrlGeneratorInterface::ABSOLUTE_URL),
-                                                                               'relative' => $router->generate($name, ['_locale' => $locale]+$route),
-                                                                               'title' => implode('/', $titles),
-                                                                               'translated' => $translator->trans($this->config['languages'][$locale], [], null, $locale)
-                                                                       ];
-                                                               }
-
-                                                               //Add shorter locale
-                                                               if (empty($this->config[$tag][$view]['context']['alternates'][$slocale = substr($locale, 0, 2)])) {
-                                                                       //Add shorter locale
-                                                                       $this->config[$tag][$view]['context']['alternates'][$slocale] = [
-                                                                               'absolute' => $router->generate($name, ['_locale' => $locale]+$route, UrlGeneratorInterface::ABSOLUTE_URL),
-                                                                               'relative' => $router->generate($name, ['_locale' => $locale]+$route),
-                                                                               'title' => implode('/', $titles),
-                                                                               'translated' => $translator->trans($this->config['languages'][$locale], [], null, $locale)
-                                                                       ];
-                                                               }
-                                                       }
-                                               }
-                                       }
-                               }
-                       }
-               }
-       }
-
        /**
         * Confirm account from mail link
         *
         * @param Request $request The request
+        * @param Registry $manager The doctrine registry
         * @param UserPasswordEncoderInterface $encoder The password encoder
+        * @param EntityManagerInterface $manager The doctrine entity manager
         * @param SluggerUtil $slugger The slugger
         * @param MailerInterface $mailer The mailer
         * @param string $mail The shorted mail address
-        * @param string $extra The serialized then shorted extra array
         * @param string $hash The hashed password
         * @return Response The response
         */
-       public function confirm(Request $request, UserPasswordEncoderInterface $encoder, SluggerUtil $slugger, MailerInterface $mailer, $mail, $extra, $hash) {
-               //Get doctrine
-               $doctrine = $this->getDoctrine();
-
+       public function confirm(Request $request, Registry $doctrine, UserPasswordEncoderInterface $encoder, EntityManagerInterface $manager, SluggerUtil $slugger, MailerInterface $mailer, $mail, $hash): Response {
                //With invalid hash
-               if ($hash != $slugger->hash($mail.$extra)) {
+               if ($hash != $slugger->hash($mail)) {
                        //Throw bad request
                        throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
                }
@@ -246,159 +60,76 @@ class DefaultController extends AbstractController {
                //Without valid mail
                if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) {
                        //Throw bad request
-                       throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $mail]));
+                       //XXX: prevent slugger reverse engineering by not displaying decoded mail
+                       throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $smail]));
                }
 
-               //With existing subscriber
-               if ($doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail)) {
+               //Without existing registrant
+               if (!($user = $doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) {
                        //Add error message mail already exists
-                       $this->addFlash('error', $this->translator->trans('Account %mail% already exists', ['%mail%' => $mail]));
-
-                       //Redirect to user view
-                       return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail]+$this->config['route']['edit']['context']);
-               }
-
-               //Get extra
-               $extra = $slugger->unserialize($sextra = $extra);
-
-               //Without valid extra
-               if (!is_array($extra)) {
-                       //Throw bad request
-                       throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'extra', '%value%' => $sextra]));
-               }
-
-               //Extract names and pseudonym from mail
-               $names = explode(' ', $pseudonym = ucwords(trim(preg_replace('/[^a-zA-Z]+/', ' ', current(explode('@', $mail))))));
-
-               //Get manager
-               $manager = $doctrine->getManager();
-
-               //Init reflection
-               $reflection = new \ReflectionClass($this->config['class']['user']);
-
-               //Create new user
-               $user = $reflection->newInstance();
-
-               //Set mail
-               $user->setMail($mail);
-
-               //Set default value
-               $default = [
-                       'civility(title)' => $this->config['default']['civility'],
-                       'pseudonym' => $pseudonym,
-                       'forename' => $names[0]??$pseudonym,
-                       'surname' => $names[1]??$pseudonym,
-                       'password' => $encoder->encodePassword($user, $mail),
-                       'active' => true
-               ];
-
-               //Iterate on each default value
-               //TODO: store add/set action between [] ???
-               foreach($extra+$default as $key => $value) {
-                       //Set member
-                       $member = $key;
-
-                       //With title entity
-                       if (substr($key, -strlen('(title)')) === '(title)') {
-                               //Remove field info
-                               $member = substr($member, 0, -strlen('(title)'));
-
-                               //Get object as value
-                               $value = $doctrine->getRepository($this->config['class'][$member])->findOneByTitle($value);
-                       //With id entity
-                       } elseif (substr($key, -strlen('(id)')) === '(id)') {
-                               //Remove field info
-                               $member = substr($member, 0, -strlen('(id)'));
-
-                               //Get object as value
-                               $value = $doctrine->getRepository($this->config['class'][$key])->findOneById($value);
-                       }
-
-                       //Set value
-                       $user->{'set'.ucfirst($member)}($value);
-
-                       //Unset extra value
-                       unset($extra[$key]);
-               }
+                       //XXX: prevent slugger reverse engineering by not displaying decoded mail
+                       $this->addFlash('error', $this->translator->trans('Account %mail% do not exists', ['%mail%' => $smail]));
 
