X-Git-Url: https://git.rapsys.eu/userbundle/blobdiff_plain/ff811180315cd026ece71c33fbf90b8dea2f8e51..7dc270515bd6c60325a654486c088e8aab2094cf:/Controller/DefaultController.php

diff --git a/Controller/DefaultController.php b/Controller/DefaultController.php
index 7e16358..7f6b02e 100644
--- a/Controller/DefaultController.php
+++ b/Controller/DefaultController.php
@@ -1,14 +1,25 @@
-<?php
+<?php declare(strict_types=1);
+
+/*
+ * This file is part of the Rapsys UserBundle package.
+ *
+ * (c) Raphaël Gertz <symfony@rapsys.eu>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
 
 namespace Rapsys\UserBundle\Controller;
 
+use Doctrine\Bundle\DoctrineBundle\Registry;
+use Doctrine\ORM\EntityManagerInterface;
+use Doctrine\DBAL\Exception\UniqueConstraintViolationException;
+use Psr\Log\LoggerInterface;
 use Symfony\Bridge\Twig\Mime\TemplatedEmail;
-use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
-use Symfony\Component\DependencyInjection\ContainerInterface;
-use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\Form\FormError;
-use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\Mailer\Exception\TransportExceptionInterface;
 use Symfony\Component\Mailer\MailerInterface;
 use Symfony\Component\Mime\Address;
@@ -16,226 +27,29 @@ use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
 use Symfony\Component\Routing\RouterInterface;
 use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
 use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
-use Symfony\Component\Translation\TranslatorInterface;
-use Psr\Log\LoggerInterface;
 
 use Rapsys\PackBundle\Util\SluggerUtil;
 
