src/Controller/ResetPasswordController.php line 44

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\Foodtruck;
  6. use App\Entity\User;
  7. use App\Form\ChangePasswordFormType;
  8. use App\Form\ResetPasswordRequestFormType;
  9. use App\Service\FoodtruckService;
  10. use Doctrine\ORM\EntityManagerInterface;
  11. use Symfony\Bridge\Twig\Mime\TemplatedEmail;
  12. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  13. use Symfony\Component\HttpFoundation\RedirectResponse;
  14. use Symfony\Component\HttpFoundation\Request;
  15. use Symfony\Component\HttpFoundation\Response;
  16. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  17. use Symfony\Component\Mailer\MailerInterface;
  18. use Symfony\Component\Mime\Address;
  19. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  20. use Symfony\Component\Routing\Annotation\Route;
  21. use Symfony\Contracts\Translation\TranslatorInterface;
  22. use SymfonyCasts\Bundle\ResetPassword\Controller\ResetPasswordControllerTrait;
  23. use SymfonyCasts\Bundle\ResetPassword\Exception\ResetPasswordExceptionInterface;
  24. use SymfonyCasts\Bundle\ResetPassword\ResetPasswordHelperInterface;
  26. #[Route('/reset-password')]
  27. class ResetPasswordController extends AbstractController
  28. {
  29. use ResetPasswordControllerTrait;
  31. private $resetPasswordHelper;
  32. private $entityManager;
  34. public function __construct(ResetPasswordHelperInterface $resetPasswordHelper, EntityManagerInterface $entityManager)
  35. {
  36. $this->resetPasswordHelper = $resetPasswordHelper;
  37. $this->entityManager = $entityManager;
  38. }
  40. /**
  41. * Display & process form to request a password reset.
  42. */
  43. #[Route('', name: 'app_forgot_password_request')]
  44. public function request(Request $request, MailerInterface $mailer, TranslatorInterface $translator, FoodtruckService $foodtruckService): Response
  45. {
  46. //Détection du foodtruck
  47. $foodtruck = $foodtruckService->controleFoodtruck($request);
  48. if(is_object($foodtruck))
  49. {
  51. } else {
  52. $foodtruck = new Foodtruck;
  53. }
  55. $form = $this->createForm(ResetPasswordRequestFormType::class);
  56. $form->handleRequest($request);
  58. if ($form->isSubmitted() && $form->isValid()) {
  59. return $this->processSendingPasswordResetEmail(
  60. $form->get('email')->getData(),
  61. $mailer,
  62. $translator,
  63. $foodtruck
  64. );
  65. }
  67. return $this->render('reset_password/request.html.twig', [
  68. 'requestForm' => $form->createView(),
  69. // 'foodtruck' => $foodtruck,
  70. ]);
  71. }
  73. /**
  74. * Confirmation page after a user has requested a password reset.
  75. */
  76. #[Route('/check-email', name: 'app_check_email')]
  77. public function checkEmail(): Response
  78. {
  79. // Generate a fake token if the user does not exist or someone hit this page directly.
  80. // This prevents exposing whether or not a user was found with the given email address or not
  81. if (null === ($resetToken = $this->getTokenObjectFromSession())) {
  82. $resetToken = $this->resetPasswordHelper->generateFakeResetToken();
  83. }
  85. return $this->render('reset_password/check_email.html.twig', [
  86. 'resetToken' => $resetToken,
  87. ]);
  88. }
  90. /**
  91. * Validates and process the reset URL that the user clicked in their email.
  92. */
  93. #[Route('/reset/{token}', name: 'app_reset_password')]
  94. public function reset(Request $request, UserPasswordHasherInterface $passwordHasher, TranslatorInterface $translator, string $token = null): Response
  95. {
  96. if ($token) {
  97. // We store the token in session and remove it from the URL, to avoid the URL being
  98. // loaded in a browser and potentially leaking the token to 3rd party JavaScript.
