src/Controller/ResetPasswordController.php line 32

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Controller\CoreController;
  6. use App\Entity\User;
  7. use App\Form\ChangePasswordFormType;
  8. use App\Form\ResetPasswordRequestFormType;
  9. use Symfony\Component\HttpFoundation\RedirectResponse;
  10. use Symfony\Component\HttpFoundation\Request;
  11. use Symfony\Component\HttpFoundation\Response;
  12. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  13. use Symfony\Component\Routing\Annotation\Route;
  14. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  15. use SymfonyCasts\Bundle\ResetPassword\Controller\ResetPasswordControllerTrait;
  16. use SymfonyCasts\Bundle\ResetPassword\Exception\ResetPasswordExceptionInterface;
  17. use SymfonyCasts\Bundle\ResetPassword\ResetPasswordHelperInterface;
  19. /**
  20.  * @Route("/password/reset-password")
  21.  */
  22. class ResetPasswordController extends CoreController
  23. {
  24.     use ResetPasswordControllerTrait;
  26.     /**
  27.      * Display & process form to request a password reset.
  28.      *
  29.      * @Route("", name="app_forgot_password_request")
  30.      * @Route("/front/{myflix}", name="app_forgot_password_request_myflix")
  31.      */
  32.     public function request(ResetPasswordHelperInterface $resetPasswordHelper): Response
  33.     {
  34.         $myflix $this->requestStack->getCurrentRequest()->attributes->get('myflix');
  35.         if(!is_null($myflix)) {
  36.             $getMyflix $this->repository->MyflixRepository->findOneBy(['slug' => $myflix]);
  37.             if (!$getMyflix) {
  38.                 return $this->redirectToRoute('error_404');
  39.             }
  40.         }
  42.         $form $this->createForm(ResetPasswordRequestFormType::class);
  43.         $form->handleRequest($this->requestStack->getCurrentRequest());
  45.         if ($form->isSubmitted() && $form->isValid()) {
  46.             return $this->processSendingPasswordResetEmail(
  47.                 $this->requestStack->getCurrentRequest(),
  48.                 $form->get('email')->getData(),
  49.                 $myflix,
  50.                 $resetPasswordHelper
  51.             );
  52.         }
  54.         if(!is_null($myflix)) {
  55.             return $this->render('security/reset_password/request_myflix.html.twig', [
  56.                 'requestForm' => $form->createView(),
  57.                 'myflix' => $myflix
  58.             ]);
  59.         }else{
  60.             return $this->render('security/reset_password/request.html.twig', [
  61.                 'requestForm' => $form->createView(),
  62.             ]);
  63.         }
  65.     }
  67.     /**
  68.      * Confirmation page after a user has requested a password reset.
  69.      *
  70.      * @Route("/check-email", name="app_check_email")
  71.      * @Route("/check-email/{myflix}", name="app_check_email_myflix")
  72.      */
  73.     public function checkEmail(): Response
  74.     {
  75.         $myflix $this->requestStack->getCurrentRequest()->attributes->get('myflix');
  76.         if(!is_null($myflix)) {
  77.             $getMyflix $this->repository->MyflixRepository->findOneBy(['slug' => $myflix]);
  78.             if (!$getMyflix) {
  79.                 return $this->redirectToRoute('error_404');
  80.             }
  81.         }
  83.         // We prevent users from directly accessing this page
  84.         if (null === ($resetToken $this->getTokenObjectFromSession())) {
  85.             if(!is_null($myflix)) {
  86.                 return $this->redirectToRoute('app_forgot_password_request_myflix', ['myflix' => $myflix]);
  87.             }else {
  88.                 return $this->redirectToRoute('app_forgot_password_request');
  89.             }
  90.         }
  92.         if(!is_null($myflix)) {
  93.             return $this->render('security/reset_password/check_email_myflix.html.twig', [
  94.                 'resetToken' => $resetToken,
  95.                 'myflix' => $myflix
  96.             ]);
  97.         }else{
  98.             return $this->render('security/reset_password/check_email.html.twig', [
  99.                 'resetToken' => $resetToken,
  100.             ]);
  101.         }
  102.     }
  104.     /**
  105.      * Validates and process the reset URL that the user clicked in their email.
  106.      *
  107.      * @Route("/reset/{token}", name="app_reset_password")
  108.      * @Route("/reset/{token}/{myflix}", name="app_reset_password_myflix")
  109.      */
  110.     public function reset(string $token nullResetPasswordHelperInterface $resetPasswordHelper): Response
  111.     {
  112.         $session $this->requestStack->getSession();
  113.         $myflix $this->requestStack->getCurrentRequest()->attributes->get('myflix');
  115.         if(!is_null($myflix)) {
  116.             $getMyflix $this->repository->MyflixRepository->findOneBy(['slug' => $myflix]);
  117.             if (!$getMyflix) {
  118.                 return $this->redirectToRoute('error_404');
  119.             }
  120.         }
  122.         if ($token) {
  123.             // We store the token in session and remove it from the URL, to avoid the URL being
  124.             // loaded in a browser and potentially leaking the token to 3rd party JavaScript.