-               //Iterate on default group
-               foreach($this->config['default']['group'] as $i => $groupTitle) {
-                       //Fetch group
-                       if (($group = $doctrine->getRepository($this->config['class']['group'])->findOneByTitle($groupTitle))) {
-                               //Set default group
-                               //XXX: see vendor/symfony/security-core/Role/Role.php
-                               $user->addGroup($group);
-                       //Group not found
-                       } else {
-                               //Throw exception
-                               //XXX: consider missing group as fatal
-                               throw new \Exception(sprintf('Group from rapsys_user.default.group[%d] not found by title: %s', $i, $groupTitle));
-                       }
+                       //Redirect to register view
+                       return $this->redirectToRoute($this->config['route']['register']['name'], ['mail' => $smail, 'field' => $sfield = $slugger->serialize([]), 'hash' => $slugger->hash($smail.$sfield)]+$this->config['route']['register']['context']);
                }
 
-               $user->setCreated(new \DateTime('now'));
-               $user->setUpdated(new \DateTime('now'));
+               //Set active
+               $user->setActive(true);
 
                //Persist user
                $manager->persist($user);
 
-               //Try saving in database
-               try {
-                       //Send to database
-                       $manager->flush();
+               //Send to database
+               $manager->flush();
 
-                       //Add error message mail already exists
-                       $this->addFlash('notice', $this->translator->trans('Your account has been created'));
-               //Catch double subscription
-               } catch (\Doctrine\DBAL\Exception\UniqueConstraintViolationException $e) {
-                       //Add error message mail already exists
-                       $this->addFlash('error', $this->translator->trans('Account %mail% already exists', ['%mail%' => $mail]));
-               }
+               //Add error message mail already exists
+               $this->addFlash('notice', $this->translator->trans('Your account has been activated'));
 
                //Redirect to user view
-               return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail]+$this->config['route']['edit']['context']);
+               return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $slugger->hash($smail)]+$this->config['route']['edit']['context']);
        }
 
        /**
         * Edit account by shorted mail
         *
         * @param Request $request The request
+        * @param Registry $manager The doctrine registry
+        * @param UserPasswordEncoderInterface $encoder The password encoder
+        * @param EntityManagerInterface $manager The doctrine entity manager
         * @param SluggerUtil $slugger The slugger
         * @param string $mail The shorted mail address
+        * @param string $hash The hashed password
         * @return Response The response
         */
-       public function edit(Request $request, SluggerUtil $slugger, $mail) {
-               //Get doctrine
-               $doctrine = $this->getDoctrine();
+       public function edit(Request $request, Registry $doctrine, UserPasswordEncoderInterface $encoder, EntityManagerInterface $manager, SluggerUtil $slugger, $mail, $hash): Response {
+               //With invalid hash
+               if ($hash != $slugger->hash($mail)) {
+                       //Throw bad request
+                       throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
+               }
 
                //Get mail
                $mail = $slugger->unshort($smail = $mail);
 
                //With existing subscriber
                if (empty($user = $doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) {
-                       var_dump($mail);
                        //Throw not found
                        //XXX: prevent slugger reverse engineering by not displaying decoded mail
                        throw $this->createNotFoundException($this->translator->trans('Unable to find account %mail%', ['%mail%' => $smail]));
                }
 
-               //Get user token
-               $token = new UsernamePasswordToken($user, null, 'none', $user->getRoles());
-
-               //Check if guest
-               $isGuest = $this->get('rapsys_user.access_decision_manager')->decide($token, ['ROLE_GUEST']);
-
                //Prevent access when not admin, user is not guest and not currently logged user
-               if (!$this->isGranted('ROLE_ADMIN') && empty($isGuest) && $user != $this->getUser()) {
+               if (!$this->isGranted('ROLE_ADMIN') && $user != $this->getUser() || !$this->isGranted('IS_AUTHENTICATED_FULLY')) {
                        //Throw access denied
                        //XXX: prevent slugger reverse engineering by not displaying decoded mail
                        throw $this->createAccessDeniedException($this->translator->trans('Unable to access user: %mail%', ['%mail%' => $smail]));
                }
 