+/**
+ * {@inheritdoc}
+ */
 class DefaultController extends AbstractController {
-	//Config array
-	protected $config;
-
-	//Translator instance
-	protected $translator;
-
-	/**
-	 * Constructor
-	 *
-	 * @TODO: move all canonical and other view related stuff in an user AbstractController like in RapsysAir render feature !!!!
-	 *
-	 * @param ContainerInterface $container The containter instance
-	 * @param RouterInterface $router The router instance
-	 * @param TranslatorInterface $translator The translator instance
-	 */
-	public function __construct(ContainerInterface $container, RouterInterface $router, TranslatorInterface $translator) {
-		//Retrieve config
-		$this->config = $container->getParameter($this->getAlias());
-
-		//Set the translator
-		$this->translator = $translator;
-
-		//Get request stack
-		$stack = $container->get('request_stack');
-
-		//Get current request
-		$request = $stack->getCurrentRequest();
-
-		//Get current locale
-		$currentLocale = $request->getLocale();
-
-		//Set locale
-		$this->config['context']['locale'] = str_replace('_', '-', $currentLocale);
-
-		//Set translate array
-		$translates = [];
-
-		//Look for keys to translate
-		if (!empty($this->config['translate'])) {
-			//Iterate on keys to translate
-			foreach($this->config['translate'] as $translate) {
-				//Set tmp
-				$tmp = null;
-				//Iterate on keys
-				foreach(array_reverse(explode('.', $translate)) as $curkey) {
-					$tmp = array_combine([$curkey], [$tmp]);
-				}
-				//Append tree
-				$translates = array_replace_recursive($translates, $tmp);
-			}
-		}
-
-		//Inject every requested route in view and mail context
-		foreach($this->config as $tag => $current) {
-			//Look for entry with title subkey
-			if (!empty($current['title'])) {
-				//Translate title value
-				$this->config[$tag]['title'] = $translator->trans($current['title']);
-			}
-
-			//Look for entry with route subkey
-			if (!empty($current['route'])) {
-				//Generate url for both view and mail
-				foreach(['view', 'mail'] as $view) {
-					//Check that context key is usable
-					if (isset($current[$view]['context']) && is_array($current[$view]['context'])) {
-						//Merge with global context
-						$this->config[$tag][$view]['context'] = array_replace_recursive($this->config['context'], $this->config[$tag][$view]['context']);
-
-						//Process every routes
-						foreach($current['route'] as $route => $key) {
-							//With confirm route
-							if ($route == 'confirm') {
-								//Skip route as it requires some parameters
-								continue;
-							}
-
-							//Set value
-							$value = $router->generate(
-								$this->config['route'][$route]['name'],
-								$this->config['route'][$route]['context'],
-								//Generate absolute url for mails
-								$view=='mail'?UrlGeneratorInterface::ABSOLUTE_URL:UrlGeneratorInterface::ABSOLUTE_PATH
-							);
-
-							//Multi level key
-							if (strpos($key, '.') !== false) {
-								//Set tmp
-								$tmp = $value;
-
-								//Iterate on key
-								foreach(array_reverse(explode('.', $key)) as $curkey) {
-									$tmp = array_combine([$curkey], [$tmp]);
-								}
-
-								//Set value
-								$this->config[$tag][$view]['context'] = array_replace_recursive($this->config[$tag][$view]['context'], $tmp);
-							//Single level key
-							} else {
-								//Set value
-								$this->config[$tag][$view]['context'][$key] = $value;
-							}
-						}
-
-						//Look for successful intersections
-						if (!empty(array_intersect_key($translates, $this->config[$tag][$view]['context']))) {
-							//Iterate on keys to translate
-							foreach($this->config['translate'] as $translate) {
-								//Set keys
-								$keys = explode('.', $translate);
-
-								//Set tmp
-								$tmp = $this->config[$tag][$view]['context'];
-
-								//Iterate on keys
-								foreach($keys as $curkey) {
-									//Without child key
-									if (!isset($tmp[$curkey])) {
-										//Skip to next key
-										continue(2);
-									}
-
-									//Get child key
-									$tmp = $tmp[$curkey];
-								}
-
-								//Translate tmp value
-								$tmp = $translator->trans($tmp);
-
-								//Iterate on keys
-								foreach(array_reverse($keys) as $curkey) {
-									//Set parent key
-									$tmp = array_combine([$curkey], [$tmp]);
-								}
-
-								//Set value
-								$this->config[$tag][$view]['context'] = array_replace_recursive($this->config[$tag][$view]['context'], $tmp);
-							}
-						}
-
-						//With view context
-						if ($view == 'view') {
-							//Get context path
-							$pathInfo = $router->getContext()->getPathInfo();
-
-							//Iterate on locales excluding current one
-							foreach($this->config['locales'] as $locale) {
-								//Set titles
-								$titles = [];
-
-								//Iterate on other locales
-								foreach(array_diff($this->config['locales'], [$locale]) as $other) {
-									$titles[$other] = $translator->trans($this->config['languages'][$locale], [], null, $other);
-								}
-
-								//Retrieve route matching path
-								$route = $router->match($pathInfo);
-
-								//Get route name
-								$name = $route['_route'];
-
-								//Unset route name
-								unset($route['_route']);
-
-								//With current locale
-								if ($locale == $currentLocale) {
-									//Set locale locales context
-									$this->config[$tag][$view]['context']['canonical'] = $router->generate($name, ['_locale' => $locale]+$route, UrlGeneratorInterface::ABSOLUTE_URL);
-								} else {
-									//Set locale locales context
-									$this->config[$tag][$view]['context']['alternates'][$locale] = [
-										'absolute' => $router->generate($name, ['_locale' => $locale]+$route, UrlGeneratorInterface::ABSOLUTE_URL),
-										'relative' => $router->generate($name, ['_locale' => $locale]+$route),
-										'title' => implode('/', $titles),
-										'translated' => $translator->trans($this->config['languages'][$locale], [], null, $locale)
-									];
-								}
-
-								//Add shorter locale
-								if (empty($this->config[$tag][$view]['context']['alternates'][$slocale = substr($locale, 0, 2)])) {
-									//Add shorter locale
-									$this->config[$tag][$view]['context']['alternates'][$slocale] = [
-										'absolute' => $router->generate($name, ['_locale' => $locale]+$route, UrlGeneratorInterface::ABSOLUTE_URL),
-										'relative' => $router->generate($name, ['_locale' => $locale]+$route),
-										'title' => implode('/', $titles),
-										'translated' => $translator->trans($this->config['languages'][$locale], [], null, $locale)
-									];
-								}
-							}
-						}
-					}
-				}
-			}
-		}
-	}
-
 	/**
 	 * Confirm account from mail link
 	 *
 	 * @param Request $request The request
+	 * @param Registry $manager The doctrine registry
 	 * @param UserPasswordEncoderInterface $encoder The password encoder
+	 * @param EntityManagerInterface $manager The doctrine entity manager
 	 * @param SluggerUtil $slugger The slugger
 	 * @param MailerInterface $mailer The mailer
 	 * @param string $mail The shorted mail address
-	 * @param string $extra The serialized then shorted extra array
 	 * @param string $hash The hashed password
 	 * @return Response The response
 	 */
-	public function confirm(Request $request, UserPasswordEncoderInterface $encoder, SluggerUtil $slugger, MailerInterface $mailer, $mail, $extra, $hash) {
-		//Get doctrine
-		$doctrine = $this->getDoctrine();
-
+	public function confirm(Request $request, Registry $doctrine, UserPasswordEncoderInterface $encoder, EntityManagerInterface $manager, SluggerUtil $slugger, MailerInterface $mailer, $mail, $hash): Response {
 		//With invalid hash
-		if ($hash != $slugger->hash($mail.$extra)) {
+		if ($hash != $slugger->hash($mail)) {
 			//Throw bad request
 			throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
 		}
@@ -246,202 +60,182 @@ class DefaultController extends AbstractController {
 		//Without valid mail
 		if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) {
 			//Throw bad request
-			throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $mail]));
+			//XXX: prevent slugger reverse engineering by not displaying decoded mail
+			throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $smail]));
 		}
 