  125.             $this->storeTokenInSession($token);
  127.             $myflix_reset_password = !is_null($myflix) ? $myflix '';
  128.             $session->set('myflix_reset_password'$myflix_reset_password);
  130.             return $this->redirectToRoute('app_reset_password');
  131.         }
  133.         $token $this->getTokenFromSession();
  134.         if (null === $token) {
  135.             throw $this->createNotFoundException('No reset password token found in the URL or in the session.');
  136.         }
  138.         try {
  139.             $user $resetPasswordHelper->validateTokenAndFetchUser($token);
  140.         } catch (ResetPasswordExceptionInterface $e) {
  141.             $pos strpos($e->getReason(), 'The reset password link is invalid');
  142.             if ($pos === false) {
  143.                 $msg $e->getReason();
  144.             } else {
  145.                 $msg $this->translator->trans('text.msg_eroor_lien_reset_request');
  146.             }
  148.             $this->addFlash('reset_password_error'sprintf(
  149.                 $this->translator->trans('text.msg_eroor_validating_reset_request').' - %s',
  150.                 $msg
  151.             ));
  153.             if($session->get('myflix_reset_password') != '') {
  154.                 $session->set('myflix_reset_password'null);
  155.                 return $this->redirectToRoute('app_forgot_password_request_myflix', ['myflix' => $session->get('myflix_reset_password')]);
  156.             }else {
  157.                 return $this->redirectToRoute('app_forgot_password_request');
  158.             }
  159.         }
  161.         // The token is valid; allow the user to change their password.
  162.         $form $this->createForm(ChangePasswordFormType::class);
  163.         $form->handleRequest($this->requestStack->getCurrentRequest());
  165.         if ($form->isSubmitted() && $form->isValid()) {
  166.             // A password reset token should be used only once, remove it.
  167.             $resetPasswordHelper->removeResetRequest($token);
  169.             // Encode the plain password, and set it.
  170.             $hashedPassword $this->passwordHasher->hashPassword(
  171.                 $user,
  172.                 $form->get('plainPassword')->getData()
  173.             );
  174.             $user->setPassword($hashedPassword);
  176.             $passwordEncrypt $this->encryptPassword($form->get('plainPassword')->getData());
  177.             $user->setPasswordEncrypt($passwordEncrypt);
  179.             $myflix_slug $this->requestStack->getCurrentRequest()->get('slug_myflix');
  181.             $this->update();
  183.             // The session is cleaned up after the password has been changed.
  184.             $this->cleanSessionAfterReset();
  186.             $this->addFlash('success'$this->translator->trans('text.msg_success_password_successfully_changed'));
  188.             if(!empty($myflix_slug)){
  189.                 return $this->redirectToRoute('app_login_membre', ['myflix' => $myflix_slug]);
  190.             }else{
  191.                 return $this->redirectToRoute('app_login');
  192.             }
  194.         }
  196.         if(!empty($session->get('myflix_reset_password'))){
  197.             return $this->render('security/reset_password/reset_myflix.html.twig', [
  198.                 'resetForm' => $form->createView(),
  199.                 'myflix' => $session->get('myflix_reset_password')
  200.             ]);
  201.         }else{
  202.             return $this->render('security/reset_password/reset.html.twig', [
  203.                 'resetForm' => $form->createView(),
  204.                 'myflix' => $session->get('myflix_reset_password')
  205.             ]);
  206.         }
  207.     }
  209.     private function processSendingPasswordResetEmail($requeststring $emailFormData$myflixResetPasswordHelperInterface $resetPasswordHelper): RedirectResponse
  210.     {
  211.         $user $this->repository->UserRepository->findOneBy([
  212.             'email' => $emailFormData,
  213.         ]);
  215.         // Do not reveal whether a user account was found or not.
  216.         if (!$user) {
  217.             if(!is_null($myflix)) {
  218.                 return $this->redirectToRoute('app_check_email_myflix', ['myflix' => $myflix]);
  219.             }else {
  220.                 return $this->redirectToRoute('app_check_email');
  221.             }
  222.         }
  224.         try {
  225.             $resetToken $resetPasswordHelper->generateResetToken($user);
  227.             /** send mail to partner **/
  228.             $data_mess = [
  229.                 'resetToken' => $resetToken,
  230.                 'myflix' => $myflix
  231.             ];
  233.             $mailerSender $this->getParameter('mailer.support_email');
  234.             $template 'back/default/emails/notif_reset_password.html.twig';
  235.             $subject $this->translator->trans('text.msg_eroor_lien_reset_request');
  237.             $sendingMailOperation $this->mailer->send($mailerSender,
  238.                 trim($emailFormData),
  239.                 $template,
  240.                 $subject,
  241.                 null,
  242.                 $data_mess
  243.             );
  245.         } catch (ResetPasswordExceptionInterface $e) {
  246.             // If you want to tell the user why a reset email was not sent, uncomment
  247.             // the lines below and change the redirect to 'app_forgot_password_request'.
  248.             // Caution: This may reveal if a user is registered or not.
  249.             //
  250.             // $this->addFlash('reset_password_error', sprintf(
  251.             //     'There was a problem handling your password reset request - %s',
  252.             //     $e->getReason()
  253.             // ));
  255.             if(!is_null($myflix)) {
  256.                 return $this->redirectToRoute('app_check_email_myflix', ['myflix' => $myflix]);
  257.             }else {
  258.                 return $this->redirectToRoute('app_check_email');
  259.             }
  260.         }
  262.         // Store the token object in session for retrieval in check-email route.
  263.         $this->setTokenObjectInSession($resetToken);
  266.         if(!is_null($myflix)) {
  267.             return $this->redirectToRoute('app_check_email_myflix', ['myflix' => $myflix]);
  268.         }else {
  269.             return $this->redirectToRoute('app_check_email');
  270.         }
  271.     }
  272. }