                //Create the RegisterType form and give the proper parameters
-               $form = $this->createForm($this->config['register']['view']['form'], $user, [
+               $edit = $this->createForm($this->config['edit']['view']['edit'], $user, [
                        //Set action to register route name and context
-                       'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail]+$this->config['route']['edit']['context']),
+                       'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $slugger->hash($smail)]+$this->config['route']['edit']['context']),
                        //Set civility class
                        'civility_class' => $this->config['class']['civility'],
                        //Set civility default
@@ -406,42 +137,88 @@ class DefaultController extends AbstractController {
                        //Disable mail
                        'mail' => $this->isGranted('ROLE_ADMIN'),
                        //Disable password
-                       //XXX: prefer a reset on login to force user unspam action
                        'password' => false,
                        //Set method
                        'method' => 'POST'
-               ]);
-
-               if ($request->isMethod('POST')) {
-                       //Refill the fields in case the form is not valid.
-                       $form->handleRequest($request);
+               ]+$this->config['edit']['field']);
+
+               //With admin role
+               if ($this->isGranted('ROLE_ADMIN')) {
+                       //Create the LoginType form and give the proper parameters
+                       $reset = $this->createForm($this->config['edit']['view']['reset'], $user, [
+                               //Set action to register route name and context
+                               'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $slugger->hash($smail)]+$this->config['route']['edit']['context']),
+                               //Disable mail
+                               'mail' => false,
+                               //Set method
+                               'method' => 'POST'
+                       ]);
 
-                       if ($form->isValid()) {
-                               //Set data
-                               $data = $form->getData();
+                       //With post method
+                       if ($request->isMethod('POST')) {
+                               //Refill the fields in case the form is not valid.
+                               $reset->handleRequest($request);
 
-                               //Get manager
-                               $manager = $doctrine->getManager();
+                               //With reset submitted and valid
+                               if ($reset->isSubmitted() && $reset->isValid()) {
+                                       //Set data
+                                       $data = $reset->getData();
 
-                               //Queue snippet save
-                               $manager->persist($data);
+                                       //Set password
+                                       $data->setPassword($encoder->encodePassword($data, $data->getPassword()));
 
-                               //Flush to get the ids
-                               $manager->flush();
+                                       //Queue snippet save
+                                       $manager->persist($data);
 
-                               //Add notice
-                               $this->addFlash('notice', $this->translator->trans('Account %mail% updated', ['%mail%' => $mail]));
+                                       //Flush to get the ids
+                                       $manager->flush();
 
-                               //Redirect to user view
-                               //TODO: extract referer ??? or useless ???
-                               return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail]+$this->config['route']['edit']['context']);
+                                       //Add notice
+                                       $this->addFlash('notice', $this->translator->trans('Account %mail% password updated', ['%mail%' => $mail = $data->getMail()]));
 
-                               //Redirect to cleanup the form
-                               return $this->redirectToRoute('rapsys_air', ['user' => $data->getId()]);
+                                       //Redirect to cleanup the form
+                                       return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail = $slugger->short($mail), 'hash' => $slugger->hash($smail)]+$this->config['route']['edit']['context']);
+                               }
                        }
+
+                       //Add reset view
+                       $this->config['edit']['view']['context']['reset'] = $reset->createView();
+               //Without admin role
+               //XXX: prefer a reset on login to force user unspam action
                } else {
                        //Add notice
-                       $this->addFlash('notice', $this->translator->trans('To change your password login with your mail %mail% and any password then follow the procedure', ['%mail%' => $mail]));
+                       $this->addFlash('notice', $this->translator->trans('To change your password login with your mail and any password then follow the procedure'));
+               }
+
+               //With post method
+               if ($request->isMethod('POST')) {
+                       //Refill the fields in case the form is not valid.
+                       $edit->handleRequest($request);
+
+                       //With edit submitted and valid
+                       if ($edit->isSubmitted() && $edit->isValid()) {
+                               //Set data
+                               $data = $edit->getData();
+
+                               //Queue snippet save
+                               $manager->persist($data);
+
+                               //Try saving in database
+                               try {
+                                       //Flush to get the ids
+                                       $manager->flush();
+
+                                       //Add notice
+                                       $this->addFlash('notice', $this->translator->trans('Account %mail% updated', ['%mail%' => $mail = $data->getMail()]));
+
+                                       //Redirect to cleanup the form
+                                       return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail = $slugger->short($mail), 'hash' => $slugger->hash($smail)]+$this->config['route']['edit']['context']);
+                               //Catch double slug or mail
+                               } catch (UniqueConstraintViolationException $e) {
+                                       //Add error message mail already exists
+                                       $this->addFlash('error', $this->translator->trans('Account %mail% or with slug %slug% already exists', ['%mail%' => $data->getMail(), '%slug%' => $slug]));
+                               }
+                       }
                }
 