-		//With existing subscriber
-		if ($doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail)) {
+		//Without existing registrant
+		if (!($user = $doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) {
 			//Add error message mail already exists
-			$this->addFlash('error', $this->translator->trans('Account %mail% already exists', ['%mail%' => $mail]));
-
-			//Redirect to user view
-			return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail]+$this->config['route']['edit']['context']);
-		}
-
-		//Get extra
-		$extra = $slugger->unserialize($sextra = $extra);
-
-		//Without valid extra
-		if (!is_array($extra)) {
-			//Throw bad request
-			throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'extra', '%value%' => $sextra]));
-		}
-
-		//Extract names and pseudonym from mail
-		$names = explode(' ', $pseudonym = ucwords(trim(preg_replace('/[^a-zA-Z]+/', ' ', current(explode('@', $mail))))));
-
-		//Get manager
-		$manager = $doctrine->getManager();
-
-		//Init reflection
-		$reflection = new \ReflectionClass($this->config['class']['user']);
-
-		//Create new user
-		$user = $reflection->newInstance();
-
-		//Set mail
-		$user->setMail($mail);
-
-		//Set default value
-		$default = [
-			'civility(title)' => $this->config['default']['civility'],
-			'pseudonym' => $pseudonym,
-			'forename' => $names[0]??$pseudonym,
-			'surname' => $names[1]??$pseudonym,
-			'password' => $encoder->encodePassword($user, $mail),
-			'active' => true
-		];
-
-		//Iterate on each default value
-		//TODO: store add/set action between [] ???
-		foreach($extra+$default as $key => $value) {
-			//Set member
-			$member = $key;
-
-			//With title entity
-			if (substr($key, -strlen('(title)')) === '(title)') {
-				//Remove field info
-				$member = substr($member, 0, -strlen('(title)'));
-
-				//Get object as value
-				$value = $doctrine->getRepository($this->config['class'][$member])->findOneByTitle($value);
-			//With id entity
-			} elseif (substr($key, -strlen('(id)')) === '(id)') {
-				//Remove field info
-				$member = substr($member, 0, -strlen('(id)'));
-
-				//Get object as value
-				$value = $doctrine->getRepository($this->config['class'][$key])->findOneById($value);
-			}
-
-			//Set value
-			$user->{'set'.ucfirst($member)}($value);
-
-			//Unset extra value
-			unset($extra[$key]);
-		}
+			//XXX: prevent slugger reverse engineering by not displaying decoded mail
+			$this->addFlash('error', $this->translator->trans('Account %mail% do not exists', ['%mail%' => $smail]));
 
-		//Iterate on default group
-		foreach($this->config['default']['group'] as $i => $groupTitle) {
-			//Fetch group
-			if (($group = $doctrine->getRepository($this->config['class']['group'])->findOneByTitle($groupTitle))) {
-				//Set default group
-				//XXX: see vendor/symfony/security-core/Role/Role.php
-				$user->addGroup($group);
-			//Group not found
-			} else {
-				//Throw exception
-				//XXX: consider missing group as fatal
-				throw new \Exception(sprintf('Group from rapsys_user.default.group[%d] not found by title: %s', $i, $groupTitle));
-			}
+			//Redirect to register view
+			return $this->redirectToRoute($this->config['route']['register']['name'], ['mail' => $smail, 'field' => $sfield = $slugger->serialize([]), 'hash' => $slugger->hash($smail.$sfield)]+$this->config['route']['register']['context']);
 		}
 
-		$user->setCreated(new \DateTime('now'));
-		$user->setUpdated(new \DateTime('now'));
+		//Set active
+		$user->setActive(true);
 
 		//Persist user
 		$manager->persist($user);
 
-		//Try saving in database
-		try {
-			//Send to database
-			$manager->flush();
+		//Send to database
+		$manager->flush();
 
-			//Add error message mail already exists
-			$this->addFlash('notice', $this->translator->trans('Your account has been created'));
-		//Catch double subscription
-		} catch (\Doctrine\DBAL\Exception\UniqueConstraintViolationException $e) {
-			//Add error message mail already exists
-			$this->addFlash('error', $this->translator->trans('Account %mail% already exists', ['%mail%' => $mail]));
-		}
+		//Add error message mail already exists
+		$this->addFlash('notice', $this->translator->trans('Your account has been activated'));
 
 		//Redirect to user view
-		return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail]+$this->config['route']['edit']['context']);
+		return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $slugger->hash($smail)]+$this->config['route']['edit']['context']);
 	}
 
 	/**
 	 * Edit account by shorted mail
 	 *
 	 * @param Request $request The request
+	 * @param Registry $manager The doctrine registry
+	 * @param UserPasswordEncoderInterface $encoder The password encoder
+	 * @param EntityManagerInterface $manager The doctrine entity manager
 	 * @param SluggerUtil $slugger The slugger
 	 * @param string $mail The shorted mail address
+	 * @param string $hash The hashed password
 	 * @return Response The response
 	 */
-	public function edit(Request $request, SluggerUtil $slugger, $mail) {
-		//Get doctrine
-		$doctrine = $this->getDoctrine();
+	public function edit(Request $request, Registry $doctrine, UserPasswordEncoderInterface $encoder, EntityManagerInterface $manager, SluggerUtil $slugger, $mail, $hash): Response {
+		//With invalid hash
+		if ($hash != $slugger->hash($mail)) {
+			//Throw bad request
+			throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
+		}
 
 		//Get mail
 		$mail = $slugger->unshort($smail = $mail);
 
 		//With existing subscriber
 		if (empty($user = $doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) {
-			var_dump($mail);
 			//Throw not found
 			//XXX: prevent slugger reverse engineering by not displaying decoded mail
 			throw $this->createNotFoundException($this->translator->trans('Unable to find account %mail%', ['%mail%' => $smail]));
 		}
 