  99. $this->storeTokenInSession($token);
  101. return $this->redirectToRoute('app_reset_password');
  102. }
  104. $token = $this->getTokenFromSession();
  105. if (null === $token) {
  106. throw $this->createNotFoundException('Aucun token de changement de mot de passe trouvé dans l\'URL ou dans la session.');
  107. }
  109. try {
  110. $user = $this->resetPasswordHelper->validateTokenAndFetchUser($token);
  111. } catch (ResetPasswordExceptionInterface $e) {
  112. $this->addFlash('reset_password_error', sprintf(
  113. '%s - %s',
  114. $translator->trans(ResetPasswordExceptionInterface::MESSAGE_PROBLEM_VALIDATE, [], 'ResetPasswordBundle'),
  115. $translator->trans($e->getReason(), [], 'ResetPasswordBundle')
  116. ));
  118. return $this->redirectToRoute('app_forgot_password_request');
  119. }
  121. // The token is valid; allow the user to change their password.
  122. $form = $this->createForm(ChangePasswordFormType::class);
  123. $form->handleRequest($request);
  125. if ($form->isSubmitted() && $form->isValid()) {
  126. // A password reset token should be used only once, remove it.
  127. $this->resetPasswordHelper->removeResetRequest($token);
  129. // Encode(hash) the plain password, and set it.
  130. $encodedPassword = $passwordHasher->hashPassword(
  131. $user,
  132. $form->get('plainPassword')->getData()
  133. );
  135. $user->setPassword($encodedPassword);
  136. $this->entityManager->flush();
  138. // The session is cleaned up after the password has been changed.
  139. $this->cleanSessionAfterReset();
  141. return $this->redirectToRoute('app_login');
  142. }
  144. return $this->render('reset_password/reset.html.twig', [
  145. 'resetForm' => $form->createView(),
  146. ]);
  147. }
  149. private function processSendingPasswordResetEmail(string $emailFormData, MailerInterface $mailer, TranslatorInterface $translator, Foodtruck $foodtruck): RedirectResponse
  150. {
  151. $user = $this->entityManager->getRepository(User::class)->findOneBy([
  152. 'email' => $emailFormData,
  153. ]);
  155. // Do not reveal whether a user account was found or not.
  156. if (!$user) {
  157. return $this->redirectToRoute('app_check_email');
  158. }
  160. try {
  161. $resetToken = $this->resetPasswordHelper->generateResetToken($user);
  162. } catch (ResetPasswordExceptionInterface $e) {
  163. // If you want to tell the user why a reset email was not sent, uncomment
  164. // the lines below and change the redirect to 'app_forgot_password_request'.
  165. // Caution: This may reveal if a user is registered or not.
  166. //
  167. // $this->addFlash('reset_password_error', sprintf(
  168. // '%s - %s',
  169. // $translator->trans(ResetPasswordExceptionInterface::MESSAGE_PROBLEM_HANDLE, [], 'ResetPasswordBundle'),
  170. // $translator->trans($e->getReason(), [], 'ResetPasswordBundle')
  171. // ));
  173. return $this->redirectToRoute('app_check_email');
  174. }
  176. $email = (new TemplatedEmail())
  177. ->from(new Address($this->getParameter('MAILER_FROM_ADDRESS'), 'FSM Security'))
  178. ->to($user->getEmail())
  179. ->subject('Demande de réinitialisation de votre mot de passe pour accéder au foodtruck '.$foodtruck->getLibelle().'')
  180. ->htmlTemplate('reset_password/email.html.twig')
  181. ->context([
  182. 'resetToken' => $resetToken,
  183. 'foodtruck' => $foodtruck,
  184. ])
  185. ;
  187. $mailer->send($email);
  189. // Store the token object in session for retrieval in check-email route.
  190. $this->setTokenObjectInSession($resetToken);
  192. return $this->redirectToRoute('app_check_email');
  193. }
  194. }