                //Render view
@@ -449,7 +226,7 @@ class DefaultController extends AbstractController {
                        //Template
                        $this->config['edit']['view']['name'],
                        //Context
-                       ['form' => $form->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['edit']['view']['context']
+                       ['edit' => $edit->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['edit']['view']['context']
                );
        }
 
@@ -458,21 +235,47 @@ class DefaultController extends AbstractController {
         *
         * @param Request $request The request
         * @param AuthenticationUtils $authenticationUtils The authentication utils
+        * @param RouterInterface $router The router instance
+        * @param SluggerUtil $slugger The slugger
+        * @param string $mail The shorted mail address
+        * @param string $hash The hashed password
         * @return Response The response
         */
-       public function login(Request $request, AuthenticationUtils $authenticationUtils) {
+       public function login(Request $request, AuthenticationUtils $authenticationUtils, RouterInterface $router, SluggerUtil $slugger, $mail, $hash): Response {
                //Create the LoginType form and give the proper parameters
                $login = $this->createForm($this->config['login']['view']['form'], null, [
                        //Set action to login route name and context
                        'action' => $this->generateUrl($this->config['route']['login']['name'], $this->config['route']['login']['context']),
+                       //Disable repeated password
+                       'password_repeated' => false,
+                       //Set method
                        'method' => 'POST'
                ]);
 
                //Init context
                $context = [];
 
+               //With mail
+               if (!empty($mail) && !empty($hash)) {
+                       //With invalid hash
+                       if ($hash != $slugger->hash($mail)) {
+                               //Throw bad request
+                               throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
+                       }
+
+                       //Get mail
+                       $mail = $slugger->unshort($smail = $mail);
+
+                       //Without valid mail
+                       if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) {
+                               //Throw bad request
+                               throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $smail]));
+                       }
+
+                       //Prefilled mail
+                       $login->get('mail')->setData($mail);
                //Last username entered by the user
-               if ($lastUsername = $authenticationUtils->getLastUsername()) {
+               } elseif ($lastUsername = $authenticationUtils->getLastUsername()) {
                        $login->get('mail')->setData($lastUsername);
                }
 
@@ -484,7 +287,7 @@ class DefaultController extends AbstractController {
                        //Add error message to mail field
                        $login->get('mail')->addError(new FormError($error));
 
-                       //Create the RecoverType form and give the proper parameters
+                       //Create the LoginType form and give the proper parameters
                        $recover = $this->createForm($this->config['recover']['view']['form'], null, [
                                //Set action to recover route name and context
                                'action' => $this->generateUrl($this->config['route']['recover']['name'], $this->config['route']['recover']['context']),
@@ -521,7 +324,9 @@ class DefaultController extends AbstractController {
         * Recover account
         *
         * @param Request $request The request
+        * @param Registry $manager The doctrine registry
         * @param UserPasswordEncoderInterface $encoder The password encoder
+        * @param EntityManagerInterface $manager The doctrine entity manager
         * @param SluggerUtil $slugger The slugger
         * @param MailerInterface $mailer The mailer
         * @param string $mail The shorted mail address
@@ -529,13 +334,10 @@ class DefaultController extends AbstractController {
         * @param string $hash The hashed password
         * @return Response The response
         */
-       public function recover(Request $request, UserPasswordEncoderInterface $encoder, SluggerUtil $slugger, MailerInterface $mailer, $mail, $pass, $hash) {
-               //Get doctrine
-               $doctrine = $this->getDoctrine();
-
+       public function recover(Request $request, Registry $doctrine, UserPasswordEncoderInterface $encoder, EntityManagerInterface $manager, SluggerUtil $slugger, MailerInterface $mailer, $mail, $pass, $hash): Response {
                //Without mail, pass and hash
                if (empty($mail) && empty($pass) && empty($hash)) {
-                       //Create the RecoverType form and give the proper parameters
+                       //Create the LoginType form and give the proper parameters
                        $form = $this->createForm($this->config['recover']['view']['form'], null, [
                                //Set action to recover route name and context
                                'action' => $this->generateUrl($this->config['route']['recover']['name'], $this->config['route']['recover']['context']),
@@ -658,7 +460,8 @@ class DefaultController extends AbstractController {
                //Without valid mail
                if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) {
                        //Throw bad request
-                       throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $mail]));
+                       //XXX: prevent slugger reverse engineering by not displaying decoded mail
+                       throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $smail]));
                }
 