-		//Get user token
-		$token = new UsernamePasswordToken($user, null, 'none', $user->getRoles());
-
-		//Check if guest
-		$isGuest = $this->get('rapsys_user.access_decision_manager')->decide($token, ['ROLE_GUEST']);
-
 		//Prevent access when not admin, user is not guest and not currently logged user
-		if (!$this->isGranted('ROLE_ADMIN') && empty($isGuest) && $user != $this->getUser()) {
+		if (!$this->isGranted('ROLE_ADMIN') && $user != $this->getUser() || !$this->isGranted('IS_AUTHENTICATED_FULLY')) {
 			//Throw access denied
 			//XXX: prevent slugger reverse engineering by not displaying decoded mail
 			throw $this->createAccessDeniedException($this->translator->trans('Unable to access user: %mail%', ['%mail%' => $smail]));
 		}
 
 		//Create the RegisterType form and give the proper parameters
-		$form = $this->createForm($this->config['register']['view']['form'], $user, [
+		$edit = $this->createForm($this->config['edit']['view']['edit'], $user, [
 			//Set action to register route name and context
-			'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail]+$this->config['route']['edit']['context']),
+			'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $slugger->hash($smail)]+$this->config['route']['edit']['context']),
 			//Set civility class
 			'civility_class' => $this->config['class']['civility'],
 			//Set civility default
 			'civility_default' => $doctrine->getRepository($this->config['class']['civility'])->findOneByTitle($this->config['default']['civility']),
 			//Disable mail
 			'mail' => $this->isGranted('ROLE_ADMIN'),
+			//Disable slug
+			'slug' => $this->isGranted('ROLE_ADMIN'),
 			//Disable password
-			//XXX: prefer a reset on login to force user unspam action
 			'password' => false,
 			//Set method
 			'method' => 'POST'
 		]);
 
-		if ($request->isMethod('POST')) {
-			//Refill the fields in case the form is not valid.
-			$form->handleRequest($request);
+		//With admin role
+		if ($this->isGranted('ROLE_ADMIN')) {
+			//Create the LoginType form and give the proper parameters
+			$reset = $this->createForm($this->config['edit']['view']['reset'], $user, [
+				//Set action to register route name and context
+				'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $slugger->hash($smail)]+$this->config['route']['edit']['context']),
+				//Disable mail
+				'mail' => false,
+				//Set method
+				'method' => 'POST'
+			]);
 
-			if ($form->isValid()) {
-				//Set data
-				$data = $form->getData();
+			//With post method
+			if ($request->isMethod('POST')) {
+				//Refill the fields in case the form is not valid.
+				$reset->handleRequest($request);
 
-				//Get manager
-				$manager = $doctrine->getManager();
+				//With reset submitted and valid
+				if ($reset->isSubmitted() && $reset->isValid()) {
+					//Set data
+					$data = $reset->getData();
 
-				//Queue snippet save
-				$manager->persist($data);
+					//Set password
+					$data->setPassword($encoder->encodePassword($data, $data->getPassword()));
 
-				//Flush to get the ids
-				$manager->flush();
+					//Queue snippet save
+					$manager->persist($data);
 
-				//Add notice
-				$this->addFlash('notice', $this->translator->trans('Account %mail% updated', ['%mail%' => $mail]));
+					//Flush to get the ids
+					$manager->flush();
 
-				//Redirect to user view
-				//TODO: extract referer ??? or useless ???
-				return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail]+$this->config['route']['edit']['context']);
+					//Add notice
+					$this->addFlash('notice', $this->translator->trans('Account %mail% password updated', ['%mail%' => $mail = $data->getMail()]));
 
-				//Redirect to cleanup the form
-				return $this->redirectToRoute('rapsys_air', ['user' => $data->getId()]);
+					//Redirect to cleanup the form
+					return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail = $slugger->short($mail), 'hash' => $slugger->hash($smail)]+$this->config['route']['edit']['context']);
+				}
 			}
+
+			//Add reset view
+			$this->config['edit']['view']['context']['reset'] = $reset->createView();
+		//Without admin role
+		//XXX: prefer a reset on login to force user unspam action
 		} else {
 			//Add notice
-			$this->addFlash('notice', $this->translator->trans('To change your password login with your mail %mail% and any password then follow the procedure', ['%mail%' => $mail]));
+			$this->addFlash('notice', $this->translator->trans('To change your password login with your mail and any password then follow the procedure'));
+		}
+
+		//With post method
+		if ($request->isMethod('POST')) {
+			//Refill the fields in case the form is not valid.
+			$edit->handleRequest($request);
+
+			//With edit submitted and valid
+			if ($edit->isSubmitted() && $edit->isValid()) {
+				//Set data
+				$data = $edit->getData();
+
+				//Set slug
+				$slug = null;
+
+				//With admin
+				if ($this->isGranted('ROLE_ADMIN')) {
+					//With slug
+					if (!empty($data->getSlug())) {
+						//Set slug
+						$slug = $slugger->slug($data->getPseudonym());
+					}
+
+					//Update slug
+					$data->setSlug($slug);
+				}
+
+				//Queue snippet save
+				$manager->persist($data);
+
+				//Try saving in database
+				try {
+					//Flush to get the ids
+					$manager->flush();
+
+					//Add notice
+					$this->addFlash('notice', $this->translator->trans('Account %mail% updated', ['%mail%' => $mail = $data->getMail()]));
+
+					//Redirect to cleanup the form
+					return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail = $slugger->short($mail), 'hash' => $slugger->hash($smail)]+$this->config['route']['edit']['context']);
+				//Catch double slug or mail
+				} catch (UniqueConstraintViolationException $e) {
+					//Add error message mail already exists
+					$this->addFlash('error', $this->translator->trans('Account %mail% or with slug %slug% already exists', ['%mail%' => $data->getMail(), '%slug%' => $slug]));
+				}
+			}
 		}
 
