Redirect user after login to user settings, if he needs to change password.

src/Controller/RedirectController.php

@@ -34,14 +34,20 @@ namespace App\Controller;
 use App\Entity\UserSystem\User;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Session\SessionInterface;
+use Symfony\Contracts\Translation\TranslatorInterface;
 
 class RedirectController extends AbstractController
 {
     protected $default_locale;
+    protected $translator;
+    protected $session;
 
-    public function __construct(string $default_locale)
+    public function __construct(string $default_locale, TranslatorInterface $translator, SessionInterface $session)
     {
         $this->default_locale = $default_locale;
+        $this->session = $session;
+        $this->translator = $translator;
     }
 
     public function addLocalePart(Request $request)
@@ -55,9 +61,14 @@ class RedirectController extends AbstractController
             $locale = $user->getLanguage();
         }
 
+        //Check if the user needs to change the password. In that case redirect him to settings_page
+        if ($user instanceof User && $user->isNeedPwChange()) {
+            $this->session->getFlashBag()->add('warning', $this->translator->trans('flash.password_change_needed'));
+            return $this->redirectToRoute('user_settings', ['_locale' => $locale]);
+        }
+
         //$new_url = str_replace($request->getPathInfo(), '/' . $locale . $request->getPathInfo(), $request->getUri());
         $new_url = $request->getUriForPath('/' . $locale . $request->getPathInfo());
-
         return $this->redirect($new_url);
     }
 }

src/Controller/UserController.php

@@ -164,6 +164,10 @@ class UserController extends AdminPages\BaseAdminController
          */
         $user = $this->getUser();
 
+        if(!$user instanceof User) {
+            return new \RuntimeException("This controller only works only for Part-DB User objects!");
+        }
+
         //When user change its settings, he should be logged  in fully.
         $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
 
@@ -208,6 +212,10 @@ class UserController extends AdminPages\BaseAdminController
         if ($pw_form->isSubmitted() && $pw_form->isValid()) {
             $password = $passwordEncoder->encodePassword($user, $pw_form['new_password']->getData());
             $user->setPassword($password);
+
+            //After the change reset the password change needed setting
+            $user->setNeedPwChange(false);
+
             $em->persist($user);
             $em->flush();
             $this->addFlash('success', 'user.settings.pw_changed_flash');

src/EventSubscriber/LoginSuccessListener.php

@@ -0,0 +1,84 @@
+<?php
+/**
+ *
+ * part-db version 0.1
+ * Copyright (C) 2005 Christoph Lechner
+ * http://www.cl-projects.de/
+ *
+ * part-db version 0.2+
+ * Copyright (C) 2009 K. Jacobs and others (see authors.php)
+ * http://code.google.com/p/part-db/
+ *
+ * Part-DB Version 0.4+
+ * Copyright (C) 2016 - 2019 Jan Böhmer
+ * https://github.com/jbtronics
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
+ *
+ */
+
+namespace App\EventSubscriber;
+
+
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+use Symfony\Component\HttpFoundation\Session\Flash\FlashBagInterface;
+use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
+use Symfony\Component\Security\Http\SecurityEvents;
+use Symfony\Contracts\Translation\TranslatorInterface;
+
+/**
+ * This event listener shows an login successful flash to the user after login.
+ * @package App\EventSubscriber
+ */
+class LoginSuccessListener implements EventSubscriberInterface
+{
+
+    protected $translator;
+    protected $flashBag;
+
+    public function __construct(TranslatorInterface $translator, FlashBagInterface $flashBag)
+    {
+        $this->translator = $translator;
+        $this->flashBag = $flashBag;
+    }
+
+    public function onLogin(InteractiveLoginEvent $event)
+    {
+        $this->flashBag->add('notice', $this->translator->trans('flash.login_successful'));
+    }
+
+    /**
+     * Returns an array of event names this subscriber wants to listen to.
+     *
+     * The array keys are event names and the value can be:
+     *
+     *  * The method name to call (priority defaults to 0)
+     *  * An array composed of the method name to call and the priority
+     *  * An array of arrays composed of the method names to call and respective
+     *    priorities, or 0 if unset
+     *
+     * For instance:
+     *
+     *  * ['eventName' => 'methodName']
+     *  * ['eventName' => ['methodName', $priority]]
+     *  * ['eventName' => [['methodName1', $priority], ['methodName2']]]
+     *
+     * @return array The event names to listen to
+     */
+    public static function getSubscribedEvents()
+    {
+        return [SecurityEvents::INTERACTIVE_LOGIN => 'onLogin'];
+    }
+}