                //With existing subscriber
@@ -675,7 +478,7 @@ class DefaultController extends AbstractController {
                        throw $this->createNotFoundException($this->translator->trans('Outdated recover link'));
                }
 
-               //Create the RecoverType form and give the proper parameters
+               //Create the LoginType form and give the proper parameters
                $form = $this->createForm($this->config['recover']['view']['form'], $user, [
                        //Set action to recover route name and context
                        'action' => $this->generateUrl($this->config['route']['recover']['name'], ['mail' => $smail, 'pass' => $pass, 'hash' => $hash]+$this->config['route']['recover']['context']),
@@ -702,12 +505,6 @@ class DefaultController extends AbstractController {
                                //Set user password
                                $user->setPassword($encoded);
 
-                               //Set updated
-                               $user->setUpdated(new \DateTime('now'));
-
-                               //Get manager
-                               $manager = $doctrine->getManager();
-
                                //Persist user
                                $manager->persist($user);
 
@@ -735,30 +532,175 @@ class DefaultController extends AbstractController {
         * Register an account
         *
         * @param Request $request The request
+        * @param Registry $manager The doctrine registry
         * @param UserPasswordEncoderInterface $encoder The password encoder
+        * @param EntityManagerInterface $manager The doctrine entity manager
         * @param SluggerUtil $slugger The slugger
         * @param MailerInterface $mailer The mailer
         * @param LoggerInterface $logger The logger
+        * @param string $mail The shorted mail address
         * @param string $field The serialized then shorted form field array
         * @param string $hash The hashed serialized field array
         * @return Response The response
         */
-       public function register(Request $request, UserPasswordEncoderInterface $encoder, SluggerUtil $slugger, MailerInterface $mailer, LoggerInterface $logger, $field, $hash) {
-               //Get doctrine
-               $doctrine = $this->getDoctrine();
+       public function register(Request $request, Registry $doctrine, UserPasswordEncoderInterface $encoder, EntityManagerInterface $manager, SluggerUtil $slugger, MailerInterface $mailer, LoggerInterface $logger, $mail, $field, $hash): Response {
+               //With mail
+               if (!empty($_POST['register']['mail'])) {
+                       //Log new user infos
+                       $logger->emergency(
+                               $this->translator->trans(
+                                       'register: mail=%mail% locale=%locale% confirm=%confirm%',
+                                       [
+                                               '%mail%' => $postMail = $_POST['register']['mail'],
+                                               '%locale%' => $request->getLocale(),
+                                               '%confirm%' => $this->get('router')->generate(
+                                                       $this->config['route']['confirm']['name'],
+                                                       //Prepend subscribe context with tag
+                                                       [
+                                                               'mail' => $postSmail = $slugger->short($postMail),
+                                                               'hash' => $slugger->hash($postSmail)
+                                                       ]+$this->config['route']['confirm']['context'],
+                                                       UrlGeneratorInterface::ABSOLUTE_URL
+                                               )
+                                       ]
+                               )
+                       );
+               }
 
-               //With field
+               //With mail and field
                if (!empty($field) && !empty($hash)) {
                        //With invalid hash
-                       if ($hash != $slugger->hash($field)) {
+                       if ($hash != $slugger->hash($mail.$field)) {
                                //Throw bad request
                                throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
                        }
 