 		//Render view
@@ -449,7 +243,7 @@ class DefaultController extends AbstractController {
 			//Template
 			$this->config['edit']['view']['name'],
 			//Context
-			['form' => $form->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['edit']['view']['context']
+			['edit' => $edit->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['edit']['view']['context']
 		);
 	}
 
@@ -458,21 +252,47 @@ class DefaultController extends AbstractController {
 	 *
 	 * @param Request $request The request
 	 * @param AuthenticationUtils $authenticationUtils The authentication utils
+	 * @param RouterInterface $router The router instance
+	 * @param SluggerUtil $slugger The slugger
+	 * @param string $mail The shorted mail address
+	 * @param string $hash The hashed password
 	 * @return Response The response
 	 */
-	public function login(Request $request, AuthenticationUtils $authenticationUtils) {
+	public function login(Request $request, AuthenticationUtils $authenticationUtils, RouterInterface $router, SluggerUtil $slugger, $mail, $hash): Response {
 		//Create the LoginType form and give the proper parameters
 		$login = $this->createForm($this->config['login']['view']['form'], null, [
 			//Set action to login route name and context
 			'action' => $this->generateUrl($this->config['route']['login']['name'], $this->config['route']['login']['context']),
+			//Disable repeated password
+			'password_repeated' => false,
+			//Set method
 			'method' => 'POST'
 		]);
 
 		//Init context
 		$context = [];
 
+		//With mail
+		if (!empty($mail) && !empty($hash)) {
+			//With invalid hash
+			if ($hash != $slugger->hash($mail)) {
+				//Throw bad request
+				throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
+			}
+
+			//Get mail
+			$mail = $slugger->unshort($smail = $mail);
+
+			//Without valid mail
+			if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) {
+				//Throw bad request
+				throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $smail]));
+			}
+
+			//Prefilled mail
+			$login->get('mail')->setData($mail);
 		//Last username entered by the user
-		if ($lastUsername = $authenticationUtils->getLastUsername()) {
+		} elseif ($lastUsername = $authenticationUtils->getLastUsername()) {
 			$login->get('mail')->setData($lastUsername);
 		}
 
@@ -484,7 +304,7 @@ class DefaultController extends AbstractController {
 			//Add error message to mail field
 			$login->get('mail')->addError(new FormError($error));
 
-			//Create the RecoverType form and give the proper parameters
+			//Create the LoginType form and give the proper parameters
 			$recover = $this->createForm($this->config['recover']['view']['form'], null, [
 				//Set action to recover route name and context
 				'action' => $this->generateUrl($this->config['route']['recover']['name'], $this->config['route']['recover']['context']),
@@ -521,7 +341,9 @@ class DefaultController extends AbstractController {
 	 * Recover account
 	 *
 	 * @param Request $request The request
+	 * @param Registry $manager The doctrine registry
 	 * @param UserPasswordEncoderInterface $encoder The password encoder
+	 * @param EntityManagerInterface $manager The doctrine entity manager
 	 * @param SluggerUtil $slugger The slugger
 	 * @param MailerInterface $mailer The mailer
 	 * @param string $mail The shorted mail address
@@ -529,13 +351,10 @@ class DefaultController extends AbstractController {
 	 * @param string $hash The hashed password
 	 * @return Response The response
 	 */
-	public function recover(Request $request, UserPasswordEncoderInterface $encoder, SluggerUtil $slugger, MailerInterface $mailer, $mail, $pass, $hash) {
-		//Get doctrine
-		$doctrine = $this->getDoctrine();
-
+	public function recover(Request $request, Registry $doctrine, UserPasswordEncoderInterface $encoder, EntityManagerInterface $manager, SluggerUtil $slugger, MailerInterface $mailer, $mail, $pass, $hash): Response {
 		//Without mail, pass and hash
 		if (empty($mail) && empty($pass) && empty($hash)) {
-			//Create the RecoverType form and give the proper parameters
+			//Create the LoginType form and give the proper parameters
 			$form = $this->createForm($this->config['recover']['view']['form'], null, [
 				//Set action to recover route name and context
 				'action' => $this->generateUrl($this->config['route']['recover']['name'], $this->config['route']['recover']['context']),
@@ -658,7 +477,8 @@ class DefaultController extends AbstractController {
 		//Without valid mail
 		if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) {
 			//Throw bad request
-			throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $mail]));
+			//XXX: prevent slugger reverse engineering by not displaying decoded mail
+			throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $smail]));
 		}
 
 		//With existing subscriber
@@ -675,7 +495,7 @@ class DefaultController extends AbstractController {
 			throw $this->createNotFoundException($this->translator->trans('Outdated recover link'));
 		}
 
-		//Create the RecoverType form and give the proper parameters
+		//Create the LoginType form and give the proper parameters
 		$form = $this->createForm($this->config['recover']['view']['form'], $user, [
 			//Set action to recover route name and context
 			'action' => $this->generateUrl($this->config['route']['recover']['name'], ['mail' => $smail, 'pass' => $pass, 'hash' => $hash]+$this->config['route']['recover']['context']),
@@ -702,12 +522,6 @@ class DefaultController extends AbstractController {
 				//Set user password
 				$user->setPassword($encoded);
 