+                       //With mail
+                       if (!empty($mail)) {
+                               //Get mail
+                               $mail = $slugger->unshort($smail = $mail);
+
+                               //Without valid mail
+                               if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) {
+                                       //Throw bad request
+                                       //XXX: prevent slugger reverse engineering by not displaying decoded mail
+                                       throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $smail]));
+                               }
+
+                               //With existing registrant
+                               if ($existing = $doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail)) {
+                                       //With disabled existing
+                                       if ($existing->isDisabled()) {
+                                               //Render view
+                                               $response = $this->render(
+                                                       //Template
+                                                       $this->config['register']['view']['name'],
+                                                       //Context
+                                                       ['title' => $this->translator->trans('Access denied'), 'disabled' => 1]+$this->config['register']['view']['context']
+                                               );
+
+                                               //Set 403
+                                               $response->setStatusCode(403);
+
+                                               //Return response
+                                               return $response;
+                                       //With unactivated existing
+                                       } elseif (!$existing->isActivated()) {
+                                               //Set mail shortcut
+                                               $activateMail =& $this->config['register']['mail'];
+
+                                               //Generate each route route
+                                               foreach($this->config['register']['route'] as $route => $tag) {
+                                                       //Only process defined routes
+                                                       if (!empty($this->config['route'][$route])) {
+                                                               //Process for confirm url
+                                                               if ($route == 'confirm') {
+                                                                       //Set the url in context
+                                                                       $activateMail['context'][$tag] = $this->get('router')->generate(
+                                                                               $this->config['route'][$route]['name'],
+                                                                               //Prepend subscribe context with tag
+                                                                               [
+                                                                                       'mail' => $smail = $slugger->short($existing->getMail()),
+                                                                                       'hash' => $slugger->hash($smail)
+                                                                               ]+$this->config['route'][$route]['context'],
+                                                                               UrlGeneratorInterface::ABSOLUTE_URL
+                                                                       );
+                                                               }
+                                                       }
+                                               }
+
+                                               //Set recipient_name
+                                               $activateMail['context']['recipient_mail'] = $existing->getMail();
+
+                                               //Set recipient name
+                                               $activateMail['context']['recipient_name'] = implode(' ', [$existing->getForename(), $existing->getSurname(), $existing->getPseudonym()?'('.$existing->getPseudonym().')':'']);
+
+                                               //Init subject context
+                                               $subjectContext = $slugger->flatten(array_replace_recursive($this->config['register']['view']['context'], $activateMail['context']), null, '.', '%', '%');
+
+                                               //Translate subject
+                                               $activateMail['subject'] = ucfirst($this->translator->trans($activateMail['subject'], $subjectContext));
+
+                                               //Create message
+                                               $message = (new TemplatedEmail())
+                                                       //Set sender
+                                                       ->from(new Address($this->config['contact']['mail'], $this->config['contact']['title']))
+                                                       //Set recipient
+                                                       //XXX: remove the debug set in vendor/symfony/mime/Address.php +46
+                                                       ->to(new Address($activateMail['context']['recipient_mail'], $activateMail['context']['recipient_name']))
+                                                       //Set subject
+                                                       ->subject($activateMail['subject'])
+
+                                                       //Set path to twig templates
+                                                       ->htmlTemplate($activateMail['html'])
+                                                       ->textTemplate($activateMail['text'])
+
+                                                       //Set context
+                                                       ->context(['subject' => $activateMail['subject']]+$activateMail['context']);
+
+                                               //Try sending message
+                                               //XXX: mail delivery may silently fail
+                                               try {
+                                                       //Send message
+                                                       $mailer->send($message);
+                                               //Catch obvious transport exception
+                                               } catch(TransportExceptionInterface $e) {
+                                                       //Add error message mail unreachable
+                                                       $this->addFlash('error', $this->translator->trans('Account %mail% tried activate but unable to contact', ['%mail%' => $existing->getMail()]));
+                                               }
+
+                                               //Get route params
+                                               $routeParams = $request->get('_route_params');
+
+                                               //Remove mail, field and hash from route params
+                                               unset($routeParams['mail'], $routeParams['field'], $routeParams['hash']);
+
+                                               //Redirect on the same route with sent=1 to cleanup form
+                                               return $this->redirectToRoute($request->get('_route'), ['sent' => 1]+$routeParams);
+                                       }
+
+                                       //Add error message mail already exists
+                                       $this->addFlash('warning', $this->translator->trans('Account %mail% already exists', ['%mail%' => $existing->getMail()]));
+
+                                       //Redirect to user view
+                                       return $this->redirectToRoute(
+                                               $this->config['route']['edit']['name'],
+                                               [
+                                                       'mail' => $smail = $slugger->short($existing->getMail()),
+                                                       'hash' => $slugger->hash($smail)
+                                               ]+$this->config['route']['edit']['context']
+                                       );
+                               }
+                       //Without mail
+                       } else {
+                               //Set smail
+                               $smail = $mail;
+                       }
+
                        //Try
                        try {
                                //Unshort then unserialize field
-                               $field = $slugger->unserialize($field);
+                               $field = $slugger->unserialize($sfield = $field);
                        //Catch type error
                        } catch (\Error|\Exception $e) {
                                //Throw bad request
@@ -772,14 +714,26 @@ class DefaultController extends AbstractController {
                        }
                //Without field and hash
                } else {
+                       //Set smail
+                       $smail = $mail;
+
+                       //Set smail
+                       $sfield = $field;
+
                        //Reset field
                        $field = [];
                }
 