-				//Set updated
-				$user->setUpdated(new \DateTime('now'));
-
-				//Get manager
-				$manager = $doctrine->getManager();
-
 				//Persist user
 				$manager->persist($user);
 
@@ -735,30 +549,175 @@ class DefaultController extends AbstractController {
 	 * Register an account
 	 *
 	 * @param Request $request The request
+	 * @param Registry $manager The doctrine registry
 	 * @param UserPasswordEncoderInterface $encoder The password encoder
+	 * @param EntityManagerInterface $manager The doctrine entity manager
 	 * @param SluggerUtil $slugger The slugger
 	 * @param MailerInterface $mailer The mailer
 	 * @param LoggerInterface $logger The logger
+	 * @param string $mail The shorted mail address
 	 * @param string $field The serialized then shorted form field array
 	 * @param string $hash The hashed serialized field array
 	 * @return Response The response
 	 */
-	public function register(Request $request, UserPasswordEncoderInterface $encoder, SluggerUtil $slugger, MailerInterface $mailer, LoggerInterface $logger, $field, $hash) {
-		//Get doctrine
-		$doctrine = $this->getDoctrine();
+	public function register(Request $request, Registry $doctrine, UserPasswordEncoderInterface $encoder, EntityManagerInterface $manager, SluggerUtil $slugger, MailerInterface $mailer, LoggerInterface $logger, $mail, $field, $hash): Response {
+		//With mail
+		if (!empty($_POST['register']['mail'])) {
+			//Log new user infos
+			$logger->emergency(
+				$this->translator->trans(
+					'register: mail=%mail% locale=%locale% confirm=%confirm%',
+					[
+						'%mail%' => $postMail = $_POST['register']['mail'],
+						'%locale%' => $request->getLocale(),
+						'%confirm%' => $this->get('router')->generate(
+							$this->config['route']['confirm']['name'],
+							//Prepend subscribe context with tag
+							[
+								'mail' => $postSmail = $slugger->short($postMail),
+								'hash' => $slugger->hash($postSmail)
+							]+$this->config['route']['confirm']['context'],
+							UrlGeneratorInterface::ABSOLUTE_URL
+						)
+					]
+				)
+			);
+		}
 
-		//With field
+		//With mail and field
 		if (!empty($field) && !empty($hash)) {
 			//With invalid hash
-			if ($hash != $slugger->hash($field)) {
+			if ($hash != $slugger->hash($mail.$field)) {
 				//Throw bad request
 				throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
 			}
 
+			//With mail
+			if (!empty($mail)) {
+				//Get mail
+				$mail = $slugger->unshort($smail = $mail);
+
+				//Without valid mail
+				if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) {
+					//Throw bad request
+					//XXX: prevent slugger reverse engineering by not displaying decoded mail
+					throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $smail]));
+				}
+
+				//With existing registrant
+				if ($existing = $doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail)) {
+					//With disabled existing
+					if ($existing->isDisabled()) {
+						//Render view
+						$response = $this->render(
+							//Template
+							$this->config['register']['view']['name'],
+							//Context
+							['title' => $this->translator->trans('Access denied'), 'disabled' => 1]+$this->config['register']['view']['context']
+						);
+
+						//Set 403
+						$response->setStatusCode(403);
+
+						//Return response
+						return $response;
+					//With unactivated existing
+					} elseif (!$existing->isActivated()) {
+						//Set mail shortcut
+						$activateMail =& $this->config['register']['mail'];
+
+						//Generate each route route
+						foreach($this->config['register']['route'] as $route => $tag) {
+							//Only process defined routes
+							if (!empty($this->config['route'][$route])) {
+								//Process for confirm url
+								if ($route == 'confirm') {
+									//Set the url in context
+									$activateMail['context'][$tag] = $this->get('router')->generate(
+										$this->config['route'][$route]['name'],
+										//Prepend subscribe context with tag
+										[
+											'mail' => $smail = $slugger->short($existing->getMail()),
+											'hash' => $slugger->hash($smail)
+										]+$this->config['route'][$route]['context'],
+										UrlGeneratorInterface::ABSOLUTE_URL
+									);
+								}
+							}
+						}
+
+						//Set recipient_name
+						$activateMail['context']['recipient_mail'] = $existing->getMail();
+
+						//Set recipient name
+						$activateMail['context']['recipient_name'] = implode(' ', [$existing->getForename(), $existing->getSurname(), $existing->getPseudonym()?'('.$existing->getPseudonym().')':'']);
+
+						//Init subject context
+						$subjectContext = $slugger->flatten(array_replace_recursive($this->config['register']['view']['context'], $activateMail['context']), null, '.', '%', '%');
+
+						//Translate subject
+						$activateMail['subject'] = ucfirst($this->translator->trans($activateMail['subject'], $subjectContext));
+
+						//Create message
+						$message = (new TemplatedEmail())
+							//Set sender
+							->from(new Address($this->config['contact']['mail'], $this->config['contact']['title']))
+							//Set recipient
+							//XXX: remove the debug set in vendor/symfony/mime/Address.php +46
+							->to(new Address($activateMail['context']['recipient_mail'], $activateMail['context']['recipient_name']))
+							//Set subject
+							->subject($activateMail['subject'])
+
+							//Set path to twig templates
+							->htmlTemplate($activateMail['html'])
+							->textTemplate($activateMail['text'])
+
+							//Set context
+							->context(['subject' => $activateMail['subject']]+$activateMail['context']);
+
+						//Try sending message
+						//XXX: mail delivery may silently fail
+						try {
+							//Send message
+							$mailer->send($message);
+						//Catch obvious transport exception
+						} catch(TransportExceptionInterface $e) {
+							//Add error message mail unreachable
+							$this->addFlash('error', $this->translator->trans('Account %mail% tried activate but unable to contact', ['%mail%' => $existing->getMail()]));
+						}
+
+						//Get route params
+						$routeParams = $request->get('_route_params');
+
+						//Remove mail, field and hash from route params
+						unset($routeParams['mail'], $routeParams['field'], $routeParams['hash']);
+
+						//Redirect on the same route with sent=1 to cleanup form
+						return $this->redirectToRoute($request->get('_route'), ['sent' => 1]+$routeParams);
+					}
+
+					//Add error message mail already exists
+					$this->addFlash('warning', $this->translator->trans('Account %mail% already exists', ['%mail%' => $existing->getMail()]));
+
+					//Redirect to user view
+					return $this->redirectToRoute(
+						$this->config['route']['edit']['name'],
+						[
+							'mail' => $smail = $slugger->short($existing->getMail()),
+							'hash' => $slugger->hash($smail)
+						]+$this->config['route']['edit']['context']
+					);
+				}
+			//Without mail
+			} else {
+				//Set smail
+				$smail = $mail;
+			}
+
 			//Try
 			try {
 				//Unshort then unserialize field
-				$field = $slugger->unserialize($field);
+				$field = $slugger->unserialize($sfield = $field);
 			//Catch type error
 			} catch (\Error|\Exception $e) {
 				//Throw bad request
@@ -772,14 +731,29 @@ class DefaultController extends AbstractController {
 			}
 		//Without field and hash
 		} else {
+			//Set smail
+			$smail = $mail;
+
+			//Set smail
+			$sfield = $field;
+
 			//Reset field
-			$field = [];
+			$field = [
+				//Without slug
+				'slug' => false
+			];
 		}
 
+		//Init reflection
+		$reflection = new \ReflectionClass($this->config['class']['user']);
+
+		//Create new user
+		$user = $reflection->newInstance(strval($mail));
+
 		//Create the RegisterType form and give the proper parameters
-		$form = $this->createForm($this->config['register']['view']['form'], null, $field+[
+		$form = $this->createForm($this->config['register']['view']['form'], $user, $field+[
 			//Set action to register route name and context
-			'action' => $this->generateUrl($this->config['route']['register']['name'], $this->config['route']['register']['context']),
+			'action' => $this->generateUrl($this->config['route']['register']['name'], ['mail' => $smail, 'field' => $sfield, 'hash' => $hash]+$this->config['route']['register']['context']),
 			//Set civility class
 			'civility_class' => $this->config['class']['civility'],
 			//Set civility default
@@ -798,44 +772,62 @@ class DefaultController extends AbstractController {
 				//Set data
 				$data = $form->getData();
 
+				//With existing registrant
+				if ($doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail = $data->getMail())) {
+					//Add error message mail already exists
+					$this->addFlash('warning', $this->translator->trans('Account %mail% already exists', ['%mail%' => $mail]));
+
+					//Redirect to user view
+					return $this->redirectToRoute(
+						$this->config['route']['edit']['name'],
+						[
+							'mail' => $smail = $slugger->short($mail),
+							'hash' => $slugger->hash($smail)
+						]+$this->config['route']['edit']['context']
+					);
+				}
+
 				//Set mail shortcut
 				$registerMail =& $this->config['register']['mail'];
 
-				//Set extra
-				$extra = [];
-
-				//Init reflection
-				$reflection = new \ReflectionClass($this->config['class']['user']);
-
-				//Create new user
-				$user = $reflection->newInstance();
-
-				//Iterate on each entry
-				//TODO: store add/set action between [] ???
-				foreach($data as $key => $value) {
-					//Skip mail
-					if ($key == 'mail') {
-						continue;
-					//Store shorted title
-					} elseif (is_callable([$value, 'getTitle'])) {
-						$extra[$key.'(title)'] = $value->getTitle();
-					//Store shorted id
-					} elseif (is_callable([$value, 'getId'])) {
-						$extra[$key.'(id)'] = $value->getId();
-					//Store encoded password
-					} elseif(!empty($value) && $key == 'password') {
-						$extra['password'] = $encoder->encodePassword($user, $value);
-					//Store shorted value
-					} elseif (!empty($value)) {
-						$extra[$key] = $value;
-					}
-				}
+				//Extract names and pseudonym from mail
+				$names = explode(' ', $pseudonym = ucwords(trim(preg_replace('/[^a-zA-Z]+/', ' ', current(explode('@', $data->getMail()))))));
+
+				//Set pseudonym
+				$user->setPseudonym($user->getPseudonym()??$pseudonym);
+
+				//Set forename
+				$user->setForename($user->getForename()??$names[0]);
+
+				//Set surname
+				$user->setSurname($user->getSurname()??$names[1]??$names[0]);
+
+				//Set password
+				$user->setPassword($encoder->encodePassword($user, $user->getPassword()??$data->getMail()));
+
+				//Set created
+				$user->setCreated(new \DateTime('now'));
+
+				//Set updated
+				$user->setUpdated(new \DateTime('now'));
 