+               //Init reflection
+               $reflection = new \ReflectionClass($this->config['class']['user']);
+
+               //Create new user
+               $user = $reflection->newInstance(strval($mail));
+
                //Create the RegisterType form and give the proper parameters
-               $form = $this->createForm($this->config['register']['view']['form'], null, $field+[
+               $form = $this->createForm($this->config['register']['view']['form'], $user, $field+[
                        //Set action to register route name and context
-                       'action' => $this->generateUrl($this->config['route']['register']['name'], $this->config['route']['register']['context']),
+                       'action' => $this->generateUrl($this->config['route']['register']['name'], ['mail' => $smail, 'field' => $sfield, 'hash' => $hash]+$this->config['route']['register']['context']),
                        //Set civility class
                        'civility_class' => $this->config['class']['civility'],
                        //Set civility default
@@ -788,7 +742,7 @@ class DefaultController extends AbstractController {
                        'mail' => true,
                        //Set method
                        'method' => 'POST'
-               ]);
+               ]+$this->config['register']['field']);
 
                if ($request->isMethod('POST')) {
                        //Refill the fields in case the form is not valid.
@@ -798,44 +752,50 @@ class DefaultController extends AbstractController {
                                //Set data
                                $data = $form->getData();
 
+                               //With existing registrant
+                               if ($doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail = $data->getMail())) {
+                                       //Add error message mail already exists
+                                       $this->addFlash('warning', $this->translator->trans('Account %mail% already exists', ['%mail%' => $mail]));
+
+                                       //Redirect to user view
+                                       return $this->redirectToRoute(
+                                               $this->config['route']['edit']['name'],
+                                               [
+                                                       'mail' => $smail = $slugger->short($mail),
+                                                       'hash' => $slugger->hash($smail)
+                                               ]+$this->config['route']['edit']['context']
+                                       );
+                               }
+
                                //Set mail shortcut
                                $registerMail =& $this->config['register']['mail'];
 
-                               //Set extra
-                               $extra = [];
-
-                               //Init reflection
-                               $reflection = new \ReflectionClass($this->config['class']['user']);
-
-                               //Create new user
-                               $user = $reflection->newInstance();
-
-                               //Iterate on each entry
-                               //TODO: store add/set action between [] ???
-                               foreach($data as $key => $value) {
-                                       //Skip mail
-                                       if ($key == 'mail') {
-                                               continue;
-                                       //Store shorted title
-                                       } elseif (is_callable([$value, 'getTitle'])) {
-                                               $extra[$key.'(title)'] = $value->getTitle();
-                                       //Store shorted id
-                                       } elseif (is_callable([$value, 'getId'])) {
-                                               $extra[$key.'(id)'] = $value->getId();
-                                       //Store encoded password
-                                       } elseif(!empty($value) && $key == 'password') {
-                                               $extra['password'] = $encoder->encodePassword($user, $value);
-                                       //Store shorted value
-                                       } elseif (!empty($value)) {
-                                               $extra[$key] = $value;
-                                       }
-                               }
+                               //Set password
+                               $user->setPassword($encoder->encodePassword($user, $user->getPassword()??$data->getMail()));
+
+                               //Set created
+                               $user->setCreated(new \DateTime('now'));
+
+                               //Set updated
+                               $user->setUpdated(new \DateTime('now'));
 
-                               //Set mail
-                               $mail = $slugger->short($data['mail']);
+                               //Persist user
+                               $manager->persist($user);
 
-                               //Set extra
-                               $extra = $slugger->serialize($extra);
+                               //Iterate on default group
+                               foreach($this->config['default']['group'] as $i => $groupTitle) {
+                                       //Fetch group
+                                       if (($group = $doctrine->getRepository($this->config['class']['group'])->findOneByTitle($groupTitle))) {
+                                               //Set default group
+                                               //XXX: see vendor/symfony/security-core/Role/Role.php
+                                               $user->addGroup($group);
+                                       //Group not found
+                                       } else {
+                                               //Throw exception
+                                               //XXX: consider missing group as fatal
+                                               throw new \Exception(sprintf('Group from rapsys_user.default.group[%d] not found by title: %s', $i, $groupTitle));
+                                       }
+                               }
 