-				//Set mail
-				$mail = $slugger->short($data['mail']);
+				//Persist user
+				$manager->persist($user);
 
-				//Set extra
-				$extra = $slugger->serialize($extra);
+				//Iterate on default group
+				foreach($this->config['default']['group'] as $i => $groupTitle) {
+					//Fetch group
+					if (($group = $doctrine->getRepository($this->config['class']['group'])->findOneByTitle($groupTitle))) {
+						//Set default group
+						//XXX: see vendor/symfony/security-core/Role/Role.php
+						$user->addGroup($group);
+					//Group not found
+					} else {
+						//Throw exception
+						//XXX: consider missing group as fatal
+						throw new \Exception(sprintf('Group from rapsys_user.default.group[%d] not found by title: %s', $i, $groupTitle));
+					}
+				}
 
 				//Generate each route route
 				foreach($this->config['register']['route'] as $route => $tag) {
@@ -848,9 +840,8 @@ class DefaultController extends AbstractController {
 								$this->config['route'][$route]['name'],
 								//Prepend subscribe context with tag
 								[
-									'mail' => $mail,
-									'extra' => $extra,
-									'hash' => $slugger->hash($mail.$extra)
+									'mail' => $smail = $slugger->short($data->getMail()),
+									'hash' => $slugger->hash($smail)
 								]+$this->config['route'][$route]['context'],
 								UrlGeneratorInterface::ABSOLUTE_URL
 							);
@@ -858,33 +849,17 @@ class DefaultController extends AbstractController {
 					}
 				}
 
-				//Log new user infos
-				$logger->emergency(
-					$this->translator->trans(
-						'newuser:mail=%mail%|locale=%locale%|confirm=%confirm%',
-						[
-							'%mail%' => $data['mail'],
-							'%locale%' => $request->getLocale(),
-							'%confirm%' => $registerMail['context'][$this->config['register']['route']['confirm']]
-						]
-					)
-				);
+				//XXX: DEBUG: remove me
+				//die($registerMail['context']['confirm_url']);
 
 				//Set recipient_name
-				$registerMail['context']['recipient_mail'] = $data['mail'];
+				$registerMail['context']['recipient_mail'] = $data->getMail();
 
 				//Set recipient name
 				$registerMail['context']['recipient_name'] = '';
 
-				//With forename, surname and pseudonym
-				if (isset($data['forename']) && isset($data['surname']) && isset($data['pseudonym'])) {
-					//Set recipient name
-					$registerMail['context']['recipient_name'] = implode(' ', [$data['forename'], $data['surname'], $data['pseudonym']?'('.$data['pseudonym'].')':'']);
-				//With pseudonym
-				} elseif (isset($data['pseudonym'])) {
-					//Set recipient name
-					$registerMail['context']['recipient_name'] = $data['pseudonym'];
-				}
+				//Set recipient name
+				$registerMail['context']['recipient_name'] = implode(' ', [$data->getForename(), $data->getSurname(), $data->getPseudonym()?'('.$data->getPseudonym().')':'']);
 
 				//Init subject context
 				$subjectContext = $slugger->flatten(array_replace_recursive($this->config['register']['view']['context'], $registerMail['context']), null, '.', '%', '%');
@@ -909,18 +884,31 @@ class DefaultController extends AbstractController {
 					//Set context
 					->context(['subject' => $registerMail['subject']]+$registerMail['context']);
 
-				//Try sending message
-				//XXX: mail delivery may silently fail
+				//Try saving in database
 				try {
-					//Send message
-					$mailer->send($message);
-
-					//Redirect on the same route with sent=1 to cleanup form
-					return $this->redirectToRoute($request->get('_route'), ['sent' => 1]+$request->get('_route_params'));
-				//Catch obvious transport exception
-				} catch(TransportExceptionInterface $e) {
-					//Add error message mail unreachable
-					$form->get('mail')->addError(new FormError($this->translator->trans('Account %mail% tried subscribe but unable to contact', array('%mail%' => $data['mail']))));
+					//Send to database
+					$manager->flush();
+
+					//Add error message mail already exists
+					$this->addFlash('notice', $this->translator->trans('Your account has been created'));
+
+					//Try sending message
+					//XXX: mail delivery may silently fail
+					try {
+						//Send message
+						$mailer->send($message);
+
+						//Redirect on the same route with sent=1 to cleanup form
+						return $this->redirectToRoute($request->get('_route'), ['sent' => 1]+$request->get('_route_params'));
+					//Catch obvious transport exception
+					} catch(TransportExceptionInterface $e) {
+						//Add error message mail unreachable
+						$form->get('mail')->addError(new FormError($this->translator->trans('Account %mail% tried subscribe but unable to contact', ['%mail%' => $data->getMail()])));
+					}
+				//Catch double subscription
+				} catch (UniqueConstraintViolationException $e) {
+					//Add error message mail already exists
+					$this->addFlash('error', $this->translator->trans('Account %mail% already exists', ['%mail%' => $mail]));
 				}
 			}
 		}
@@ -933,11 +921,4 @@ class DefaultController extends AbstractController {
 			['form' => $form->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['register']['view']['context']
 		);
 	}
-
-	/**
-	 * {@inheritdoc}
-	 */
-	public function getAlias() {
-		return 'rapsys_user';
-	}
 }