                                //Generate each route route
                                foreach($this->config['register']['route'] as $route => $tag) {
@@ -848,9 +808,8 @@ class DefaultController extends AbstractController {
                                                                $this->config['route'][$route]['name'],
                                                                //Prepend subscribe context with tag
                                                                [
-                                                                       'mail' => $mail,
-                                                                       'extra' => $extra,
-                                                                       'hash' => $slugger->hash($mail.$extra)
+                                                                       'mail' => $smail = $slugger->short($data->getMail()),
+                                                                       'hash' => $slugger->hash($smail)
                                                                ]+$this->config['route'][$route]['context'],
                                                                UrlGeneratorInterface::ABSOLUTE_URL
                                                        );
@@ -858,33 +817,17 @@ class DefaultController extends AbstractController {
                                        }
                                }
 
-                               //Log new user infos
-                               $logger->emergency(
-                                       $this->translator->trans(
-                                               'newuser:mail=%mail%|locale=%locale%|confirm=%confirm%',
-                                               [
-                                                       '%mail%' => $data['mail'],
-                                                       '%locale%' => $request->getLocale(),
-                                                       '%confirm%' => $registerMail['context'][$this->config['register']['route']['confirm']]
-                                               ]
-                                       )
-                               );
+                               //XXX: DEBUG: remove me
+                               //die($registerMail['context']['confirm_url']);
 
                                //Set recipient_name
-                               $registerMail['context']['recipient_mail'] = $data['mail'];
+                               $registerMail['context']['recipient_mail'] = $data->getMail();
 
                                //Set recipient name
                                $registerMail['context']['recipient_name'] = '';
 
-                               //With forename, surname and pseudonym
-                               if (isset($data['forename']) && isset($data['surname']) && isset($data['pseudonym'])) {
-                                       //Set recipient name
-                                       $registerMail['context']['recipient_name'] = implode(' ', [$data['forename'], $data['surname'], $data['pseudonym']?'('.$data['pseudonym'].')':'']);
-                               //With pseudonym
-                               } elseif (isset($data['pseudonym'])) {
-                                       //Set recipient name
-                                       $registerMail['context']['recipient_name'] = $data['pseudonym'];
-                               }
+                               //Set recipient name
+                               $registerMail['context']['recipient_name'] = implode(' ', [$data->getForename(), $data->getSurname(), $data->getPseudonym()?'('.$data->getPseudonym().')':'']);
 
                                //Init subject context
                                $subjectContext = $slugger->flatten(array_replace_recursive($this->config['register']['view']['context'], $registerMail['context']), null, '.', '%', '%');
@@ -909,18 +852,31 @@ class DefaultController extends AbstractController {
                                        //Set context
                                        ->context(['subject' => $registerMail['subject']]+$registerMail['context']);
 
-                               //Try sending message
-                               //XXX: mail delivery may silently fail
+                               //Try saving in database
                                try {
-                                       //Send message
-                                       $mailer->send($message);
-
-                                       //Redirect on the same route with sent=1 to cleanup form
-                                       return $this->redirectToRoute($request->get('_route'), ['sent' => 1]+$request->get('_route_params'));
-                               //Catch obvious transport exception
-                               } catch(TransportExceptionInterface $e) {
-                                       //Add error message mail unreachable
-                                       $form->get('mail')->addError(new FormError($this->translator->trans('Account %mail% tried subscribe but unable to contact', array('%mail%' => $data['mail']))));
+                                       //Send to database
+                                       $manager->flush();
+
+                                       //Add error message mail already exists
+                                       $this->addFlash('notice', $this->translator->trans('Your account has been created'));
+
+                                       //Try sending message
+                                       //XXX: mail delivery may silently fail
+                                       try {
+                                               //Send message
+                                               $mailer->send($message);
+
+                                               //Redirect on the same route with sent=1 to cleanup form
+                                               return $this->redirectToRoute($request->get('_route'), ['sent' => 1]+$request->get('_route_params'));
+                                       //Catch obvious transport exception
+                                       } catch(TransportExceptionInterface $e) {
+                                               //Add error message mail unreachable
+                                               $form->get('mail')->addError(new FormError($this->translator->trans('Account %mail% tried subscribe but unable to contact', ['%mail%' => $data->getMail()])));
+                                       }
+                               //Catch double subscription
+                               } catch (UniqueConstraintViolationException $e) {
+                                       //Add error message mail already exists
+                                       $this->addFlash('error', $this->translator->trans('Account %mail% already exists', ['%mail%' => $mail]));
                                }
                        }
                }
@@ -933,11 +889,4 @@ class DefaultController extends AbstractController {
                        ['form' => $form->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['register']['view']['context']
                );
        }
-
-       /**
-        * {@inheritdoc}
-        */
-       public function getAlias() {
-               return 'rapsys_user';
-       }
 }